Безопасность информационных технологий (Dec 2023)
Technological platform for the implementation of the cybersecurity network concept ("Cybersecurity Mesh")
Abstract
An analytical review of methods and modern means of countering computer attacks on distributed information infrastructure shows that one of the promising solutions to this problem is the practical implementation of the concept of "Cybersecurity Mesh" (cybersecurity networks"). It involves the application of such an approach that will eliminate specific threats associated with the actual "blurring" of the physical boundaries of the corporate information system by switching to point protection of any remote object. To provide the necessary functionality for such a reliable and secure connection of critical information infrastructure (CII) objects, it is proposed to use a single cloud platform combining several well-known and already used solutions as the technological basis of a cybersecurity network. These include: 5G standard mobile communications, Secure Access Border Service (SASE) and Advanced Detection and Response Service (XDR). This paper analyzes the features of these main elements of such a platform in relation to the implementation of the concept of a distributed CII cybersecurity network in terms of the implementation of its functionality. Further, the issues of the necessary software restructuring of the corporate segment of the Internet in the conditions of the impossibility of full control of its physical infrastructure are considered. Such a task is solved by creating an appropriate cyber level on top of the traditional Internet infrastructure, technologically implemented on the basis of its three main components: cyber control, cyber node and trust node. Functional requirements for these components are described in detail, as well as technological modular solutions for the transition to point protection of each CII object. The obtained results of the conducted research can become a methodological basis for the transition to the design stage of a specific corporate cybersecurity network after the mandatory feasibility study based on risk analysis, since the practical implementation of the analyzed proposals is a complex and expensive process, especially if the necessary restructuring of existing network security systems.
Keywords