최근 비즈니스에서 활용되는 보안 기술 및 성숙된 보안 관리를 위한 ibm...
TRANSCRIPT
© 2015 IBM Corporation
IBM Security Systems
1 © 2015 IBM Corporation
최근 비즈니스에서 활용되는 보안 기술 및 성숙된 보안 관리를 위한 IBM 전략 소개
박형근 실장IBM AP Security Tiger
© 2015 IBM Corporation
IBM Security Systems
2
FINTECH
© 2015 IBM Corporation
IBM Security Systems
3
© 2015 IBM Corporation
IBM Security Systems
4
인터넷 은행
© 2015 IBM Corporation
IBM Security Systems
5
신용카드
로열티프로그램
기프트카드
ID 카드
영수증
디지털 화폐 /RDC(Remote Deposit Capture)
스마트 티켓
Wallet
모바일 지갑
© 2015 IBM Corporation
IBM Security Systems
6
쇼핑 카텔로그 / 리스트 상점에서 바코드 스캔 자가 결제디지털 영수증
스마트 유통
© 2015 IBM Corporation
IBM Security Systems
7
© 2015 IBM Corporation
IBM Security Systems
8
© 2015 IBM Corporation
IBM Security Systems
9
그런데 , 보안은 ?
© 2015 IBM Corporation
IBM Security Systems
10
ProcessorsPayment Gateway
API
WalletPCI Vault
Merchant
Ledger
Adv.Routing
Basic Fraud Adv. Fraud
Cross-channelCommerce
Engine
Checkout
Data Feeds
Reconciliation
Shadow A/R
SettlementOperations
Web Tool
Logistics
Treasury
A/R
Financial Back-Office
Order Management
Payment Gateway
© 2015 IBM Corporation
IBM Security Systems
11
온라인 금융 서비스
사용자 기기(PC/ 모바
일 )
악성코드
피싱 /파밍
감염 및 보안 이벤트 데이터세션 정보
기기 정보 , 세션정보
전자금융 서버 ( 웹 / 모바일 )
고객 지원
고객 대응보안 / 관제
분석 범죄 로직 확인 위험도 산출
사이버 범죄 인텔리전스
IBM 보안센터
IBM 사이버 금융범죄 대응 서비스
© 2015 IBM Corporation
IBM Security Systems
12
ProcessorsPayment Gateway
API
WalletPCI Vault
Merchant
Ledger
Adv.Routing
Basic Fraud Adv. Fraud
Cross-channelCommerce
Engine
Checkout
Data Feeds
Reconciliation
Shadow A/R
SettlementOperations
Web Tool
Logistics
Treasury
A/R
Financial Back-Office
Order Management
Payment Gateway
© 2015 IBM Corporation
IBM Security Systems
13
사용자 인증 ( 서비스마다 차별적인 )
© 2015 IBM Corporation
IBM Security Systems
14
MAC
CPU
IMEI
Battery ID
Chip ID
언제 , 어디서나 , 무엇으로든 인터넷을 통해 접근 가능 동시 로그인 및 계정 탈취 방지 필요 . 멀티 디바이스 , 멀티 브라우저 지원 요구 ID/Password 에 부가하여 새로운
방식의 인증 강화 (Transparent 3-Factor)
서버에서 디바이스를 구분하는 방식의 문제점 기기 자체의 정보 (H/W, OS, 브라우저 등 ) 를
신뢰하면 위험
IBM Solution: ”Persistent Device ID” 소프트웨어 + 하드웨어 결합방식 앱이나 OS* 가 재설치시에도 ID 유지 범죄자의 Device 사용시 구분
사용자 디바이스 인증
© 2015 IBM Corporation
IBM Security Systems
15
사용자의 편의성 고려한 차별화 서비스 필요
© 2015 IBM Corporation
IBM Security Systems
16
사용자 디바이스 보안 – PC
피싱 차단 악성코드 방어
피싱사이트 블랙리스트
신용카드 정보 악성코드 방어
로그인정보 보호
피싱 대응 치료
피싱사이트 다운서비스
악성코드 제거로그인 정보
재설정
보고
브라우저 위변조
피싱사이트차단
고객 리포트
악성 행위 차단브라우저 보호
웹인젝션 키로깅 스크린 캡처
파밍 ,DNS 변조
x
사용자 기기
악성코드
피싱
오버레이 공격차단
© 2015 IBM Corporation
IBM Security Systems
17
© 2015 IBM Corporation
IBM Security Systems
18
사용자 디바이스 보안 - 모바일
사용자 기기
악성코드
피싱
© 2015 IBM Corporation
IBM Security Systems
19
ProcessorsPayment Gateway
API
WalletPCI Vault
Merchant
Ledger
Adv.Routing
Basic Fraud Adv. Fraud
Cross-channelCommerce
Engine
Checkout
Data Feeds
Reconciliation
Shadow A/R
SettlementOperations
Web Tool
Logistics
Treasury
A/R
Financial Back-Office
Order Management
인터페이스 보안
© 2015 IBM Corporation
IBM Security Systems
20
통제 디바이스 / 사물 (Thing) 서비스 인터페이스 서비스 플랫폼
IBM Fraud & Secure Gateway
IBM Cyber CrimeIntelligence
ID/PW Mobile OTP
보안 서비스
ID 탈취 탐지
•Device ID, User ID 에 대한 도난 여부 탐지 , 인증정보 통한 플랫폼 공격 방어
악성코드탐지
•웹 브라우징 상의 악성코드 감염 여부 탐지와 제거
웹 /XML공격 방어
•웹 혹은 XML 취약점 기반 공격 방어
암호화 통신
•암호화 통신 (TLS/HTTPS) 및 가속화
인증 /접근제어
•사용자 혹은 디바이스 인증 및 서비스 접근 제어 ( 인증 혹은 IP 기반 등 )
인터페이스보안
인터페이스 보안
© 2015 IBM Corporation
IBM Security Systems
21
IBM 보안 프레임워크
© 2015 IBM Corporation
IBM Security Systems
22
IBM 보안 솔루션 포트폴리오
© 2015 IBM Corporation
IBM Security Systems
23
IBM 보안 서비스 포트폴리오IBM Security Services Portfolio
People Data Applications Infrastructure
Identity Assessment & Strategy Crown Jewels Discovery & Protection SDLC Program Development Security Optimization
User Provisioning/Access Mgmt Database Security Dynamic and Static Testing Design, Deployment & Migration
Total Authentication Solution Encryption and Data Loss Prevention
Embedded Device TestingStaff Augmentation
Managed/Cloud Identity Mobile Application Testing
Strategy, Risk & Compliance
Security Maturity BenchmarkingSecurity Strategy & Roadmap
DevelopmentSecurity Risk Assessment & Program
DesignIndustrial Controls
(NIST, SCADA)PCI Advisory
Firewall / Unified Threat Management Intrusion Detection & Prevention Web Protection & Managed DDoSHosted E-Mail & Web
Vulnerability Mgmt
Managed SIEM &
Log Management
Security Operations
Security Intelligence Operations Center Design & Build Out Services
Cloud and Managed Services
Cybersecurity Assessment & Response
Threat Intelligence Advisory X-Force Threat Analysis Penetration Testing Incident Preparation Emergency Response
