Secure the edge? Understanding the risk towards wireless grids Edgeware technology

Int. J. Internet Technology and Secured Transactions, Vol. 5, No. 3, 2014 Secure the edge? Understanding the risk towards wireless grids Edgeware technology Tyson Brooks*, Michelle Kaarst-Brown, Carlos Caicedo, Joon Park and Lee W. McKnight School of Information Studies, Syracuse University, Syracuse, NY, 13244, USA E-mail: ttbrooks@syr.edu E-mail: mlbrow03@syr.edu E-mail: ccaicedo@syr.edu E-mail: jspark@syr.edu E-mail: lmcknigh@syr.edu *Corresponding author Abstract: This article contributes to the foundational understanding of the security vulnerabilities and risk towards wireless grid Edgeware technology. Since communication networks and devices are subject to becoming the target of exploitation by hackers (e.g., individuals who attempt to gain unauthorised access to computer systems), these individuals are gaining ever-increasing knowledge of the often widely-reported exploitable vulnerabilities in these types of innovative technologies; and thus are able to craft increasingly effective computer network attacks (CNA) against such technologies. This research responds to the overall proposition: what security vulnerability enumerations would contribute to the degradation and risk in using a wireless grid Edgeware application in a virtualised cloud environment? Using supporting research pertaining to cyber-attacks and vulnerabilities towards a wireless cloud (e.g., the integration of a cloud computing and a wireless grid architecture), security vulnerabilities in virtualisation environments and specific vulnerabilities exploited against a wireless grid Edgeware application, this research provides a greater understanding of the practical ways wireless grid Edgeware technology can be attacked and the risk in utilising this technology. Keywords: wireless grids; Edgeware; information security; risk management; hacking; cyber-attack; edge computing; cloud computing; virtualisation Reference to this paper should be made as follows: Brooks, T., Kaarst-Brown, M., Caicedo, C., Park, J. and McKnight, L.W. (2014) ‘Secure the edge? Understanding the risk towards wireless grids Edgeware technology’, Int. J. Internet Technology and Secured Transactions, Vol. 5, No. 3, pp.191–222. Biographical notes: Tyson Brooks works for the US Department of Defense (DoD), is a co-Director for the Wireless Grids Testbed (WiGiT) at Syracuse University and is an IEEE senior member. He has more than 20 years of professional experience in the design, development and production of complex information systems/architectures, as well as leading the effort to develop secure information systems architectures for the US DoD. His research interests are in the fields of cyber-security, information assurance, information security architecture and internet of things architectures. He received his Doctorate in Information Management from Syracuse University. Copyright © 2014 Inderscience Enterprises Ltd. 191 192 T. Brooks et al. Michelle Kaarst-Brown is an Assistant Professor at the School of Information Studies at Syracuse University and has over 20-years in management and consulting in the financial services industry. Her prior work experience in organisational development, human resources management, marketing, project management, quality business, research, and strategic management provide her with a holistic view of organisations and their strategic problems. She has received her PhD in Organisational Theory/Organisational Behaviour, and Management Information Systems from York University. She has published in a number of top academic and professional journals including MIS Quarterly, MIS Quarterly Executive, Information Technology and People, Journal of Strategic Information Systems, Journal of Organisational Change Management, Journal of Global Information Management, and CIO Canada. She currently serves on the editorial board of MIS Quarterly Executive, and is a former AE for MIS Quarterly and the Journal of Enterprise Architecture. Carlos Caicedo is an Assistant Professor at the School of Information Studies at Syracuse University and Director of the Center for Convergence and Emerging Network Technologies (CCENT). He received his PhD in Information Science from the University of Pittsburgh and holds MSc in Electrical Engineering from the University of Texas at Austin and from the Universidad de los Andes, Colombia. He has been a Teaching Fellow at the University of Pittsburgh as well as an Instructor Professor at the Universidad de los Andes in Colombia. His research interests are in the areas of new wireless markets and technologies and also in security for future data environments. Joon Park has been involved with theoretical/practical research and education in Cybersecurity, publishing more than 90 peer-refereed research papers in the area. He is Syracuse University’s Point of Contact (POC) at the Center of Academic Excellence (CAE) in Information Assurance (IA)/Cyber Defense (CD) and CAE-R (Research), which are designated by the National Security Agency (NSA) and the Department of Homeland Security (DHS). He has been the lead faculty member in developing the security curriculum at the iSchool, including the Certificate of Advanced Study (CAS) in Information Security Management (ISM). He served as the Founding Director of the CAS ISM programme for the last decade (2003 to 2013). During his sabbatical (Fall 2011 to Summer 2013), his research in Cybersecurity was sponsored by the US National Research Council (NRC), National Academies, as an NRC Fellow. Lee W. McKnight is a Kauffman Professor of Entrepreneurship and Innovation and an Associate Professor in the iSchool (The School of Information Studies), Syracuse University; Founder and member of the Board of Directors of Wireless Grids Corporation; as well as a founding member of the Board of Directors of Summerhill Biomass Systems. His research focuses on virtual markets and wireless grids, the global information economy, national and international technology policy, and internet governance and policy. He was an Associate Professor and Director of the Edward R. Murrow Center at the Fletcher School of Law and Diplomacy, Tufts University; Principal Research Associate and Lecturer at MIT, and Founder of the Internet Telephony Consortium, also at MIT. He received his PhD in 1989 from MIT. This paper is a revised and expanded version of a paper entitled ‘A failure to communicate: security vulnerabilities in the GridStreamX Edgeware application’ presented at 8th International Conference for Internet Technology and Secured Transactions (ICITST-2013), London, UK, 9–12 December 2013. Secure the edge? 1 193 Introduction Complex computing architectures are an operational imperative and challenge throughout an organisation. Evolving information systems and information technology (IT) architectures challenge existing approaches to information security. With the evolution and adoption of new and innovative forms of IT (e.g., virtualisation, cloud computing, wireless grids, etc.), new architectures using this IT may render many existing information security techniques ineffective. As organisations adopt new enterprise computing business models with the integration of intelligent mobile devices (e.g., Smartphone’s, iPads, etc.) and social media (e.g., Facebook, Twitter, etc.), these architectures will become highly control dependent on automated networks and systems with open, less secure architectures. Organisations seek to control these new systems and networks through the development and use of new technologies, including IT [Kaarst-Brown and Robey, (1999), p.192]. Often, support for these architectures requires the connection of IT for interoperability with varying degrees of threats (e.g., a negative event to cause harm to a computer system), vulnerabilities (e.g., weakness in computer networks/systems) and risks (e.g., possibility of harm or loss) (Gelbstein and Kamāl, 2002). Such connectivity and interoperability is often done without a sound understanding of the hostile environment in which each system is operating, the vulnerabilities existing within each system, the additional vulnerabilities caused by the connectivity amongst the operating environment, or the full magnitude of the consequences to support operations that can result from a successful exploitation (Lang et al., 2006). In short, the actual threats, vulnerabilities and risk being incurred from these environments, whether autonomously or separately, are still not well understood. ‘Distributed’ computing, a computing methodology that harnesses the power of many machines linked together for a common purpose, gives unlimited computing power to individual users (Sloman, 1994). As complex computing environments increase, the nature of these distributed systems and their associated vulnerabilities are known to an increasing set of malicious individuals (e.g., hackers) who want to break into and exploit their vulnerabilities [Thomas, (2003), p.3]. Today, access to these complex systems, exploitation tools, and the ability, or lack thereof, to detect exploitation are factors placing these information systems using IT at ever increasing risks (Thomas, 2003). Because of the abundance of hardware, software and computing devices needed for these multi-connected complex systems, the concept of end-to-end security becomes critical. Known as the ‘C-I-A’ triad of information security, the major security issues of confidentiality (or loss of authorisation), integrity (or loss of information accuracy), and availability (or uninterrupted use of information) for these types of environments also require an unprecedented dependence on secure information communication (Bernard and Ho, 2009; Tipton, 2010). One form of distributed computing through a dynamic virtual network that exists only while it’s in use is known as a wireless grid. McKnight et al. (2004) define wireless grids as an ad-hoc dynamic sharing of physical and virtual resources among heterogeneous devices [see Figure 1(a)]. Wireless grid architectures and platforms enable heterogeneous resource discovery and sharing through the formation of wireless grid virtual networks (McKnight et al., 2012). The wireless grid or ‘grid’ is software-driven, serverless, infrastructureless (in the sense of dedicated infrastructure) and is made possible by the ‘grid core’ which is a piece of 194 T. Brooks et al. software that is installed on any grid-enabled device consisting of a common core library with binding for the local environment (Treglia et al., 2011) [see Figure 1(b)]. Radio components support the connectivity for wireless grid, and also carry the information exchanging functionalities among heterogeneous nodes (McKnight et al., 2013). Each communication node has at least one radio and this radio provides the connectivity between the service request node and service nodes, or between the service request node and one access point (AP) to wired networks, which connects the service nodes (McKnight et al., 2013). The radio components may support both remote access (supported with cellular networks or Wi-Fi networks) and local access (supported with shorter-range wireless standards, such as Bluetooth and Zigbee) (Treglia et al., 2011; McKnight et al., 2013). Ad hoc or mesh networks are an option for connectivity when hierarchical systems are not available or a different option is preferred and coexistence mechanisms among multiple radios may be defined by each system (McKnight et al., 2013). Through the radio components, wireless grids can intelligently and dynamically interconnect users at multiple sites, transfer digital media, assume and respond to different equipment types, and adapt to low power conditions and diminished communications capabilities (McKnight et al., 2012). Figure 1 The wireless grid Edgeware, (a) WiGiT open framework (b) Edgeware grid core (see online version for colours) (a) (b) Source: Wireless Grid Innovation Testbed [WiGiT] and Wireless Grids Corporation Edgeware is similar to ‘edge computing’, where the data and computing power is processed away from a centralised point to the edges of a network (Lin et al., 2007). Edgeware is a new class of software applications enabling ad hoc connection of people, devices, software and services in a personal cloud, supported by a personal cyber infrastructure (Treglia et al., 2011). The vertical boxes, in Figure 1(b) represent ‘Edgeware’ applications that reside on a user interface (UI), which in turn reside on an application programme interface (API), and may represent dozens or hundreds of different sorts of mini-programmes that enable different kinds of resource sharing and functionality (Treglia et al., 2010). Edgeware technology is specifically designed for Secure the edge? 195 software applications deployed on wireless grids utilising virtualisation and cloud technologies and refers to the software capability to deploy network ‘edge’ devices (e.g., nodes1) without the dependency of a central server for processing (McKnight et al., 2012). Edge devices are routers, switches, routing switches, integrated access devices (IAD), multiplexers, and a variety of metropolitan area network (MAN)/wide area network (WAN) access devices that provide entry points into enterprise or carrier/service provider core networks which translate between one type of network protocol and another (Sheldon, 2012). Edgeware applications can dynamically make use of content and resources present in devices – Smartphone’s, laptops, personal computer’s (PC), cameras, printers, screens, etc. – through connectivity via a wireless grid (McKnight et al., 2012). Edgeware applications are typically delivered as a service on wireless grid platforms and come in two primary varieties: GRiDLET’s (i.e., proprietary Edgeware applications) and WiGLET’s (i.e., non-proprietary open Edgeware applications). This article presents the information security risk for implementing wireless grid Edgeware technology in an organisation’s virtualised cloud environment. Although highly innovative, this new information system model alters the security models of traditional security policies and presents a growing concern regarding the C-I-A triad threat to information security from hackers (e.g., individuals who attempt to gain unauthorised access to computer systems) gaining ever-increasing knowledge of exploitable vulnerabilities in this type of technology. 