The usage of Big Data for security management represents a significant advance in terms of both methodology and technology for any service platform dealing with cyber and physical security, especially in the financial sector. The FINSEC platform is a layered microservice architecture specifically designed to manage alerts and incidents from different sensors within financial critical infrastructures, while aggregating and filtering alarms to produce and react to cyber and physical threats. Analytics systems and tools can significantly reduce the time needed for correlating, consolidating, and contextualizing diverse security events exploiting the functionalities provided by Big Data Layer. FINSEC Big Data Layer provides a complete stack that supports the analytics and prediction algorithms of the FINSEC platform, managing the historical and real data of the security, the knowledge base and the description of the assets, being completely scalable, adaptable to realtime and high performance to different applications.
FINSEC BigData Architecture
FINSEC will facilitate the analysis and sizing of data-driven applications thanks to basic interface services provided by its Big Data Layer; in particular it deals with long-term historical data to produce new patterns and schemas of asymmetrical attacks. This will respond to the critical needs related to data within the project, since FINSEC will be a platform entirely based on data-intensive applications. All the decisions taken by the platform will be based on data analysis and data monitoring; moreover, FINSEC aims at offering to private and public organizations a “Data as a Service” partnership.
The FINSEC Big Data Layer is actually implemented in a modular microservice architecture including an Analytic Search Engine (Elasticsearch), a Security Data Base (NoSQL DB, implemented in scalable MongoDB) and a Model & Knowledge Base with full set of API to support enhanced CRUD operations. All the operations on data are based on the FINSEC-centered FINSTIX data model.
By Tommaso Zerbi, GFT