Professional Documents
Culture Documents
SPPA-T3000 Section 12
t_
Course : K-T3ADM1 Web Security
en
ud
st
Section 12
Kursunterlagen für Mathivanan Anbazhagan, student_1
Web Security t_
1
en
ud
t_
Course : K-T3ADM1 Web Security
en
Contents Page
ud
12 Web Security
st
12 Web Security .......................................................................................................................... 0
12.1 Introduction ..................................................................................................................... 1
12.2 Access Protection ........................................................................................................... 2
12.2.1 Why does access to the T3000 system have to be safeguarded? ...................................... 2
12.2.2 What risk os posed by such access and what consequences could it have? ...................... 3
12.3 Security Requirements regarding SPPA-T3000 ............................................................. 4
12.3.1 Generally........................................................................................................................... 4
12.3.2 Security Requirements regarding Thin Client ..................................................................... 6
12.3.3 Highest Commandment Gebot: Secrecy ............................................................................ 8
Kursunterlagen für Mathivanan Anbazhagan, student_1
t_
Course : K-T3ADM1 Web Security
en
12.1 Introduction
ud
st
SPPA-T3000 Web Security
What security requirements can be derived from these risks and what
security concept has been developed on the basis of those risks?
The principles of "access from the outside" are explained on the basis
of the example scenarios "Access from an office PC by terminal server
within a DMZ network" and "Access from a hotline PC using a VPN
tunnel".
1
Course : K-T3ADM1 Web Security
t_
en
12.2 Access Protection
12.2.1 Why does access to the T3000 system have to be safeguarded?
ud
st
Access Protection
t_
Course : K-T3ADM1 Web Security
en
ud
12.2.2 What risk os posed by such access and what consequences could it have?
st
Risk/Consequences due to
Unintentional or Forbidden Access
What risk is posed by such access and what consequences could it
have?
t_
Course : K-T3ADM1 Web Security
en
12.3 Security Requirements regarding SPPA-T3000
ud
12.3.1 Generally
st
Security Requirements
Access from the outside may only take place via defined
connections or access points
e.g. via defined routers and
defined dial-in points (applicable to the hotline and to the
customer's standby service)
Restricted / © Siemens AG 2013. All rights reserved.
1
t_
en
ud
Security Requirements
st
Block undesirable applications or network protocols
1
Course : K-T3ADM1 Web Security
t_
en
12.3.2 Security Requirements regarding Thin Client
ud
Security Requirements
st
"Hardening" (locking) of the thin client by reducing Windows
functionality to the minimum level needed for control room operation
t_
Course : K-T3ADM1 Web Security
en
ud
st
Security Requirements
1
Course : K-T3ADM1 Web Security
t_
en
12.3.3 Highest Commandment Gebot: Secrecy
ud
st
Security Requirements
1
Course : K-T3ADM1 Web Security
t_
12.4 Security Conecept
en
ud
Security Concept
st
On the basis of what has just been discussed,
a security concept has been developed for SPPA-T3000
1
Course : K-T3ADM1 Web Security
t_
en
12.4.1 Security Cell
ud
Security Concept –
st
Security Cell
What is a security cell?
General definition: A security cell is an isolated zone that offers the
best possible protection against negative influences.
1
t_
en
ud
Security Concept –
Security Cell "Control System"
st
User
Interface
Presentation
Layer
Thin
Clients
Security cell "Control System"
Application
Kursunterlagen für Mathivanan Anbazhagan, student_1
Server
Automation
Server
Process
Data
Interfaces
Layer
1
t_
en
ud
Security Concept –
st
Insecure Cell Internet/Intranet
Internet/Intranet (corporate network)
Thin
User
Presentation Clients
Interface
Layer
Security cell "Control System"
Application
Server
Kursunterlagen für Mathivanan Anbazhagan, student_1
Automation
Server
Process
Data
Interfaces
Layer
E F IE 28 Training Center
st
t_
en
ud
st
Security Concept –
Security Cell DMZ Net
Internet/Intranet (corporate network)
Thin
User
Presentation Clients
Interface
DMZ net (Demilitarized Zone)
Layer
Security cell "Control System"
Application
Server
Kursunterlagen für Mathivanan Anbazhagan, student_1
Automation
Server
Process
Data
Interfaces
Layer
1
t_
en
12.4.2 Communication Principle
ud
Security Concept –
Communication Principle
st
A restrictive basic attitude is applied to data communication with the
security cell "control system" or the DMZ net:
1
t_
12.5 Access from „Inside“ or from „Outside“
en
ud
Access from “Inside" or from
“Outside"
st
All access to the SPPA-T3000 system gained from within the security
cell "control system" is referred to as "access from the inside".
All access to the SPPA-T3000 system gained from outside the security
cell "control system" is referred to as "access from outside"; in other
words, "external" or "outside world" includes all systems which are not
part of the security cell "control system" but should or could have
access to it.