2 Background In today’s hostile cyber environment, hacker’s are continuously evolving their attack methodologies and targets. With the increasing growth of these new and innovative technologies, such as cloud computing, virtualisation, wireless grids, etc., dependency on the ‘the cloud’ makes it an increasingly attractive target for hackers. Hackers are creating entirely new classes of attacks that are even more difficult to discover. Hackers opportunistically scan the internet to find and infect computer systems that are mis-configured or lack current software security patches (Wilson, 2003). These new classes of attacks are emerging rapidly as with the evolution of network technologies and with each new ‘killer’ application that comes along. Since hackers have grown adept at a wide range of attacks, including theft of confidential information, implanting and remotely executing malicious code and launching denial-of-service (DoS) attacks (von Hippel and Paradiso, 2008). Highly-skilled hacker’s use automated tools that are also very sophisticated, and their effects are initially much more difficult for computer security staff and security technology products to detect (Wilson, 2003). Hackers are gaining ever-increasing knowledge of the often widely-reported exploitable vulnerabilities in innovative technologies and thus are able to craft increasingly effective attacks against these applications which incorporate these technologies. Unfortunately, the unique properties of the cloud make it difficult to counter these attacks. The high processing speed and tight coupling of these systems enables attacks to progress much faster than humans can react; the large scale, coupled with the ability of hacker’s to encrypt and hide sensitive information, makes it difficult to observe and attribute a hacker’s activities. The process of running multiple services on the same 196 T. Brooks et al. servers and network elements (i.e., virtualisation) means that compromising one (perhaps) less secure service enables hackers to attack another. Through the cohesion of understanding the vulnerabilities of a wireless cloud, virtualisation and a wireless grid Edgeware application (i.e., GridStreamX), this article sets the foundation for discovering new compromises on wireless grid Edgeware technology and contributes to the foundational understanding of the technology and architecture of the vulnerabilities and risk towards potentially implementing wireless grids Edgeware technology in an organisational virtual cloud environment. By examining cyber-attacks, vulnerabilities, the likelihood of a hacker(s) attack, their potential impact and countermeasures to mitigate this threat is also taken into consideration. In addition to the increase in complexity and availability wireless grids Edgeware technology provides, today the risk of hackers being caught is relatively low and attacks are often not detected. The rapid proliferation of innovative technologies, such as virtualisation, cloud computing, wireless grid Edgeware, etc., the increased availability of sophisticated tools, and the lack of sufficiently developed and deployed effective information security protections, make this architecture an increasingly lucrative target for hackers. 3 Related work While there has been much work on detecting vulnerabilities and cyber-attacks in cloud, virtualisation, wireless and grid systems (Löhr et al., 2007; Chen et al., 2010; Kotsovinos, 2010), research on the security of wireless grid Edgeware is beginning to increase (Brooks and McKnight, 2013; Brooks et al., 2013). Like any complex system, wireless grid Edgeware networks are subject to mistakes in the form of implementation errors and misconfigurations of devices. All the vulnerabilities that exist in conventional wired and wireless networks will apply to wireless grid Edgeware technology as well. For example, hackers may gain unauthorised access in virtualised environments by simply installing a new version of the hypervisor on the client machine which copies all subsequent users’ decrypted disk images to the attacker’s machine (Garcés-Erice and Rooney, 2012). Hackers may be able to gain connectivity to cloud-based infrastructure-as-a-service (IaaS) network management controls and thereby disable or disrupt operations (Grobauer et al., 2011). Handheld devices used in wireless networks could be attached to the organisations network with malware, viruses or other malicious code which may corrupt data on a device and subsequently be introduced into the network connection (Raymond and Midkiff, 2008). Cybercriminals’ growing preference toward the use of low-volume, targeted attacks in wireless environments are stealing information and data from compromised devices (Saha et al., 2001). These attack threats are concerning which still need to be addressed for leveraging wireless grid Edgeware as a secure data communications method. Grid computing is often regarded as the predecessor of cloud computing and many authors claim that cloud computing and grid computing are quite similar (Foster et al., 2006; Garfinkel, 2007; Foster et al., 2008). Grid computing enables virtualisation of distributed computing and data resources such as processing, network bandwidth and storage capacity to create a single system image, granting users and applications seamless access to vast IT capabilities (Foster, 2002; Foster et al., 2006). Consequently, grids typically provide services to authenticate and authorise users to access resources on a remote set of machines on the same grid (Foster et al., 2003). Grid computing can also be Secure the edge? 197 wireless or mobile where computing loads must be allocated dynamically to respond to changing conditions and information generated by required at critical nodes. Wireless grids are ad hoc dynamic sharing of physical and virtual resources among heterogeneous devices, which utilise ‘Edgeware’, as a platform that enables heterogeneous resource discovery and sharing through the formation of wireless grid virtual networks (McKnight et al., 2012). Although the security research on wireless grids is fairly new, computer network attacks (CNA) on grid and wireless sensor networks have been prevalent in research literature for years (Chan and Perrig, 2003; Rehana, 2009; Padmavathi and Shanmugapriya, 2009). Edge computing has emerged as an important technique for delivering web content, services and diverse service interfaces over the internet and has its roots in content delivery networks (CDNs) that deliver content by moving it from centralised servers to the edge of the network, closer to end-users (Lin et al., 2007). Using edge computing, parts of a Web application – and in some cases the entire application – can be distributed across networks and many client requests can be processed completely at the edge, avoiding WAN communication altogether (Davis et al., 2004). In practice, pushing application logic to edge servers introduces a number of technical challenges which can lead to cyber-attacks, one of which is data security; for applications that run on a database, edge computing entails the distribution of (parts of) the database, to edge servers that perform query processing on behalf of the central database management systems (DBMS) (Pang and Tan, 2004). Since the edge servers are not necessarily as secure as the corporate data centre, the query results produced by them must be checked for integrity; specifically, a recipient must be able to verify that the values in his query result have not been tampered with, and that no spurious tuples are introduced (Pang and Tan, 2004). Although there has been research pertaining to edge computing (Davis et al., 2004; Pang and Tan, 2004, Lin et al., 2007), there is not a significant body of related work towards CNAs against Edge computing (or Edgeware in general). Goh et al. (2006) performed research ensuring data security in an edge computing platform through three schemes that enable users to check the correctness of query results produced by the edge servers. Their research proposes two new schemes for verifying the query results produced by the unsecured edge servers. The schemes are based on the observation that if necessary a group of edge servers can be running different operating systems and protected by different security products, thus increasing the difficulty for attackers to compromise all the edge servers concurrently without being detected (Goh et al., 2006). Goh et al. (2006) research is important because it shows that each scheme offers different security features (e.g., verifiability, unforgeability, identifiability, undeniability, and prevention of misuse) and imposes different demands on the edge servers, user machines, and interconnecting network. With the new paradigms of cloud computing, virtualisation, wireless grids, etc., these dynamics will cause certain key challenges to rise in prominence in protecting against certain CNA attacks. Rajanna and Gyani’s (2012) publication on cloud and grid computing security solutions identified CNA attacks consisting of cross-site scripting, structure query language (SQL) injections, DoS, internet protocol (IP) spoofing, address resolution protocol (ARP) poisoning and physical access of hardware components. Rajanna and Gyani (2012) further researched the processing of data coming back from the cloud and how it may be vulnerable to these certain types of CNA attacks. Rajanna 198 T. Brooks et al. and Gyani’s (2012) research is significant because it discusses how cloud computing offers its users services and applications, which are provided through the internet, and thus, a large number of computers will be in the path of the data when the data is sent to the cloud for analysis which makes to data susceptible to attacks. Jansen’s (2011) research on the technical security issues in cloud computing identified the various distinct web services technologies used to build cloud computing systems and depending on the type of cloud – either IaaS, platform-as-a-service (PaaS) or software-as-a-service (SaaS), the different security issues that pertain to those infrastructures. Jansen’s (2011) research identified CNA attacks on protocols using extensible mark-up language (XML) signature element wrapping, browser-based cloud authentication, cloud malware injection, metadata spoofing, flooding and DoS. The important aspect of this study is the threat of flooding attacks on cloud systems using IaaS, which also integrates virtualisation and workplace-as-a-service (WPaaS) technologies. Neither Rajanna and Gyani’s (2012) nor Jansen’s (2011) research on the identification of cloud computing attacks and mitigation strategies for those attacks provide attack specifics regarding different cloud computing deployment models (e.g., SaaS, PaaS, and IaaS) from the perspective of using virtualisation technologies. Although an IaaS private cloud computing infrastructure utilises the concept of virtualisation and virtualisation is important to the cloud, CNA attacks against virtualisation technology itself is also a concern. Virtualisation can expand the utilisation of existing computing infrastructures through the hypervisor [e.g., the software layer which allows multiple operating systems to be installed concurrently on the same machine with total isolation from each other; also known as a virtual machine (VM) manager]. Ristenpart et al. (2009) research on a cloud platform which multiplexes many customers’ VM’s across a shared physical infrastructure identified the introduction of new vulnerabilities, such as cross-VM side-channel attacks (extracting information from a target VM on the same host machine) in third-party clouds. This research