© 2014 IBM Corporation
IBM Security Systems
24
www.ibm.com/security
© Copyright IBM Corporation 2013. All rights reserved. The information contained in these materials is provided for informational purposes only, and is provided AS IS without warranty of any kind, express or implied. IBM shall not be responsible for any damages arising out of the use of, or otherwise related to, these materials. Nothing contained in these materials is intended to, nor shall have the effect of, creating any warranties or representations from IBM or its suppliers or licensors, or altering the terms and conditions of the applicable license agreement governing the use of IBM software. References in these materials to IBM products, programs, or services do not imply that they will be available in all countries in which IBM operates. Product release dates and/or capabilities referenced in these materials may change at any time at IBM’s sole discretion based on market opportunities or other factors, and are not intended to be a commitment to future product or feature availability in any way. IBM, the IBM logo, and other IBM products and services are trademarks of the International Business Machines Corporation, in the United States, other countries or both. Other company, product, or service names may be trademarks or service marks of others.
Statement of Good Security Practices: IT system security involves protecting systems and information through prevention, detection and response to improper access from within and outside your enterprise. Improper access can result in information being altered, destroyed or misappropriated or can result in damage to or misuse of your systems, including to attack others. No IT system or product should be considered completely secure and no single product or security measure can be completely effective in preventing improper access. IBM systems and products are designed to be part of a comprehensive security approach, which will necessarily involve additional operational procedures, and may require other systems, products or services to be most effective. IBM DOES NOT WARRANT THAT SYSTEMS AND PRODUCTS ARE IMMUNE FROM THE MALICIOUS OR ILLEGAL CONDUCT OF ANY PARTY.
www.ibm.com/security
© Copyright IBM Corporation 2014. All rights reserved. The information contained in these materials is provided for informational purposes only, and is provided AS IS without warranty of any kind, express or implied. IBM shall not be responsible for any damages arising out of the use of, or otherwise related to, these materials. Nothing contained in these materials is intended to, nor shall have the effect of, creating any warranties or representations from IBM or its suppliers or licensors, or altering the terms and conditions of the applicable license agreement governing the use of IBM software. References in these materials to IBM products, programs, or services do not imply that they will be available in all countries in which IBM operates. Product release dates and/or capabilities referenced in these materials may change at any time at IBM’s sole discretion based on market opportunities or other factors, and are not intended to be a commitment to future product or feature availability in any way. IBM, the IBM logo, and other IBM products and services are trademarks of the International Business Machines Corporation, in the United States, other countries or both. Other company, product, or service names may be trademarks or service marks of others.
Statement of Good Security Practices: IT system security involves protecting systems and information through prevention, detection and response to improper access from within and outside your enterprise. Improper access can result in information being altered, destroyed or misappropriated or can result in damage to or misuse of your systems, including to attack others. No IT system or product should be considered completely secure and no single product or security measure can be completely effective in preventing improper access. IBM systems and products are designed to be part of a comprehensive security approach, which will necessarily involve additional operational procedures, and may require other systems, products or services to be most effective. IBM DOES NOT WARRANT THAT SYSTEMS AND PRODUCTS ARE IMMUNE FROM THE MALICIOUS OR ILLEGAL CONDUCT OF ANY PARTY.