Clearwater Beach, FL, USA USA
Oct. 22, 2012 to Oct. 25, 2012
Network Disaster Recovery research has examined behavior of networks after disasters with an aim to restoring normal conditions. In addition to probable loss of connectivity, a disaster scenario can also lead to security risks. However, network security has been examined extensively under normal conditions, and not under conditions that ensue after disasters. Therefore, security issues should be addressed during the period of chaos after a disaster, but before operating conditions return to normal. Furthermore, security should be assured, while still allowing access to the network to enable public communication in order to assist in disaster relief efforts. In general, the desire to help with public assistance requires opening up access to the network, while security concerns add pressure to close down or limit access to the network. In this study, we show that the objectives of availability and confidentiality, two objectives that have not previously been considered together in disaster scenarios, can be simultaneously achieved. For our study, we evaluated six wireless devices with various network configurations, including a laptop, a Kindle Fire e-reader, an Android tablet, a Google Nexus phone, an IP camera, and an Apple TV, to approximate behaviors of a communication network under a disaster scenario. Actual data leakage was tracked and observed for these devices. To the best of our knowledge this has not previously been examined in a systematic manner for post-disaster scenarios. After illustrating the data leakage of various devices, we analyze the risk associated with the various types of leakage. Moving private traffic to a VPN would free the physical network for use as a public resource.
Internet, Protocols, Security, Portable computers, Linux, Google, Post-Disaster Network Security, Data Leakage, Network Disaster Recovery, Availability, Confidentiality
"Plugging the leaks without unplugging your network in the midst of Disaster", LCN, 2012, 38th Annual IEEE Conference on Local Computer Networks, 38th Annual IEEE Conference on Local Computer Networks 2012, pp. 248-251, doi:10.1109/LCN.2012.6423620