demonstrated how to penetrate the isolation between VMs (e.g., via a vulnerability that allows an ‘escape’ to the hypervisor or via side-channels between VMs) to violate customer confidentiality. The importance of this research is that it shows how improperly protected end-user machines could spread malware to the VM, and in turn spread to other users as they connect to the VM. It is also emphasises the importance of virtualisation technologies in the context of cloud computing security; however, the research only states attacks resulting from virtualisation technologies. Another potential attack point within a virtualisation environment is the communications link between VMs. Tsai et al. (2012) research identified specific attacks to the VM in the form of VM hyperjacking, VM escape, VM hopping, VM monitoring, VM DoS and VM mobility. Through a network testbed, these researchers’ identified security impacts of these attacks when introducing such modern virtualisation technologies into a network testbed environment. Their experiments showed that hypervisor-based virtualisation technologies introduce a hypervisor to manage and control the resource allocation, but make the hypervisor a new attacking target (Tsai et al., 2012). The testbeds showed that they were still vulnerable to attacks like VM hyperjacking, VM escape, VM hopping, VM monitoring and VM DoS; and an attacker may try to obtain root access to the host operating system, in order to inject virus or malware and damage the fundamental requirements of the hypervisor-based virtualisation (Tsai et al., 2012). Although highly relevant, their research does not discuss how these Secure the edge? 199 attacks affect the control of communications between VMs in compromising the confidentiality, integrity, and availability of data exchanged across a virtual network within an organisation. As cloud users connect to resources distributed across multiple VMs, the use of grid, specifically, wireless grid computing will also create separation securing against the attacks to this new form of distributed computing. 4 Theoretical framework Through the foundational theory of risk management and CNAs, the theoretical framework2 (see Figure 2) used for this research dealt with identifying the security implications to wireless grid Edgeware to address the overall research question – what security vulnerabilities enumerations would contribute to the degradation and risk in using a wireless grid Edgeware application in a virtualised cloud? This research framework supports the identification of threats to and vulnerabilities towards wireless grids Edgeware technology and the potential impact resulting from the loss of information or capabilities of this technology. The framework also supports the practice of generating relevant risk-reducing countermeasures by balancing risk reduction against these attributes for implementing wireless grids Edgeware technology. As these attributes change over time, it is necessary to periodically revisit the current understanding of the risks incurred within the current and projected operating environments and determine if a change in protection approach (e.g., technology, procedures, personnel) is warranted. Figure 2 The conceptual Edgeware security risk framework (see online version for colours) Additionally, the framework focuses on gaining insight into the risk that are being incurred (or will be incurred) based upon the operational usage wireless grids Edgeware technology, future architectural designs and hostile operating environments for wireless grids Edgeware technology. At the core of this approach is the underlying theory about the elements of risk management, its definition and relationship. In addition, this theoretical foundation was grouped into the following specific areas or factors: 200 T. Brooks et al. 1 threats (e.g., cyber-attacks targeting computer networks/systems) 2 vulnerabilities (e.g., weaknesses of an attack) 3 likelihood (e.g., probability of occurrence) 4 impact (e.g., impact from a cyber-attack), countermeasures (e.g., mitigating techniques against a cyber-attack) and overall risk (e.g., overall potential harm or loss). The overall risk takes all of these attributes into consideration. This framework influences understanding of the information security risk to wireless grids Edgeware technology and is consistent with the theoretical elements of risk management. The framework for this research supported the threat, vulnerability, likelihood, impact and countermeasures research needed to provide insight and meaning to the information pertaining to the concept of a wireless cloud, virtualisation technology, and data from a laboratory experiment regarding the degradation of the GridStreamX Edgeware application operating environment (Brooks et al., 2012a, 2013; Brooks, 2014). From the analysis of threats, the potential for a threat-source to exercise (accidentally trigger or intentionally exploit) a specific vulnerability was determined (Jajodia et al., 2005; NIST, 2012). This research determined which set of attacks hackers would more than likely invest in to attack wireless grids Edgeware applications. Vulnerabilities were identified for wireless grids Edgeware technology through the discovering of weaknesses that could be exploited by threats to its operational environment and technologies in order to determine the immediate objective of an attack (i.e., defeat of confidentiality, integrity or availability) (NIST, 2012; Gortney, 2012). 5 Literature review 5.1 Risk management Discussions and research on wireless grids and Edgeware have been on the rise in academia (Treglia et al., 2011; McKnight et al., 2013; Brooks and McKnight, 2013). Although literature dates back for decades in the areas of cloud computing, virtualisation, wireless networks and grid computing (Goldberg, 1973; Borden et al., 1989; Foster et al., 2003; Padmavathi and Shanmugapriya, 2009), publications on wireless grids and Edgeware are beginning to increase. Recent research defines Edgeware as “a new class of software specifically designed for software applications deployed on wireless grids” (McKnight et al., 2013; Brooks and McKnight, 2013). According to Treglia et al. (2010), ‘Edgeware’ is software that resides beyond the cloud, across edge network devices (e.g., routers, switches, etc.), both wired and wireless. These definitions lead to the general purpose on the identification of cyber-attacks on wireless grid Edgeware with the consequence that there is a lack of clarity of the concept of a secure wireless grid Edgeware architecture. Nevertheless, a common understanding of the term Edgeware itself is beginning to emerge. Risk, as defined in the American Heritage Dictionary3, is the ‘possibility of suffering harm or loss’. Risk is the net negative impact of the exercise of a vulnerability, considering both the probability and the impact of occurrence (NIST, 2012). Risk management theory is described as the performance of activities designed to minimise the Secure the edge? 201 negative impact (cost) of uncertainty (risk) regarding possible losses (Schmit and Roth, 1990). The contributions of literature findings for this article first takes into consideration risk management theory, in which several authors from academia could be attributed to identifying the origins of risk management theory (Mehr and Hedges, 1963; Williams and Heins, 1964; Horrigan, 1969). The theory could also be attributed to publications from the Journal of Risk Management and Risk Management (formerly The National Insurance Buyer) from the 1950 to 1980s (Crockford, 1982). Campbell and Sands (1979) developed one of the earliest risk management approaches, which developed a structured methodology based on a set of concepts that subsisted in the later approaches, such as vulnerability analysis, threat analysis, risk analysis, and control implementation. These early researchers tended to agree that institutional specialisation in risk management gave it a valued position in business education [Schmit and Roth, (1990), p.456]. Risk management theory in the context of IT and information system security is not a new research domain (Bandyopadhyay et al., 1999; Fenz et al., 2011). Gruschka and Jensen (2010) performed risk management in their research to identify the threat of criminal hackers performing cloud malware injection attacks, direct DoS attacks and flood attacks in determining these as a significant concern to cloud environments. Chakrabarti (2007) performed a comprehensive risk analysis of existing grid computing security issues identifying countermeasures to grid security issues at the host level (e.g., data protection, job starvation), architecture level (e.g., policy mapping, DoS, information security) and credential level. Cody et al. (2008) risk management research on computational grids, data grids and service grids identifies specific types of vulnerabilities that could exist for each grid computing system. Van Cleeff et al. (2009) risk management research on virtualisation environments identified how the threat of hackers could originate from security parameters from five different components using virtualisation: 1 hardware 2 other VMs 3 the virtual machine monitor (VMM) 4 the virtual machine monitors’ management (VMMMs) 5 network. Grobauer et al. (2011) identified four cloud-specific technology vulnerabilities – web applications and services, virtualisation, and cryptography – which include such vulnerabilities as VM escape, session riding and hijacking, and insecure or obsolete cryptography through risk management analysis. These researchers’ were particularly instrumental in establishing the foundation for identifying risk in grids, clouds and virtualisation technologies. 5.2 Computer network attacks Computer and network security aim to provide confidentiality, data integrity, and service availability (Raymond and Midkiff, 2008). Information security is the protection of information and the systems and hardware that use, store and transit that information [Whitman and Mattord, (2011), p.8]. An important aspect of information security is to 202 T. Brooks et al. ensure the confidentiality, integrity and availability of the data being processed as information [Whitman and Mattord, (2011), p.8]. In the early days of computing, the emphasis was on computer security because of the nature of the threats, such as physical theft of equipment, espionage against the products of the systems and sabotage (Von Solms, 1999). Developments in networking, software, engineering and architecture changed all of this throughout the years and one of the biggest threats to information security became known as a CNA (Wilson, 2003). A computer attack may be defined as actions directed against computer systems to disrupt equipment operations, change processing control or corrupt stored data (Wilson, 2003). Computer attacks can be classified into three areas: 1 physical attacks, which involve conventional weapons directed against a computer facility or its transmission lines 2 electronic attacks which involve the use of power of an electromagnetic energy as a weapon (more commonly known as electromagnetic pulse – EMP) to overload computer circuitry 3 CNA involving malicious code as a weapon to inject computers to exploit weakness [Wilson, (2003), p.3]. Cyber as a prefix was used for the first time in the word ‘cybernetics’, which was coined and used by Norbert Wiener in his book of the same name published in 1948 [Wiener, 1948; Sen, (2004), p.116]. Cyber, as defined in the American Heritage Dictionary4, is a combining form meaning ‘computer’, ‘computer network’ or ‘virtual reality’. A cyber-attack is an attack, via cyberspace (e.g., internet) targeting an enterprise’s use of cyberspace for the purpose of disrupting, disabling, destroying, or maliciously controlling a computing environment/infrastructure; or destroying the integrity of the data or stealing controlled information (CNSS, 2010). Cyber-attacks are performed through CNA consisting of five steps: reconnaissance (surveillance for data gathering), vulnerability scanning (discovery a technical weakness), gaining access (inside the system), maintaining access (privilege escalation) and covering tracks (hiding evidence of intrusions or activities) (Tutănescu and Sofron, 2003). Research has been written on CNAs throughout the 1970s (Whiteside, 1978), the 1980s (Perry and Wallich, 1984), 1990s (BloomBecker, 1990) and in the 2000s (Hansman and Hunt, 2005). In the CNA literature, the major research findings for this research pertained to hackers/hacking (Thomas, 2003) and the history of CNAs (Tyagi and Vyas, 2008). Hacking has existed, in various forms, since the late 1950s (Thomas, 2003). Hackers can be external (no access) or internal (authorised access) to the systems they plan to attack. Hacking is intrinsically linked with network security and the existence of hacking gave rise to the network security industry. Recently, the term hacker has taken on a new meaning as defined by Farsole et al. (2010) as someone who maliciously