Title :
Developing a Threat Model for Enterprise Storage Area Networks
Author :
DeCusatis, Casimer
Author_Institution :
IBM Corp., Poughkeepsie, NY
Abstract :
The need for improved security has been widely recognized in the information technology industry, particularly for enterprise storage area networks (SANs). However, until recently there has been relatively little development of threat models which specifically address the unique requirements of these networks. In this paper, we present a method for quantifying risk, justifying security upgrade costs, and proactively assessing threats to an enterprise-class SAN. The threat model suggests that a centralized approach to security management based on the host processor may be more effective than a distributed approach based on the edge of the network. Examples of enterprise server security features developed to address these threats are discussed, along with performance results on host-based encryption and a roadmap for future security enhancements
Keywords :
cryptography; storage area networks; telecommunication security; enterprise server security; enterprise storage area networks; host-based encryption; security management; threat model; Companies; Costs; Cryptography; Data security; Government; Information security; Information technology; Network servers; Protection; Storage area networks;
Conference_Titel :
Information Assurance Workshop, 2006 IEEE
Conference_Location :
West Point, NY
Print_ISBN :
1-4244-0130-5
DOI :
10.1109/IAW.2006.1652070
