CDIX The Devils in the Details Les Owens

  • Slides: 16
Download presentation
CDIX: The Devils in the Details • Les Owens – Horizontal Fusion Management Team

CDIX: The Devils in the Details • Les Owens – Horizontal Fusion Management Team • • NDIA Conference – Denver 24 March 2004

“The secret of success is constancy to purpose. ” Benjamin Disraeli, 1804 - 1881

“The secret of success is constancy to purpose. ” Benjamin Disraeli, 1804 - 1881 British Prime Minister and novelist Page 2

Outline • • Introduction to Cross-Domain – the Challenge Statement of Need – Warfighter

Outline • • Introduction to Cross-Domain – the Challenge Statement of Need – Warfighter example Some of the Challenges – the Devils in the Details Key CDIX Security Requirements Tactical Scenario – Data to and from the Warfighter The Horizontal Fusion CDIX Strategy Vision for Cross-Domain Information Exchange Discussion Page 3

Cross-Domain Information Exchange Coalition Unclassified JWICS CDIX SIPRNET Page 4

Cross-Domain Information Exchange Coalition Unclassified JWICS CDIX SIPRNET Page 4

Statement of Need – Warfighter Example Self-configuring, dynamic, mobile ad hoc network (MANET) connecting

Statement of Need – Warfighter Example Self-configuring, dynamic, mobile ad hoc network (MANET) connecting soldiers and sensors Satellite link provides TACLANE link encryption to tactical unit Tactical nodes are commercial IEEE 802. 11 g radios with ad hoc networking software operating to allow dynamic configuration All connections protected using embedded cryptography Note: 802. 11 is commercial “Wi. Fi. ” Page 5

Some of the Challenges – the Devils in the Details • • Understanding the

Some of the Challenges – the Devils in the Details • • Understanding the security policies that dictate requirements for CDIX Understanding technical security countermeasures that must be deployed in an environment Understanding how new and evolving standards and technologies can address the problem Determining how potential existing and emerging solutions for automated CDIX can be used Developing an architectural solution and CONOPS in a particular environment Placement of security functions and performance Time required for security testing and C&A Breaking away from “the way its been done” Page 6

Key CDIX Security Requirements • Malicious Code Detection must be performed § To prevent

Key CDIX Security Requirements • Malicious Code Detection must be performed § To prevent and detect viruses, logic bombs, worms, etc. • Metadata tagging with security labels • Digital signature application and verification § Provision of Cryptographic integrity § Provision of Cryptographic authentication • Preventing and detection unauthorized activity • Mobile Code Verification must be performed Page 7

Tactical Scenario – to and from the Warfighter Classified Environment Unclassified Environment PL Sensors

Tactical Scenario – to and from the Warfighter Classified Environment Unclassified Environment PL Sensors HFPFI LFN P 3 Collatera l Space Army CSN SIPRNET TG troops IFIS LFN NGIS PL Sensors Page 8

CDIX for Tactical Environment Taxonomy for Cross-Domain Information Exchange in the Tactical Environment Manual

CDIX for Tactical Environment Taxonomy for Cross-Domain Information Exchange in the Tactical Environment Manual Approach Automatic Approach Unclassified SIPRNet Platoon leader gets information on MANET PDA and posts information to Collateral Space with web-services terminal and application Platoon leader gets Web-services terminal and Fusion Node Gateway information from Collateral delivers to Collateral Space application and delivers to Space with web-services MANET PDAs using web-services terminal and application and delivers to MANET PDAs Unclassified SIPRNet Page 9

HF CDIX Strategy – Two. Pronged Approach Fast Action – Bottomsup Approach Near-term/QL-2 5