breaks into systems for personal gain. Technically, these criminals are ‘crackers’ or ‘black hat’ hackers (criminal hackers) who break into systems with malicious intent are ‘external’ to the systems they are attempting to attack; are out for personal gain, fame, profit and even revenge; and modify, delete and steal critical information often making other people miserable [Farsole et al., (2010), p.15]. Hackers conduct CNA’s on systems for a variety of reasons. Some hackers attack information systems simply for the challenge of penetrating an important system based on the value of the information within the network (Hartmann et al., 2008). Other hackers attack information systems for the purpose of Secure the edge? 203 revealing vulnerabilities and weaknesses in popular software applications and hardware (Wallner, 2008). Lastly, some hackers may attack information systems out of a sense of financial or personal gain, effectively using their skills to steal money, or otherwise valuable data, which they can either sell or use to blackmail their victims (Smith and Rupp, 2002). Hacker’s accessing networks that are considered important (or regarded as difficult to penetrate) satisfies the egos of these hackers who determine their targets based on the degree of difficulty involved in performing CNA attacks (Jordan and Taylor, 1998). The recent emergence of innovative technologies, such as cloud computing, virtualisation, wireless grids, edge computing, etc., utilising web applications/services to process information are common to CNAs. Rajanna and Gyani’s (2012) publication on cloud and grid computing security solutions identified CNA attacks consisting of cross-site scripting, SQL injections, DoS, IP spoofing, ARP poisoning and physical access of hardware components. Jansen’s (2011) research on the technical security issues in cloud computing identified the various distinct web services technologies used to build cloud computing systems and depending on the type of cloud – either IaaS, PaaS or SaaS, the different security issues that pertain to those infrastructures. Tsai et al. (2012) research identified specific attacks to the VM in the form of VM hyperjacking, VM escape, VM hopping, VM monitoring, VM DoS and VM mobility. Lee et al. (2011) published a comparative study on the nature and complexities that grid computing introduces regarding the vulnerabilities in middleware, web services and portals for grids. The relevance this literature has to wireless grids Edgeware technology is that understanding the concept of CNA and how similar technologies are attacked, it’s easier to understand methods and techniques to protect the application and its network against security loopholes. 6 Cloud, virtualisation and Edgeware vulnerabilities Technology vulnerabilities take many forms and are fundamental failures in network and software designs meaning that the technology always will have a problem no matter how well it is implemented. Unmitigated vulnerabilities require risk management planning and analysis to deal with impacts to organisational assets. Whether the vulnerabilities are exploited intentionally (malicious) or unintentionally (non-malicious), the net result is that the confidentiality, integrity, and/or availability of the organisation’s assets may be impacted. There are a number of known vulnerabilities documented throughout cloud, virtualisation and wireless grid Edgeware literature (Yi et al., 2001; Löhr et al., 2007; Chen et al., 2010; Kotsovinos, 2010; Brooks et al., 2013). They range from the obvious (failure to authenticate) to the subtle (key management). When performing known vulnerability analysis, security engineers/specialist must consider the technology as it has been described in the artefacts that were reviewed for asset identification. Classifying vulnerabilities allows for pattern recognition of vulnerability types. This in turn may enable the security development teams to recognise and develop countermeasures to deal with classes of vulnerabilities by dealing with the vulnerabilities at a higher level of abstraction. For example, the Brooks et al. (2012b) article detailed four cyber-attack classes for a wireless cloud (i.e., wireless grid, cloud computing, data-in-transit, and 204 T. Brooks et al. insider) contributing to the identification of 37 specific vulnerabilities, such as inconsistent parameter validations, implicit sharing of privileged/confidential data, inadequate identification/authentication/authorisation and exploitable programme logic errors enabling circumvention of access control. Since the wireless cloud applications are device and location independent and compatible with many device types (including mobile and nomadic devices, phones, tablets, laptops, and network computers), it is important to understand the vulnerabilities to this infrastructure. The wireless grid Edgeware applications will use a cloud infrastructure to enable users to share and communicate with data wirelessly; however, managing security cyber-attacks and vulnerabilities in architecture assets are two fundamental challenges for any organisation (Onwubiko and Lenaghan, 2007). Additionally, the common exploits of security properties in virtualised computing environments and their security vulnerabilities from the perspective of cyber-attacks contributes to the combination of threats and vulnerabilities that Edgeware technology is exposed to. Research performed by Brooks (2014) identified six virtualisation cyber-attacks areas (i.e., footprinting, botnets, hypervisor, virtual code, virtual desktop infrastructure, others) with 24 specific attacks towards virtualisation technology contributing to the risks that involve unauthorised change and reception of malicious information stored in virtualised computing environments. This research recognised the importance of hypervisor attacks, which could be especially devastating within the cloud, if penetrated. A compromised hypervisor exposes all VMs on a single physical server to attack and hackers could use this as a launching point to access VM’s; initiate a DoS which could prevent a VM’s access to host resources such as CPU, memory, and devices; and delete or disable VM’s to prevent user access. Control of communications between VM’s would compromise the confidentiality, integrity, and availability of data exchanged across a virtual network. Through the identification of the cyber-attacks and vulnerabilities to these virtualised computing environments, the impact of integrating wireless grid Edgeware technology with virtualisation in a wireless cloud environment is realised. Finally, CNA research performed by Brooks et al. (2013) identified nine major categories of vulnerabilities (e.g., authentication, misconfiguration, information disclosure, cryptographic, DoS, hijacking, race condition, infrastructure and input manipulation) and 55 specific security vulnerabilities in a wireless grid Edgeware application called the GridStreamX Edgeware application; which could compromise communications between the user and the wireless cloud provider and could allow hackers to intercept data (e.g., passwords, encryption keys, and files); redirect web browsers to compromised sites (e.g., cross-site scripting [XSS], etc.); and impersonate applications on the virtual network (e.g., principal spoofing, etc.), thus inhibiting secure communications. The combination of threats and vulnerabilities illustrates the risks that this wireless grid Edgeware technology is exposed to. Since this technology plans to provide a more interoperable, scalable and flexible approach to provide ways for intelligent devices to provide communication, the research performed by Brooks (2014) Brooks et al. (2012a, 2012b) uncovered a significant high risk due to the number of vulnerabilities and its increase dependence on cloud and virtualisation technology making it an increasingly attractive target for hackers. Secure the edge? 205 6.1 Risk assessment5 As stated in NIST SP 800-30, a risk assessment is used to “identify, estimate, and prioritize risk to organizational operations (i.e., mission, functions, image, and reputation), organizational assets, individuals, other organizations, and the Nation, resulting from the operation and use of information systems” [NIST, (2012), p.1]. To understand the risk that wireless grids Edgeware technology posed in a virtualised cloud environment, a thorough risk analysis on each threat category to define the likelihood of an attack occurring, along with the consequence of what will happen if the attack occurs, was performed. The NIST SP 800-30 assessment framework was used because it was clear, concise and contained a sound approach to performing risk assessments. Additionally, the framework was originally developed by the Joint Task Force Transformation Initiative Interagency Working Group with representatives from the Civil, Defense, and Intelligence Communities (i.e., US Department of Defense [DoD], Office of the Director of National Intelligence, Committee on National Security Systems) in an ongoing effort to produce a unified information security framework (NIST, 2012). This framework also provided a solid description of information system level assessments and provides a succinct qualitative/quantitative nature in performing assessments during the risk management process for any organisation and/or information system. Using a qualitative and quantitative risk analysis approach, this research assessed wireless grid Edgeware technology from the identification of: 1 threats 2 vulnerabilities 3 likelihood 4 impact 5 countermeasures. The risk towards wireless grid Edgeware technology was expressed as a function of the likelihood of a given threat exploiting a given vulnerability, the magnitude of the impact should a threat successfully exploit a vulnerability and its data being attacked, and the adequacy and effectiveness of the security controls in place to protect the system. The adequacy of planned or existing security countermeasures was also accounted for when assessing the overall risk of a particular threat/vulnerability pair. If a potential threat was found to likely to exploit an identified vulnerability, the wireless grids Edgeware technology was subject to a certain level of risk. The assessment of the degree of that risk was based on the criticality of the wireless grid Edgeware technology is an organisational operating environment and the information that it would process and store and on the probability of loss of data or functionality due to the expected impact to the organisation’s operating environment. 6.2 Analysis In addressing the overall research question for this research – what security vulnerabilities enumerations would contribute to the degradation and risk in using a wireless grid Edgeware application in a virtualised cloud? – this research acknowledged 206 T. Brooks et al. that the security vulnerabilities towards wireless grid Edgeware technology is not difficult to identify and analyse. This is due to the fact that the data needed for this analysis is not too complex or hard to come by with the right tools, although the technology may be constantly changing. The data needed for this risk assessment required an in-depth understanding of hackers, their goals, objectives and an appreciation of the types of attack tools they use to perform cyber-attacks and vulnerability enumerations (e.g., BackTrack5 r3). The results of this research needed to be considered along with the vulnerabilities, cyber-attack and impact analysis’s in order to assess the overall risk in using wireless grids Edgeware technology. This coordinated analysis of risk, using all the risk components (e.g., threat, vulnerabilities, likelihood, impact, countermeasures) was accomplished by actively involving threat, vulnerability, likelihood and impact analysis, as well as those who will eventually be responsible for deriving insights into the ways to protect against cyber-attacks and developing effective ways to provide the requisite responses to those attacks. Having determined what threats are important and what vulnerabilities might exist to be exploited, it can be useful to estimate the likelihood and impact of the various possible risks. Likelihood determination indicates the probability that the vulnerability may be exercised given the threat and vulnerability and can be described as a rating of high, medium or low (NIST, 2012). In information security, ‘likelihood’ is a qualitative estimate of how likely a successful attack will be, based on analysis and past experience. Independent of likelihood and controls, the risk’s impact must be determined. That is, impacts are consequences that an organisation must face if there is a successful attack. The operational impact to the loss of information (or services) is essentially determined, by several factors determined by threats and vulnerabilities, by looking at what the ultimate operational impact might be, given that attacks of various types by various threats are successful (NIST, 2012). Therefore, the likelihood