A Security Framework for Secure Host-to-Host Environments

  • Togu Sianturi Universitas Indonesia
  • Kalamullah Ramli Universitas Indonesia
Keywords: end-to-end communication, MPLS, metro ethernet, SD-WAN, data exchange, data security

Abstract

Data security is an infrastructure designed to protect and secure data from unauthorized access, data manipulation, malfunction, destruction, and inappropriate data disclosure. Currently, organizations widely use data transfer to validate and verify data using different media particularly in host-to-host connections. This research focuses on data exchanged (end-to-end communication) using Multi Protocol Label Switching (MPLS), metro ethernet, and Software Defined Wide Area Network (SD-WAN) network architecture with third parties. This research aims to develop a design and analysis framework for verifying data transferred from one host to another in ABC organization by applicable security standards that are appropriate and follow its needs to help the organization. Furthermore, the analysis result is used as materials for drafting a cybersecurity framework through the three standards ISO/EIC 27001:2013, NIST SP800-161, and ITU-T X.805. The methodology used in this study is the comparative analysis of three frameworks, requirement analysis, and content analysis to develop a framework. The framework proposed of eight security dimensions, five threats, and providing mitigation is expected to enhance the security system of data exchange on host-to-host connections in ABC organization.

 

Downloads

Download data is not yet available.

References

A. Gurtu and J. Johny, "Supply Chain Risk Management: Literature Review," Risks, vol. 9, no. 1, 2021, doi: 10.3390/risks9010016.

"Network Infrastructure Security Guidance," National Security Agency, 2022, vol. Version 1.0.

G. Lu and X. Koufteros, "Organizing Practices to Combat Supply Chain Security Breaches," IEEE Engineering Management Review, vol. 47, no. 3, pp. 72-78, 2019, doi: 10.1109/EMR.2019.2931540.

G. Culot, F. Fattori, M. Podrecca, and M. Sartor, "Addressing Industry 4.0 Cybersecurity Challenges," IEEE Engineering Management Review, vol. 47, no. 3, pp. 79-86, 2019, doi: 10.1109/EMR.2019.2927559.

V. Mikhalev, L. Gomez, F. Armknecht, and J. Márquez, "Towards End-to-End Data Protection in Low-Power Networks," 2018, pp. 3-18.

F. Bensalah, N. El Kamoun, and A. Bahnasse, "Scalability Evaluation of VOIP over Various MPLS Tunneling under OPNET Modeler," Indian Journal of Science and Technology 10, pp. 1-7, 2017.

L. Velasco, J. Perelló, and G. Junyent, "Metro Ethernet Networks (MEN)," Optical Communication Group - Universitat Politècnica de Cataluya (UPC), pp. 185-197, 2014.

W. Sun, Y. Li, and S. Guan, "An Improved Method of DDoS Attack Detection for Controller of SDN," in 2019 IEEE 2nd International Conference on Computer and Communication Engineering Technology (CCET), 16-18 Aug. 2019 2019, pp. 249-253, doi: 10.1109/CCET48361.2019.8989356.

S. Troia, L. M. M. Zorello, A. J. Maralit, and G. Maier, "SD-WAN: An Open-Source Implementation for Enterprise Networking Services," in 2020 22nd International Conference on Transparent Optical Networks (ICTON), 19-23 July 2020 2020, pp. 1-4, doi: 10.1109/ICTON51198.2020.9203058.

F. Aldeeb and A. Ali Ahmed, Software Defined Wide Area Network SD-WAN: Principles and Architecture. 2021.

M. Yasin, A. A. Arman, I. J. M. Edward, and W. Shalannanda, "Designing Information Security Governance Recommendations and Roadmap Using COBIT 2019 Framework and ISO 27001:2013 (Case Study Ditreskrimsus Polda XYZ)," in 2020 14th International Conference on Telecommunication Systems, Services, and Applications (TSSA, 4-5 Nov. 2020 2020, pp. 1-5, doi: 10.1109/TSSA51342.2020.9310875.

Angraini, Megawati, and L. Haris, "Risk Assessment on Information Asset an academic Application Using ISO 27001," in 2018 6th International Conference on Cyber and IT Service Management (CITSM), 7-9 Aug. 2018 2018, pp. 1-4, doi: 10.1109/CITSM.2018.8674294.

L. Al-Alawi, R. Al-Busaidi, and S. Ali, "Applying NIST SP 800-161 in Supply Chain Processes Empowered by Artificial Intelligence," in 2021 22nd International Arab Conference on Information Technology (ACIT), 21-23 Dec. 2021 2021, pp. 1-8, doi: 10.1109/ACIT53391.2021.9677393.

J. Martínez and J. M. Durán, "Software Supply Chain Attacks, a Threat to Global Cybersecurity: SolarWinds’ Case Study," International Journal of Safety and Security Engineering, vol. Vol. 11, No. 5, pp. 537-545, 2021, doi: https://doi.org/10.18280/ijsse.110505.

P. J. G. Guerra and D. A. S. Estay, "An Impact-wave Analogy for Managing Cyber Risks in Supply Chains," in 2018 IEEE International Conference on Industrial Engineering and Engineering Management (IEEM), 16-19 Dec. 2018 2018, pp. 61-65, doi: 10.1109/IEEM.2018.8607563.

T. Kieras, J. Farooq, and Q. Zhu, "I-SCRAM: A Framework for IoT Supply Chain Risk Analysis and Mitigation Decisions," IEEE Access, vol. 9, pp. 29827-29840, 2021, doi: 10.1109/ACCESS.2021.3058338.

P. Rathod, V. Julkunen, T. Kaisti, and J. Nissilä, "Automatic acceptance testing of the web application security with ITU-T X.805 framework," in 2015 Second International Conference on Computer Science, Computer Engineering, and Social Media (CSCESM), 21-23 Sept. 2015 2015, pp. 103-108, doi: 10.1109/CSCESM.2015.7331876.

M. Asghar and A. Amjad, "Securing Insecure Web API’s in Cloud Computing," vol. 68, 2018.

Published
2022-06-30
How to Cite
Sianturi, T., & Kalamullah Ramli. (2022). A Security Framework for Secure Host-to-Host Environments. Jurnal RESTI (Rekayasa Sistem Dan Teknologi Informasi), 6(3), 380 - 386. https://doi.org/10.29207/resti.v6i3.4018
Section
Artikel Teknologi Informasi