HF CDIX Strategy – Two. Pronged Approach Fast Action – Bottomsup Approach Near-term/QL-2 5 months “Design Team” Path 1 “Tiger Team” Path 2 Fast Action – Top-down Approach Develop an achievable CDIX solution for part of cross-domain problem • Unclassified to SIPRNET • Coalition to SIPRNET • Limited, high priority data types • Automated [Note: will create value for the warfighter in the near-term] QL-2 and Beyond 8 -10 months CDIX Evolution Path 1 will leverage web-services and existing, known CDS solutions to provide partial solution for nearterm (QL-2) Path 2 will aggressively explore Content Staging CDIX solution and emerging CDS solutions to provide partial solution for beyond QL-2 – leveraging other Do. D CDIX efforts and NCES Page 10

Key Points About Strategy • • • Provides a two-pronged approach for near-term and

Key Points About Strategy • • • Provides a two-pronged approach for near-term and longer term Provides a path that is limited in scope and therefore achievable for this year – does not try to “boil the ocean” Will show significant value for the warfighter Is evolutionary in nature – towards the CDIX vision Will capitalize on our learning process Will capitalize on the maturation process of technology and policy Page 11

CDIX Evolution 2007 2006 2005 2004 2003 2002 Full CDIX Vision CDIX Solution for

CDIX Evolution 2007 2006 2005 2004 2003 2002 Full CDIX Vision CDIX Solution for more of problem CDIX Solution for part of problem Air-gap Page 12

Vision for Cross-Domain Information Exchange Domain 1 Robust, interoperable PKI and ubiquitous certificates Tagged

Vision for Cross-Domain Information Exchange Domain 1 Robust, interoperable PKI and ubiquitous certificates Tagged Data Do. D PKI Single Net SIPRNET Full complement of SOAP/XML services and security features Domain 2 Enhanced security and intelligent boundary devices Page 13

“Some men see things as they are and say why. I dream things that

“Some men see things as they are and say why. I dream things that never were and say why not. ” Robert Kennedy, 1925 - 1968 Senator and Presidential Candidate Page 14

Presenter Information Leslie D. Owens (Les) Horizontal Fusion Management Team / Booz Allen Hamilton,

Presenter Information Leslie D. Owens (Les) Horizontal Fusion Management Team / Booz Allen Hamilton, Wireless Security Lead 703/902 -7091 (office) 703/980 -3877 (cellular) Owens_les@ bah. com (email) Page 15

Discussion

Discussion

The Devils Disciple About The Devils Disciple isThe Devils Disciple About The Devils Disciple is
DEVILS FOOTPRINTS LEARNING OBJECTIVES To use the DevilsDEVILS FOOTPRINTS LEARNING OBJECTIVES To use the Devils
Yellow House Name Selection Jesse Owens Jesse OwensYellow House Name Selection Jesse Owens Jesse Owens
Colour Order Systems Dr Huw Owens Huw OwensColour Order Systems Dr Huw Owens Huw Owens
Colour Mixing Dr Huw Owens Huw Owens UniversityColour Mixing Dr Huw Owens Huw Owens University
Jesse Owens Jesse Owens Living With A ChangedJesse Owens Jesse Owens Living With A Changed
Jesse Owens Jesse Owens John 14 6 IJesse Owens Jesse Owens John 14 6 I
The Devils in the Details Strategies and TacticsThe Devils in the Details Strategies and Tactics
ParentGuardian Details Childs Details Recreation Registration Form 20112012ParentGuardian Details Childs Details Recreation Registration Form 20112012
Cooper Part III Interaction Details Design Details ControlsCooper Part III Interaction Details Design Details Controls
TCP Details Introduction to Networking Netprog TCP DetailsTCP Details Introduction to Networking Netprog TCP Details
Supporting Details 10 Steps THREE Supporting Details SupportingSupporting Details 10 Steps THREE Supporting Details Supporting
Major and Minor Details An introduction Supporting DetailsMajor and Minor Details An introduction Supporting Details
InternalExternal Character Details External Character Details External happensInternalExternal Character Details External Character Details External happens
The details tag details Name Fatima Shabia DateThe details tag details Name Fatima Shabia Date