of successful exploitation is determined based on the resources required to exploit the vulnerability, the threat’s motivation and opportunity to do so (i.e., willingness), and the adequacy of the planned or existing security safeguards to repel the exploitation attempt. The magnitude of impact should a threat successfully exploit a vulnerability is determined based on the expected impact that an attack could cause and the planned or current countermeasures that would mitigate the impact. Together, likelihood and impact provide the overall risk in determining the likelihood of a cyber-attack occurring and its predicted degree of harm if the attack is successful. The findings from the wireless grid Edgeware application laboratory experiment further supported the research framework with the integration of the cyber-attacks identified from the wireless cloud and virtualisation research (Brooks, 2014). The likelihood and impact analysis used a systematic analytical approach that provided a straightforward description of wireless grids Edgeware being analysed and risk to using the application in an organisational setting. Research of this kind is significant to information security specialists who will be responsible for implementing and securing wireless grids Edgeware technology within their organisation. Understanding the threat and vulnerabilities will assist organisations in developing security policies to address this issue. In all, Brooks (2014) identified 116 cyber-attacks (i.e., wireless cloud – 37, virtualisation – 24, GridStreamX Edgeware application – 55), which suggested that a cyber-attack will occur upon implementation of wireless grid Edgeware technology over a period of time or as a percentage change of occurrence. This research used a qualitative Secure the edge? 207 and quantitative method of data analysis. To facilitate the analysis, the likelihood and impact factors were based on a subjective analysis of the relative priority of specific threat’s exploiting vulnerabilities from the researcher’s extensive experience in analysing cyber-attacks and performing vulnerability exploitations. The descriptive statistics, as displayed in Table 1, such as mean and standard deviation were used to describe the basic features of the data and to provide simple summaries about the risk from the data. Descriptive statistics from the wireless grid Edgeware risk assessment6 Table 1 Descriptive N Valid Missing Likelihood Impact 116 116 0 0 Mean 6.9138 6.9741 Std. error of mean 0.23918 0.24594 Median 8.0000 8.0000 8.00 8.00 Mode Std. deviation 2.57604 2.64891 Variance 6.636 7.017 Skewness –0.909 –0.843 Std. error of skewness 0.225 0.225 Kurtosis –0.373 –0.497 Std. error of kurtosis 0.446 0.446 Range 8.00 8.00 Minimum 2.00 2.00 Maximum 10.00 10.00 The sample of the likelihood and impact descriptive statistics displayed in Table 1 was calculated using IBM’s statistical package for social sciences (SPSS) v20 software. From the analysis, the mean of likelihood was 6.91 (n = 116) with a mean standard error of 0.239. The measure of dispersion of the likelihood in the study was determined through the range, minimum, maximum, standard deviation and variance. The range of the ‘likelihood’ value in the study was 8 (high) with a maximum value of 10 (very high) and a minimum of 2 (low), whereas the standard deviation of the likelihood was 2.576 and a variance of 6.636 (see Figure 3). The distribution of the values of the likelihood is asymmetrical and negatively skewed with a long tail to the left with a value of –0.909 with a standard error of 0.225. The shape of the distribution is flatter as shown by the kurtosis statistic with a value of –0.373 and a standard error of 0.446. On the other hand the mean of ‘impact’ is 6.97 (n = 116) with a mean standard error of 0.246 (see Figure 4). The range of the impact in the study was 8 (high) with a maximum value of 10 (very high) and a minimum of 2 (low). The standard deviation of the impact is 2.649 and a variance of 7.017. The distribution of the values of the impact is asymmetrical and negatively skewed with a long tail to the left with a value of –0.843 with a standard error of 0.225. The shape of the distribution is flatter as shown by the kurtosis statistic with a value of –0.497 and a standard error of 0.446. 208 T. Brooks et al. Figure 3 Likelihood histogram (see online version for colours) Figure 4 Impact histogram (see online version for colours) Secure the edge? 209 The analysis of descriptive statistics reveals that the mean interrelationship between the likelihood of the cyber-attack’s (6.91) and the mean interrelationship between of the impact of the cyber-attack’s (6.97) to be positive when multiplied (48.16)7 producing a ‘moderate’ risk determination from the NIST level of risk assessment scale. To explore this result further, the researcher compared means for the likelihood and impact across levels of risk. Starting with likelihood, the research shows its mean as being lower when evidence indicates the likelihood of discovering unintentional weaknesses lead to exploitable vulnerabilities. The reason being is because risk is the net negative impact of the exercise of a vulnerability considering both the probability and the likelihood of occurrence. The impact should be greater since the level of impact on organisational operations (including strategy, functions, image, or reputation), assets, or individual’s results from the likelihood of a cyber-attack. The likelihood of a cyber-attack occurring means it should be slightly lower when evidence indicates the likelihood of discovering unintentional weaknesses that can lead to exploitable vulnerabilities. In other words, the relationship amongst likelihood and impact is mutual. Since the standard errors for both likelihood (0.239) and impact (0.246) are small, the statistical estimates derived from the data are reasonably good. Additionally, the variance of the likelihood (6.636) and impact (7.017) are at least three standard deviations away from their means and indicates that the values are close to their respective means and close to the range identified within this study. This relation also appears to hold for the skewness and kurtosis. The asymmetrical and negative skewness of the left skewed distribution for both the likelihood and impact indicating that most of the risk assessment values are concentrated on the right of the mean, with extreme values to the left. The asymmetrical and negatively skewed kurtosis platykuritc distribution of both the likelihood and impact produced a flatter than a normal distribution with a wider peak indicating that the probability for extreme risk values is less than for a normal distribution, and the risk values are wider spread around the mean. While the researcher did not hypothesise these differences, they are somewhat diagnostic of the form of the researcher’s subjective judgement and provide a potentially fruitful area for future research. The ultimate worst case scenario of any security risk could potentially be a catastrophic loss to any organisation. However, such extreme worst case scenarios are not those that are experienced by the vast majority of organisations that are the victims of such security incidents. Therefore, as displayed in Figure 5, the cyber-attacks for this research was assessed using a likelihood and impact graph grouped into four quadrants: I threatening II high potential; not likely III less risky and likely IV likely; low potentially spanning four areas of consideration for alleviating the attacks: 1 mitigation 2 manage 3 monitor 4 make do. 210 T. Brooks et al. Thus, it is appropriate in looking at the 33 (28% of the total attacks identified) ‘threatening’ cyber-attacks (those considered ‘very high [8 attacks identified]’ and ‘high [25 attacks identified]’) that need ‘mitigation’ in order to avoid the realistic worst case losses that could be expected from these attacks. The obvious danger in overtly focusing on the threatening quadrant I attacks is that the 63 (54%) of ‘moderate’ attacks, which need to be ‘managed’, could be missed or given insufficient attention. The other 20 (17%) ‘less risky’ cyber-attacks (those considered ‘low [2 attacks identified]’ and ‘very low [18 attacks identified]’) would not pose a significant threat to an organisation. There is also an inherent difficulty in conceptualising these threatening attacks. By their very nature they are subjectively analysed and should they occur, they could rapidly overwhelm most systems using wireless grids Edgeware technology. Also, human perception being what it is, can also consider any security risk with potential safety or within the ‘manage’ range as intolerable, where security controls could be less than effective. Figure 5 The wireless grid Edgeware vulnerabilities likelihood and impact graph (see online version for colours) The consequence of a security risk can usually be expressed as a measure of loss. Impacts derived as part of this assessment were used to inform the determination of overall risk consequence. In reality, risk tolerance for using wireless grids Edgeware technology is likely to be exhibited as a gradient, where the risk may become increasingly less tolerable as the risk level is elevated. The various risks that have been identified and characterised through this research as ‘threatening’ or ‘moderate’ must be considered for mitigation. Secure the edge? 211 Mitigation of a risk means to change the architecture of the software or the business in one or more ways to reduce the likelihood or the impact of the risk. The cyber-attacks considered in the areas of ‘mitigate’ and ‘manage’ should first be addressed. For example, changing authentication mechanisms from user identification (userid) and password to pre-shared public key certificates can make it far more difficult to impersonate a user. Reducing the period of time that a vulnerability is available for exploit is another way to reduce the likelihood of a risk. For example, if the GridStreamX Edgeware application sessions expire after 10 minutes of inactivity, then the window of opportunity for session hijacking is about 10 minutes long. Ensuring that proper cryptography is incorporated in the design can also help, for example, when applied correctly. It is easier to detect corruption in encrypted data than in unencrypted data, and encrypted data is harder for a hacker to use if they get it – even if they receive via wireless communications. The high level number of cyber-attacks identified within the ‘mitigate’ and ‘mange’ quadrants could also be mitigated through the proper countermeasure implementations. Depending on the cost of making failure impossible through countermeasure correction, it may be much more cost effective to enable wireless grid Edgeware technology systems to detect and repair failure(s) quickly and accurately. For example, some of the exploits identified for the GridStreamX Edgeware application identified that the application is very temperamental and can crash when provided bad input and (for the sake of argument) cannot be modified or replaced. A focus on correction would be to add business logic to validate input and make sure that the GridStreamX Edgeware application never received input that it could not handle. In contrast, a focus on correction would be to add monitoring or other software to watch for the module to crash and try to restart the module quickly with minimal impact. Mitigation is never without cost. The fact that remediating these cyber-attacks costs money makes the risk impact determination step even more important. Mitigations can often be characterised well in terms of their cost to the business: man-hours of labour, cost of shipping new devices with the improved software, delay entering the market with new features because old ones must be fixed, etc. This ability to characterise the mitigation’s cost of wireless grid Edgeware technology, however, is of little value less the cost of the business impact is known. The overall ‘moderate’ risk determination from this analysis would applicable to those organisations utilising this software in less data sensitive environments where the communications and information that is transmitted would not be categorised as highly sensitive, confidential and/or classified. However, those organisations who information assets often take the form of databases, private credentials (e.g., social security numbers, userid, password, etc.), audit records, financial information (e.g., bank account numbers, etc.), intellectual property, and other vital business information (e.g., banks, investment firms, etc.), the same risk analysis would increase this risk determination to a ‘high’ or ‘very high’ level of risk due to the target value of the data from a hacker’s perspective and the numerous cyber-attacks identified within this research which could allow access to this data. Since all organisations incur risks, it is imperative that financial organisations and those entities that deal with highly classified data assign priorities to