Kursunterlagen für Mathivanan Anbazhagan, student_1
1
t_
12.6 Examples of Access Scenarios
en
ud
Examples of Access Scenarios
st
To illustrate what has just been said, we will speak in the following of
what we call "access scenarios".
1
t_
en
12.6.1 Inside the “Control System”
ud
Inside the “Control System" –
Access and Risk
st
How is access to SPPA-T3000 gained from inside the "control
system"?
As a rule, access is gained by means of a Thin Client.
It is operated directly on the Application Highway.
"Control System" An external risk is irrelevant in this case
because an autonomous network is involved.
Kursunterlagen für Mathivanan Anbazhagan, student_1
TC TC TC
Auto HW
1
t_
en
12.6.2 Principle of Access from Outside the “Control System”
ud
Principle of Access from Outside the
st
“Control System"
How is access to SPPA-T3000 gained from outside the "control
system" in principle?
Here again, access is gained by means of a Thin Client. However,
as it is located outside the "control system", this kind of access is
referred to as access from an "insecure zone".
"Control System" Intranet (corporate network)
Kursunterlagen für Mathivanan Anbazhagan, student_1
TC TC Router TC
Appl. Sv
Auto HW
This case involves a high risk because this kind of network is usually
very big and has a large number of users. This means there is an
increased risk of computer viruses, for example.
Restricted / © Siemens AG 2013. All rights reserved.
E F IE 28 Training Center
st
1
Course : K-T3ADM1 Web Security
t_
en
ud
Reducing the Risk of Access from
st
Outside the “Control System"
How can the risk be reduced?
Fig. 12_19 Reducing the Risk of Access from Outside the „Control System“ 1
1
t_
en
ud
1
t_
en
ud
Reducing the Risk of Access from
Outside the “Control System"
st
The risk can be reduced further by installing a firewall between the
networks of the "control system" and the Intranet.
"Control System" Intranet (corporate network)
Router with
TC TC firewall TC
Appl. Sv
Auto HW
Fig. 12_20 Reducing the Risk of Access from Outside the „Control System“ 2
1
t_
en
ud
st
t_
Course : K-T3ADM1 Web Security
en
12.7 Methods of Access from Outside the „Control System“
ud
st
Methods of Access from Outside the
“Control System"
In connection with the security concept, the principles of gaining
access from the outside world to SPPA-T3000 will be explained on
the basis of two methods
t_
Course : K-T3ADM1 Web Security
en
ud
12.7.1 Access from an Office PC by Terminal Server Within a DMZ Network
st
Scenario: DMZ Net
Why does access take place via a terminal server in the DMZ net?
1
Course : K-T3ADM1 Web Security
t_
en
ud
Scenario: DMZ Net
st
Operation of an office PC on the Intranet with access via a terminal
server that is located within a DMZ net
Intranet (corporate network)
TC
Office network
Kursunterlagen für Mathivanan Anbazhagan, student_1
Internet
Appl. HW
DMZ net
Appl. Sv
Auto HW
Terminal Server
1
t_
en
12.7.2 Access from a Hotline PC using a VPN Tunnel
ud
Scenario: VPN Tunnel
st
Why does access take place by means of a VPN tunnel?
1
Course : K-T3ADM1 Web Security
t_
en
ud
st
Scenario: VPN Tunnel
TC
Office network
Kursunterlagen für Mathivanan Anbazhagan, student_1
Appl. HW
PC
DMZ net
Appl. Sv VPN tunnel
Auto HW
Terminal Server
t_
Course : K-T3ADM1 Web Security
en
12.8 Terms and Definitions
ud
12.8.1 Router
st
Terms and Definitions –
Router
What is a router?
To do this, the router requires one separate interface for each self-
contained network.
Kursunterlagen für Mathivanan Anbazhagan, student_1
To this end, the router uses a locally existing table, the routing
table. It specifies which network can be reached through which
interfaces (= IP addresses of the distant routers).
E F IE 28 Training Center
ud
1
t_
en
12.8.2 Firewall
ud
Terms and Definitions –
Firewall
st
What is a firewall?
1
Course : K-T3ADM1 Web Security
t_
en
12.8.3 DMZ Net
ud
st
Terms and Definitions –
DMZ Net
What is a DMZ or a DMZ net?
The systems set up in the DMZ are screened off against other
networks (e.g. the Internet) by means of firewalls.
Kursunterlagen für Mathivanan Anbazhagan, student_1
t_
en
12.8.4 Terminal Server
ud
st
Terms and Definitions –
Terminal Server
What is a terminal server?
Like on any normal PC, several different programs can run on any
emulated terminal.
Kursunterlagen für Mathivanan Anbazhagan, student_1
t_
en
12.8.5 VPN Tunnel
ud
st
Terms and Definitions –
VPN Tunnel
What is a VPN tunnel?