risks, ensure adequate budgets have been allocated to address risks and allow for the implementation as well as maintenance of appropriate risk-reducing controls. Risk management is not 212 T. Brooks et al. about eliminating and/or avoiding risks altogether, as this approach is typically cost prohibitive as well as time consuming, and thereby, not in the best interest of most stakeholders. The risks of this wireless grid Edgeware technology within these highly sensitive entities are inherent and/or inevitable; as such, the challenge stakeholders will have in implementing a risk management process to address this wireless grid Edgeware technology will be in finding the right balance between minimising the impact of serious risks and accepting a level of risk that will not adversely affect or impact the cost, schedule, and performance of the organisation. In the case of these types of organisations, confidentiality and integrity are very important, but if availability is negatively impacted via this technology, then the business impact may manifest in other ways, such as lost customers, failure to meet service level agreements (SLA), compromised data records, stolen identities, etc. In general, approaches to risk management for wireless grid Edgeware technology/systems and the development infrastructure that supports the production of those systems will have to focus largely on the implementation of security protocols and processes as reactive mechanisms in the operational virtualised cloud environment. Although those security technical mechanisms are evolving and becoming increasingly sophisticated, they are not sufficient to provide the strength of protection and resiliency that is needed in today’s complex and highly interconnected wireless grid Edgeware domain. This risk assessment is designed to be applied iteratively, first at a high level during the requirements definition stage of a wireless grid Edgeware system acquisition and later at lower, more detailed levels during a wireless grid Edgeware system design, implementation, and operations. The result is a more proactive methodology that builds in protective and resiliency mechanisms during acquisition and development. These mechanisms in turn provide increased assurance that the security features, practices, procedures, and architecture of a wireless grid Edgeware system are strong enough to mitigate all known operational risks, resulting in a residual risk that is small enough to be acceptable to the wireless grid Edgeware system and, ultimately, the intended users of this innovative technology. 6.3 Discussion The implications of wireless grids Edgeware applications are profound and will drive a shift in the fundamentals of new information systems design, operation, and management. This new technology will permit interoperability and connectivity between users and networks (e.g., the internet, cloud, ad hoc multi-user networks and private networks, etc.) by providing robust appliance interfaces permitting access to structured and unstructured data of every description. By adopting this new wireless grid Edgeware technology, organisations will become “dynamically flexible offering a higher degree of agility and responsiveness to emergent business requirements” (Armbrust et al., 2010). However, in the wireless grids Edgeware environment, hackers must be out manoeuvred rather than merely protected against. Organisations will need secure technology that blocks obvious access avenues and augment fixed safeguards with a more directed and dynamic defence. As a solution, one method is to ensure that the concept of ‘information assurance’ exist throughout an organisation looking to integrate wireless grid Edgeware applications. Information assurance consists of measures that protect and defend information and information systems by ensuring their availability, integrity, authentication, Secure the edge? 213 confidentiality, and non-repudiation (CNSS, 2010). These measures include providing for restoration of information systems by incorporating protection, detection, and reaction capabilities (CNSS, 2010). To address the information assurance component of ‘protection’ of wireless grids Edgeware technology in a secure virtualised cloud environment, first, persons responsible for Edgeware applications, the mobile and wireless devices and software/hardware for the virtualised cloud environment should undergo specific security awareness training. Protection means to apply network protection techniques to protecting the Edgeware application against attacks. This will support the identification of the risks and responsibilities associated with owning and operating the mobile devices using the application. Next, mobile and wireless devices running wireless grids Edgeware applications should undergo specific basic input/output system (BIOS) and operating system hardening procedures (e.g., remote connectivity to the device should be disabled where possible, only ports the application uses should be open, etc.). Firewalls and antivirus software should be installed and maintained on the device(s) running the wireless grid Edgeware application. Any credentials stored on the device(s) using wireless grid Edgeware applications should be encrypted, or all remote access from the device(s) to the enterprise wireless cloud network should be mediated via two (or three) factor authentication. This will minimise the opportunity for an unauthorised person in possession of a hacking device to be able to remotely access the network. Additionally, an intelligent platform management system should be incorporated within the wireless cloud network environment for further protection of device(s) and data. An intelligent platform management system would provide the automatic monitoring of performance indicators through wireless sensor data objects and the automatic selection of data routes for processing information. The potential of thousands of devices using wireless grid Edgeware applications distributed on various wireless cloud platforms is conceivable. As it is not possible to effectively monitor and manage these devices manually, an intelligentised platform management system could be employed to carry out automatic monitoring and management of the devices through wireless sensors. This way device failures and potential attacks in the environment could be detected and diagnosed immediately to ensure the stability of the system. Furthermore, in the wireless cloud, there could be sufficient routes for point-to-point transmissions of data, but because of the instantaneous requirement for information transmission, there is a need for high-speed selection of routes for data processing, which is impossible to be accomplished manually. This could be achieved through an automatic selection based on real-time monitoring of the quality of the various routes for faster data processing also using an intelligent platform management system. Since there could be a huge amount of information to transmit in a limited number of bandwidths, the system could also have the capability of allocating bandwidths automatically according to the state of flow of information. In regards to ‘detection’ of wireless grids Edgeware technology in a secure virtualised cloud environment, responsive capabilities using an intrusion detection system (IDS) should be performed. Detection means to make forecast of an issue warning against cyber-attacks. When intrusions are detected, the IDS will raise an alert and optionally implement some responsive action. Such action may involve the paging of a security administrator, reconfiguration of network devices, or performing a DoS attack against the attacking device (e.g., rogue AP for example). The incorporation of a responsive 214 T. Brooks et al. capability must be given careful consideration. If the IDS itself is to mount the response, it will advertise the presence of the detection system to a hacker. Likewise, if the response is initiated by the IDS, but via another network infrastructure component (e.g., the AP) for example, a hacker may leverage the responsive capability to target legitimate clients. For example, a hacker could spoof the media access control (MAC) of a legitimate client running the wireless grid Edgeware application and operate in AP mode; the responsive capability may then launch a DoS attack against that MAC address-effectively denying service to a legitimate client in the wireless cloud network. Additionally, intrusion detection components can be incorporated into deployed wireless grid Edgeware application devices. Incorporation of the detection system components within the wireless cloud would give the detection system access to a rich set of information, over and above that available to a separate, passive monitoring component. For example, a passive sniffer (or set of sniffers) that are capable consideration of the number and location of passive sniffers required to ensure the area of interest is adequately covered and techniques that are capable of effectively detecting wireless intrusions in a fully passive manner are required. A major disadvantage of incorporating the detection system components within the devices themselves is that updates, reconfiguration and the initial enrolment carry a significant management burden. Finally, for ‘reaction’, once a malicious entity (e.g., device, software, authorised user, etc.) or rogue AP has been detected from within the wireless grid Edgeware application and has gained access to the operational virtualised cloud network, an intrusion response system (IRS) may attempt to prevent the malicious entity from communicating with the network; or in the case where the intruder had deployed a rogue AP, prevent any legitimate stations from connecting to that device. Reaction means the capability of stopping or preventing the cyber-attack from spreading when the wireless Edgeware application is under attack. Once an intrusion (that is a violation of a security policy) has been detected, the IRS may wish to take responsive action to limit the capability of the intrusive behaviour to impact the wireless grid Edgeware application and its operating wireless cloud network. Responsive actions are designed to disable the attacking station or to prevent the progression of its intrusion. The most basic and crude method for disabling an intruder is to flood the target radio frequency with noise (e.g., radio jamming) or mount an attack on the clear channel assessment algorithm using by wireless stations (reference). In addition to low level responses, the coordination protocols of the MAC layer can also be manipulated. In particular, the virtual carrier sensing protocol employed by IEEE 802.11 devices can be exploited. By setting large media reservation values in ready-to-send (RTS) clear-to-send (CTS) exchanges, the network allocation vector (NAV) values of associated stations can be inflated and stations prevented from transmitting. Typically such responses would, however, result in DoS conditions for all wireless grid Edgeware application devices configured to use that frequency or channel. A board range of information assurance techniques and procedures will be needed to secure the wireless grid Edgeware application and its operating environment. The information assurance approaches identified here are to prevent or mitigate all threats towards wireless grid Edgeware applications, combined with concerns that implementation or configuration errors may diminish the effectiveness of the remaining security services and motivates the requirement to supplement these preventative measures with a capability to detect and respond to security relevant events. These security relevant events include not only cyber-attacks, but other violations of wireless security policies such as detecting when a mobile device leaves a wireless cloud active Secure the edge? 215 while simultaneously connecting to an otherwise secured wired network. Such a monitoring capability could also be used to provide assurance that the deployed wireless cloud was only adverting and using approved protocols and algorithms. Numerous wireless intrusion detection/response techniques will utilise sensor data to attempt to triangulate and locate the point from which a wireless hacker is operating. The accuracy of such techniques, given the vagaries of wireless communications, is a matter of debate. Given the highly dynamic nature of a wireless grid Edgeware applications and there virtualised operational environment, the use of a single information assurance parameter is unlikely to be reliable. Only when multiple techniques are combined can the number of cyber-attacks being attempted be constrained. From a risk management/security perspective, wireless grids Edgeware technology presents a unique set of challenges. First, compared to traditional network systems, the roles of the various components of a wireless grid are somewhat burred. For example, the grid UI (which provides a UI for access to certain ‘GRiDLET’ programmes) might in turn act as a requestor of another service (e.g., the CORE platform which manages the connectivity, security/permissions and communications between nodes on the network) that it relies on; it’s not well understand if the two components can both be requesters and provides to each other, and so on. Vulnerabilities tend thus to relate to the uncontrolled or careless interaction between components rather than to the behaviour of a well-bounded piece of software that can be monitored using standard techniques. A second difficulty typical of wireless grid Edgeware systems lies in the nature of the communications between components. Precise details of the protocols used become largely irrelevant. A cyber-attack exploits poorly defined or ambiguous semantics of the requests, erroneous parsing, lack of security checks, etc. Such exploits can only be possibly detected using payload analysis (e.g., deep packet inspection) which is computationally intensive and presents numerous issues on its own. Additionally, the wireless devices with Edgeware technology will be portable and will invariably be exposed to untrusted wireless environments. Monitoring and recording the types of interactions such a device enters into while it is away from its main environment is important. Depending on the nature of the interactions that the device is exposed to in those untrusted environments, it may be pertinent to restrict its capabilities when it returns to its main environment, until some degree of trust in the state of the device has been established. In this case, the risk of the environment not being capable of monitoring the events taking place over its wireless interface would not provide a detailed history of the interactions that the device has performed. Depending on the circumstances, the monitor may provide information about: the identity of the communicating parties; the particular protocols and algorithms used; and the volume of traffic, for example. By sharing the collected information about the interactions of the wireless device which occurred in untrusted environments with the main network (upon its return), the wireless grid Edgeware devices can provide an indication of its trustworthiness which may necessitate additional measures prior to the device being allowed to re-establish full functionality on its main network. Wireless grids Edgeware technology reliability and trustworthiness, including its network, operating systems and end-user protection, would also be a substantial concern. However, proper implementation of wireless grids Edgeware applications would depend on the accurate implementation of the countermeasures identified, the application’s ultimate purpose within an organisation, how that purpose ties into the organisation’s 216 T. Brooks et al. business activities and the proper development of security policies and procedures for the application. The continued use of literature and vulnerability exploitation’s would provide a constant process that regularly reevaluates the risks throughout an Edgeware application’s use. To this end, the current state of information assurance efforts with respect to wireless grid Edgeware technology was developed. This revealed that there are a number of security mechanisms available and that the need for wireless monitoring (i.e., IDP, IRS, intelligent development platforms, etc.) is needed to detect threats and cyber-attacks against wireless grids Edgeware technology. 7 Conclusions This research identified the potential threats and risk that wireless grids Edgeware technology poses to an organisational environment and how the use of this Edgeware technology introduces a range of cyber-attacks. Wireless grid Edgeware applications, as well as the wireless devices and architecture (which in many instances will be portable and invariably exposed to untrusted wireless cloud environments), may be targeted. The range of threats facing wireless grid Edgeware applications, when combined with the immaturity of secure wireless clouds, represents a real information security risk. A number of unmitigated threats and significant challenges remain to be addressed within wireless grids Edgeware technology and its devices operating in wireless cloud environments in general. Because of the erosion of tradition ‘secure’ perimeters or network boundaries (e.g., de-perimeterisation) of the wireless cloud networks, the demand for enforcing security is moving away from the network to the system and applications that run on it. The focus of hackers and security experts has moved away from just protecting the infrastructure to focusing on applications. This increases the requirements for secure end-points and methods for establishing mutual ‘trust’ between Edgeware technology systems, as well as establishing the requirement for secure applications and mobile application code. Therefore, the following proposed key future research directions are independent but interrelated; and while each can be conducted in isolation, they will each produce research outcomes that will be useful inputs into wireless grid Edgeware technology and future operating environments: 7.1 Secure wireless inadvertently enabled remote access Where a wireless capable device is connected to wireless grid Edgeware technology, via a remote wired network, there is the potential that the wireless interface of the device is enabled concurrent with the wired connection into the main network. If this situation arises, there is the possibility that a bridge between the wireless interface and the broadband interface providing connectivity to the main network could allow anyone within wireless range of the device, to connect to the main network. To counter this threat, further research on how the devices should be restricted via group policy, host-based wireless security software or some other administrative control from bridging interfaces is needed. If possible, the device should be configured in such a way that the simultaneous activation of the wired and wireless interface is not possible. Secure the edge? 217 7.2 Improved host-based configuration control and intrusion detection in a wireless cloud Within a wireless cloud environment utilising wireless grid Edgeware technology, both network and host devices must be protected. Improved protection of host devices requires research in two major areas: 1 host-based configuration control and environment 2 host-based intrusion detection capabilities for wireless grids Edgeware technology and wireless clouds. Further research on wireless grid Edgeware technology on improved host-based configuration control can ensure that the vulnerability surface of devices is minimised within a wireless cloud environment. The role of trusted computing hardware, specifically trusted platform modules (TPM) and mandatory access control frameworks (e.g., security enhances Linux [SE Linux]), in enforcing wireless-related security policies warrants investigation. The use of these techniques to enforce security boundaries in wireless grid Edgeware devices should also be researched and investigated to determine the extent to which they can mitigate device driver vulnerabilities (through domain separation) that can potentially be exploited to gain remote access to wireless grid Edgeware devices. 7.3 Power constrains in wireless clouds and Edgeware devices Wireless cloud deployments, in which wireless grid Edgeware devices and potentially mobile devices communicate directly with each other, are particularly appealing in environments where there is limited or no pre-existing communication infrastructure available – in disaster recovery scenarios, for example. The range of threats to communications and devices in wireless grid Edgeware and wireless cloud modes of deployment, while sharing a number of similarities with infrastructure-based modes of deployment, present unique challenges. The additional challenges that must be addressed in wireless grid Edgeware and wireless cloud environments include the fact that nodes in a wireless cloud environment are likely to be powered by batteries and therefore are power constrained. A reliance on a finite power source introduces a new avenue of cyberattacks, in which an attacker may attempt to drain power of one or more nodes in a wireless cloud network by having them unnecessarily transmit information. Another challenge with wireless cloud architectures is that, unlike infrastructure networks where all frames are directed to the AP, in wireless grid Edgeware and wireless cloud architectures, nodes need to maintain routing information. Not only do they need to maintain this information, but it is dynamically changing. This introduces the potential for hackers to manipulate and interfere with the routes over which frames are transmitted. Research to develop heuristic methods of providing power to these devices, where perhaps no security exists yet, is needed. In closing, as the hacking industry continues to grow unabated, security vulnerabilities have the potential to undermine any new technology’s capability to provide trust in the confidentiality, integrity and availability of information traversing in innovative technologies such as wireless grids Edgeware applications or wireless devices. Even with sound security policies, standards, practices and procedures, a steady flow of 218 T. Brooks et al. vulnerability exploitation catastrophes towards the wireless grids Edgeware technology could over time lead many to stop trusting the wireless grid Edgeware platform altogether. Understanding that wireless grid Edgeware technology creates risks and requires a rethinking – but not reinvention – of security controls and architecture. Many of the existing security models may not work with wireless grid Edgeware technology and the wireless cloud, and this research is advocating the reinvention of new security methods, in the context of wireless grid Edgeware technology. Organisations should consider the nature of wireless grid Edgeware technology and the need to place data, processes, applications, and services on systems that organisations do not own, nor control. However, with some forethought and planning, wireless grid-based systems can be just as secure, if not more secure, as traditional systems. References Armbrust, M., Fox, A., Griffith, R., Joseph, A.D., Katz, R., Konwinski, A., Lee, G., Patterson, D., Rabkin, A. and Stoica, I. (2010) ‘A view of cloud computing’, Communications of the ACM, Vol. 53, No. 4, pp.50–58. Bandyopadhyay, K., Mykytyn, P.P. and Mykytyn, K. (1999) ‘A framework for integrated risk management in information technology’, Management Decision, Vol. 37, No. 5, pp.437–445. Bernard, S. and Ho, S.M. (2009) ‘Enterprise architecture as context and method for designing and implementing information security and data privacy controls in government agencies’, in P. Saha (Ed.): Advances in Government Enterprise Architecture, pp.340–370, Information Science Reference, Hershey, PA, doi:10.4018/978-1-60566-068-4.ch015. BloomBecker, B. (1990) Spectacular Computer Crimes: What they are and how they Cost American Business Half a Billion Dollars a Year!, Dow Jones-Irwin, Homewood, IL. Borden, T., Hennessy, J. and Rymarczyk, J. (1989) ‘Multiple operating systems on one processor complex’, IBM Systems Journal, Vol. 28, No. 1, pp.104–123. Brooks, T. (2014) Edgeware Security Risk Management: A Three Essay Thesis on Cloud, Virtualization and Wireless Grid Vulnerabilities, Unpublished Doctoral thesis, Syracuse University, Syracuse, New York. Brooks, T. and McKnight, L. (2013) ‘Securing wireless grids: architecture designs for secure wiglet-to-wiglet interfaces’, International Journal of Information and Network Security (IJINS), Vol. 2, No. 1, pp.1–16. Brooks, T., Caicedo, C. and Park, J. (2012a) ‘Security vulnerability analysis in virtualized computing environments’, International Journal of Intelligent Computing Research, Vol. 3, Nos. 1/2, pp.277–291. Brooks, T., Robinson, J. and McKnight, L. (2012b) ‘Conceptualizing a secure wireless cloud’, International Journal of Cloud Computing and Services Science, Vol. 1, No. 3, pp.89–114. Brooks, T., Kaarst-Brown, M., Caicedo, C., Park, J. and McKnight, L. (2013) ‘A failure to communicate: security vulnerabilities in the gridstreamx edgeware application’, Proceedings of the IEEE 8th International Conference for Internet Technology and Secured Transactions (ICITST-2013), pp.521–528. Campbell, R.P. and Sands, G.A. (1979) ‘A modular approach to computer security risk management’, AFIPS Conference Proceedings, Vol. 48; 1979 June 4–7; New York, NY. Montvale, NJ: AFIPS Press; 1979: pp.293–304. Chakrabarti, A. (2007) Grid Computing Security, Springer-Verlag Berlin Heidelberg, New York, NY. Chan, H. and Perrig, A. (2003) ‘Security and privacy in sensor networks’, Computer, Vol. 36, No. 10, pp.103–105. Secure the edge? 219 Chen, Y., Paxson, V. and Katz, R. (2010) What’s New about Cloud Computing Security?, Technical Report UCB/EECS-2010-5, EE & CS Department, University of California at Berkeley. Cody, E., Sharman, R., Rao, R.H. and Upadhyaya, S. (2008) ‘Security in grid computing: a review and synthesis’, Decision Support Systems, Vol. 44, No. 4, pp.749–764. Committee on National Security Systems (CNSS) (2010) National Information Assurance Glossary, CNSS Instruction No. 4009 [online] http://www.cnss.gov/Assets/pdf/cnssi_4009.pdf (accessed 15 June 2010). Crockford, G. (1982) ‘The bibliography and history of risk management: some preliminary observations’, The Geneva Papers on Risk and Insurance, Vol. 7, No. 23, pp.169–170. Davis, A., Parikh, J. and Weihl, W.E. (2004) ‘Edgecomputing: extending enterprise applications to the edge of the internet’, Proceedings of the 13th International World Wide Web Conference on Alternate Track Papers & Posters, pp.180–187. Farsole, A.A., Kashikar, A.G. and Zunzunwala, A. (2010) ‘Ethical hacking’, International Journal of Computer Applications (IJCA), Vol. 1, No. 10, pp.14–20. Fenz, S., Ekelhart, A. and Neubauer, T. (2011) ‘Information security risk management: In which security solutions is it worth investing?’, Communications of the Association for Information Systems, Vol. 28, No. 1, p.5. Foster, I. (2002) ‘What is the grid?-a three point checklist’, GRIDtoday, Vol. 1, No. 6, pp.1–4. Foster, I., Kesselman, C., Nick, J.M. and Tuecke, S. (2003) Grid Computing: Making the Global Infrastructure a Reality, John Wiley & Sons, Inc., Hoboken, NJ. Foster, I., Kishimoto, H., Savva, A., Berry, D., Grimshaw, A., Horn, B., Maciel, F., Siebenlist, F., Subramaniam, R., Treadwell, J. and Reich, J.V. (2006) ‘The open grid services architecture, version 1.5’, gfd-i.080 ed., Global Grid Forum, [online] http://forge.gridforum.org/ projects/ogsa-wg (accessed 1 June 2010). Foster, I., Zhao, Y., Raicu, I. and Lu, S. (2008) ‘Cloud computing and grid computing 360-degree compared’, Proceedings of the IEEE Grid Computing Environments Workshop (GCE’08), pp.1–10. Garcés-Erice, L. and Rooney, S. (2012) ‘Secure lazy provisioning of virtual desktops to a portable storage device’, Proceedings of the 6th international workshop on Virtualization Technologies in Distributed Computing Date, pp.45–52. Garfinkel, S. (2007) ‘Commodity grid computing with Amazon’s S3 and EC2’, USENIX, Vol. 32, No. 1, pp.7–13. Gelbstein, E. and Kamāl, A. (2002) ‘Information insecurity: a survival guide to the uncharted territories of cyber-threats and cyber-security, vol. 1’, United Nations ICT Task Force and the United Nations Institute for Training and Research. New York, NY. Goh, S., Pang, H., Deng, R. and Bao, F. (2006) ‘Three architectures for trusted data dissemination in edge computing’, Data & Knowledge Engineering, Vol. 58, No. 3, pp.381–309. Goldberg, R. (1973) Architectural Principles for Virtual Computer Systems, PhD dissertation, Harvard University, Massachusetts. Gortney, W.E. (2012) Joint Publication 1-02: Department of Defense Dictionary of Military and Associated Terms, US Department of Defense, Washington, D.C. Grobauer, B., Walloschek, T. and Stocker, E. (2011) ‘Understanding cloud computing vulnerabilities’, IEEE Security & Privacy, Vol. 9, No. 2, pp.50–57. Gruschka, N. and Jensen, M. (2010) ‘Attack surfaces: a taxonomy for attacks on cloud services’, Proceedings of the IEEE 3rd International Conference on Cloud Computing (CLOUD 2010), pp.276–279. Hansman, S. and Hunt, R. (2005) ‘A taxonomy of network and computer attacks’, Computers & Security, Vol. 24, No. 1, pp.31–43. Hartmann, B., Doorley, S. and Klemmer, S.R. (2008) ‘Hacking, mashing, gluing: understanding opportunistic design’, IEEE Pervasive Computing, Vol. 7, No. 3, pp.46–54. 220 T. Brooks et al. Horrigan, W. (1969) Risk, Risk Management and Insurance, Withdean Publications, Hove. Jajodia, S., Noel, S. and O’Berry, B. (2005) ‘Topological analysis of network attack vulnerability’, Managing Cyber Threats, Vol. 5, No. 2005, pp.247–266. Jansen, W.A. (2011) ‘Cloud hooks: security and privacy issues in cloud computing’, Proceedings of the 2011 44th Hawaii International Conference on System Sciences (HICSS ‘11), pp.1–10. Jordan, T. and Taylor, P. (1998) ‘A sociology of hackers’, The Sociological Review, Vol. 46, No. 4, pp.757–780. Kaarst-Brown, M.L. and Robey, D. (1999) ‘More on myth, magic and metaphor: cultural insights into the management of information technology in organizations’, Information Technology & People, Vol. 12, No. 2, pp.192–218. Kotsovinos, E. (2010) ‘Virtualization: blessing or curse?’, Queue, Vol. 8, No. 11, p.40. Lang, B., Foster, I., Siebenlist, F., Ananthakrishnan, R. and Freeman, T. (2006) ‘A multipolicy authorization framework for grid security’, Proceedings of the Fifth IEEE International Symposium on Network Computing and Applications (NCA ‘2006), pp.269–272. Lee, W., Squicciarini, A.C. and Bertino, E. (2011) ‘Detection and protection against distributed denial of service attacks in accountable grid computing systems’, Proceedings of the 2011 11th IEEE/ACM International Symposium on Cluster, Cloud and Grid Computing (CCGrid‘2011), pp.534–543. Lin, Y., Kemme, B., Patino-Martinez, M. and Jimenez-Peris, R. (2007) ‘Enhancing edge computing with database replication’, Proceedings of the 26th IEEE International Symposium on Reliable Distributed Systems (SRDS 2007), pp.45–54. Löhr, H., Ramasamy, H.G., Sadeghi, A.R., Schulz, S., Schunter, M. and Stüble, C. (2007) ‘Enhancing grid security using trusted virtualization’, Lecture Notes in Computer Science, Autonomic and Trusted Computing, Vol. 4610, pp.372–384. McKnight, L., Bose, T., Marsden, J., Nanno, E., Treglia, J., Volos, H., Chen, X., Sharma, P. and Ma, X. (2012) Open Specifications for Wireless Grids Technical Requirements, Version 0.1, L. McKnight (Ed.), pp.1–22, Wireless Grids Testbed, Syracuse University, Syracuse, NY, [online] http://www.wigitsu.org/open-spec-1.html (accessed 26 March 2012). McKnight, L., Marsden, J., Treglia, J., Nanno, E., Hameed, A. and Lu, Y. (2013) edited by L. McKnight, Open Specifications for Wireless Grids Technical Requirements, Version 0.2, pp.1–45, Syracuse University. McKnight, L.W., Howison, J. and Bradner, S. (2004) ‘Guest editors’ introduction: wireless grids – distributed resource sharing by mobile, nomadic, and fixed devices’, IEEE Internet Computing, Vol. 8, No. 4, pp.24–31. Mehr, R. and Hedges, B. (1963) Risk Management in the Business Enterprise, Irwin Publishers, Homewood, IL. National Institute of Standards and Technology (NIST) (2012) Guide for Conducting Risk Assessments, NIST Special Publication [online] http://csrc.nist.gov/publications/drafts/800-30rev1/SP800-30-Rev1-ipd.pdf (accessed 11 September 2012). Onwubiko, C. and Lenaghan, A.P. (2007) ‘Managing security threats and vulnerabilities for small to medium enterprises’, Proceedings of the 2007 IEEE Intelligence and Security Informatics, pp.244–249. Padmavathi, D.G. and Shanmugapriya, M. (2009) ‘A survey of attacks, security mechanisms and challenges in wireless sensor networks’, International Journal of Computer Science and Information Security, Vol. 4, Nos. 1/2, pp.1–9. Pang, H. and Tan, K. L. (2004) ‘Authenticating query results in edge computing’, Proceedings of the 20th IEEE International Conference on Data Engineering, pp.560–571. Perry, T.S. and Wallich, P. (1984) ‘Can computer crime be stopped?’, IEEE Spectrum, Vol. 21, No. 5, pp.34–45. Rajanna, P. and Gyani, J. (2012) ‘A comparative study of cloud and grid computing security solutions’, International Journal of Computer Science and Electronics Engineering, Vol. 2, No. 1, pp.1–8. Secure the edge? 221 Raymond, D.R. and Midkiff, S.F. (2008) ‘Denial-of-service in wireless sensor networks: attacks and defenses’, IEEE Pervasive Computing, Vol. 7, No. 1, pp.74–81. Rehana, J. (2009) Security of Wireless Sensor Network, TKK-CSE-B5, University of Technology, Helsinki. Ristenpart, T., Tromer, E., Shacham, H. and Savage, S. (2009) ‘Hey, you, get off of my cloud: exploring information leakage in third-party compute clouds’, Proceedings of the 16th ACM conference on Computer and Communications Security, pp.199–212. Saha, S., Jamtgaard, M. and Villasenor, J. (2001) ‘Bringing the wireless internet to mobile devices’, Computer, Vol. 34, No. 6, pp.54–58. Schmit, J.T. and Roth, K. (1990) ‘Cost effectiveness of risk management practices’, Journal of Risk and Insurance, Vol. 57, No. 3, pp.455–470. Sen, B. (2004) ‘Cybermetrics-meaning, definition, scope and constituents’, Annals of Library and Information Studies, Vol. 51, No. 3, pp.116–120. Sheldon, T. (2012) Edge Devices [online] http://www.Linktionary.com (accessed 1 March 2012). Sloman, M. (1994) ‘Policy driven management for distributed systems’, Journal of Network and Systems Management, Vol. 2, No. 4, pp.333–360. Smith, A.D. and Rupp, W.T. (2002) ‘Issues in cybersecurity; understanding the potential risks associated with hackers/crackers’, Information Management & Computer Security, Vol. 10, No. 4, pp.178–183. Thomas, D. (2003) Hacker Culture, University of Minnesota Press, Minneapolis, MN. Tipton, H.F. (2010) Official (ISC)2 guide to the cissp cbk, 2nd ed., Auerbach Publications, Boca Raton, FL. Treglia, J., Ramnarine-Rieks, A. and McKnight, L. (2010) ‘Collaboration in a wireless grid innovation testbed by virtual consortium’, Networks for Grid Applications, Vol. 25, pp.139–146. Treglia, J.V., McKnight, L.W., Kuehn, A., Ramnarine-Rieks, A.U., Venkatesh, M. and Bose, T. (2011) ‘Interoperability by ‘edgeware’: wireless grids for emergency response’, Proceedings of the 2011 44th Hawaii International Conference on System Sciences (HICSS), pp.1–10. Tsai, H.Y., Siebenhaar, M., Miede, A., Huang, Y. and Steinmetz, R. (2012) ‘Threat as a service?: Virtualization’s impact on cloud security’, IT Professional, Vol. 14, No. 1, pp.32–37. Tutănescu, I. and Sofron, E. (2003) ‘Anatomy and types of attacks against computer networks’, Proceedings of the Second RoEduNet International Conference, pp.265–270. Tyagi, N.K. and Vyas, A. (2008) ‘Data security from malicious attack: computer virus’, Proceedings of the BVIM Indiacom2010 (Track 2: Web Technologies, Computer Networks & Information Security [G-III]) National Conference, pp.1–10. Van Cleeff, A., Pieters, W. and Wieringa, R. (2009) ‘Security implications of virtualization: a literature study’, in Proceedings of the International Conference on Computational Science and Engineering (CSE ‘09), Vol. 4, No. 3, pp.353–358. von Hippel, E. and Paradiso, J.A. (2008) ‘User innovation and hacking’, IEEE Pervasive Computing, Vol. 7, No. 3, pp.66–69. Von Solms, R. (1999) ‘Information security management: why standards are important’, Information Management & Computer Security, Vol. 7, No. 1, pp.50–58. Wallner, J. (2008) ‘Cyber risk management. encyclopedia of quantitative risk analysis and assessment’, Wiley Online Library, Cyber Defense Agency [online] http://onlinelibrary.wiley.com/doi/10.1002/97804700 (accessed 1 March 2012). Whiteside, T. (1978) Computer Capers: Tales of Electronic Thievery, Embezzlement, and Fraud, Crowell, New York, NY. Whitman, M.E. and Mattord, H.J. (2011) Principles of Information Security, Course Technology Learning, Boston, MA. Wiener, N. (1948) Cybernetics, Hermann, Paris. 222 T. Brooks et al. Williams and Heins (1964) Risk Management and Insurance, McGraw Hill, New York, NY. Wilson, C. (2003) ‘Computer attack and cyberterrorism: Vulnerabilities and policy issues for congress’, in Linden, E. (Ed.): Focus on Terrorism, Vol. 9, pp.1–42. Yi, S., Naldurg, P. and Kravets, R. (2001) ‘Security-aware ad-hoc routing for wireless networks’, Proceedings of the Second ACM International Symposium on Mobile Ad Hoc Networking & Computing (MobiHoc ‘01), pp.299–302. Notes 1 2 3 4 5 6 7 View publication stats A node is a point of entry into a network or a point of connection in the network (Newton, 2013). The framework used for this research is based off the NIST Special Publication 800-30 Revision 1 ‘Guide for Conducting Risk Assessments’. http://www.ahdictionary.com/word/search.html?q=risk. http://dictionary.reference.com/browse/cyber?s=t. Complete risk assessment and cyber-attack identification in Brooks (2014). The terms likelihood and impact, as it pertains to this research, is not likelihood or impact in the strict sense of the term; rather, it is a likelihood and risk value (score). The researcher does not define a likelihood or impact function in the statistical sense; instead, the researcher assigned a value (or likelihood/impact assessment) based on available research evidence from the NIST 800-30 guidance, experience, and expert subjective judgement. The amalgamation of factors such as motivation, intent, and capability thus could be used to produce a value representing the likelihood of a cyber-attack and the impact of these threats. The amalgamation of attributes, such as capability and vulnerability severity, could be used to produce a value representing the likelihood and impact of adverse impacts. The incorporation of these values was used to produce the overall likelihood and impact values. Risk is a function of the likelihood of a threat event’s occurrence multiplied by the potential adverse impact should the event occur, which can be computed as: Risk = Likelihood times Impact (R = L*I) (NIST, 2012).