1 / 15

An Open Architecture/Open Business Model Solution for Multi-Level Collaborative Environment Kent Lindell Todd Maxcy

An Open Architecture/Open Business Model Solution for Multi-Level Collaborative Environment Kent Lindell Todd Maxcy. Military Aviation Architecture Conference  September 21-22, 2010. RCC-2825( 1 ). Mission Integration Systems. Capabilities. Key Solutions and Programs.

esma
Télécharger la présentation

An Open Architecture/Open Business Model Solution for Multi-Level Collaborative Environment Kent Lindell Todd Maxcy

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. An Open Architecture/Open Business Model Solution for Multi-Level Collaborative Environment Kent Lindell Todd Maxcy Military Aviation Architecture Conference  September 21-22, 2010 RCC-2825(1)

  2. Mission Integration Systems Capabilities Key Solutions and Programs • Mission systems engineering and integration • High assurance and mission critical software and hardware • High performance computing • Platform integration • Mission planning and management systems • Training and simulation systems • Unique production and repair • Advanced Mission Computers • Common Display System (CDS) • Common Network Interface (CNI) • Data Storage Systems • Joint High Speed Vessel (JHSV) • Independence-Class Littoral Combat Ship (LCS) • SSBN / SSGN Weapon System • Submarine Weapon Control System (WCS) and Tactical Control System (TCS) • Surface Electronic Warfare Improvement Program (SEWIP)

  3. General Dynamics C4 Systems: Platform Security SolutionsCyber and Mission Assurance solutions “Core-to-Edge” • High assurance security solutions for all warfightingplatforms • System security engineering • Security architecture, design, and Integration • Risk management • Certification and accreditation • NSA Type 1, FIPS 140-2 • DIACAP, NISCAP, DoDIIS, SABI/TSABI • Unified Cross-Domain Management Office • ST&E and CT&E testing • System anti-tamper (AT) • Key products and technologies • Multi-level and cross-domain network solutions • Data-at-rest encryption • Key and identity management solutions • Avionics and tactical Comms encryption • High-speed IP (HAIPE), ATM, and SONET encryptors • Family of Advanced Core Cryptographic Technologies (FAC2T) Security For: Products Networks Platforms Operation Centers

  4. Transition to Net-Centric Collaborative Warfare Traditional Warfare Collaborative Warfare • Support for IP data links and MANET • Support for link translations • Support for computer network defense • Support for QoS and traffic management • Support of collaborative warfare applications • Support for service oriented architectures • Support for border services and network aware applications • Support of multi-level security • Need to protect legacy environment • Support for HAIPE Black Networks SNAP enables collaborative tactical network operations and assured interoperability

  5. Secure Network Architecture and Processing (SNAP) Introduction • SNAP provides a robust high assurance information assurance infrastructure • Provide a MLS Network supporting MILS/MLS processing • Based on secure labeling which is cryptographically bound • Core Trusted Security Engine (TSE) is reused across the multiple security elements providing mandatory access control • SNAP benefits • Provides Open Architecture/Open Business model • Allows applications to be ported without the knowledge of underlying security • Leverages COTS industry investment • Reduce system costs • Reduced certification costs and risks • Low SWaP • Scalable solution • Provides a very flexible IA infrastructure

  6. SNAP Guiding Principles High assurance infrastructure that is: certifiable, configurable, and scalable

  7. Security Segregation Enables a Cost Effective IA Infrastructure • Information Assurance Segregation • COTS/NDI base cards provide basic functionality • High assurance functions provide by separate composable, loosely coupled HW and SW elements. Coupling to COTS occurs over open interfaces • Allows evolutionary, scalable approach and minimizes recertification costs • Can add / upgrade processing elements with mitigated impact to deployed systems Open Network Interface Black Router & Link Controller MLS NIC MLS HAIPE COTS Processor COTS Processor MILS & MLS Processing MLS NIC Open Platform Interface MLS NIC MLSSwitch COTS Processor COTS Processor Platform CDS Platform CDS I/O Module I/O Mezz Legend: COTS/NDI High Assurance (HA) Platform Customized

  8. Scalable and Configurable for Airborne, Sea, Land, and Undersea HA Composable Components Tactical Platforms Command and Control MLS NIC MLS Switch MLS HAIPE® 5th Generation Platforms Small Form Factor Architecture must be scalable, configurable, reprogrammable and flexible to support the legacy to net-centric mission

  9. Secure Network Architecture and Processing • Flexible approaches for new solutions or major modifications • Scalable processing • Scalable mass memory • Virtualized processing functions • MLS NIC and MLS Switch • Labeled IP Option • Significant SWaP Benefit • Enabler for Support of High Number of Security Enclaves • Computer Network Defenses • (IPS, Firewalls) • SOA Components • Translations Software • Network Management • Secure OS Agnostic • Processor Agnostic – x86 or PPC • Maximizes the Processing Efficiency • Reduction in costs by consolidation of processors High Assurance Multi-Level Platform Solutions: Certifiable Configurable Scalable • Cross Domain Solution • Guards, Diodes, Graders, Down Graders • Necessary for moving data into MLS Applications • Transfers data from System High to Multi-Level Environment • Tactical Browser • Encrypted Storage • Minimal Declassification Time • Supports mobile classified data

  10. Secure Network Architecture and Processing Notional Tactical Implementation • Adding net-centric computingto legacy platforms • Net-centric applications • IP-based functions enable cross platform translation • Distribution of data increases effectiveness • Minimize impact to legacy platforms • Net-Centric applications can be supported with the supplemental processing • Scalable functions • SNAP architecture enables control points for computer network defense • SNAP is an evolutionary, high-speed, low-latency, multi-level solution

  11. Notional “Wide Body” C-2 Platform Implementation • Support for legacy networks • Can incrementally add multi-level infrastructure • Can leverage existing capabilities • Support for sensors and roll-on pallets • Can support single level or multi-level roll-on applications by setting MLS Switch security policy appropriately • Can support single level legacy sensors or new multi-level sensor by setting security policy appropriately

  12. SNAP Supports Spiral Security Insertionsto Support Fiscal Constraints Open Network Interface Router & Link Controller Open Network Interface Black Router & Link Controller MLS HAIPE COTS Processor COTS Processor COTS Processor COTS Processor Open Platform Interface Open Platform Interface Switch MLS Architected-System High Moderate Collaboration Warfare MLSSwitch Open Network Interface Black Router & Link Controller COTS Processor COTS Processor MLS NIC MLS HAIPE MILS & MLS Processing Platform CDS Platform CDS COTS Processor ADD: MLS HAIPE, MLS Switch, HA Control Interface Software COTS Processor COTS Processor COTS Processor MILS & MLS Processing I/O Module MLS NIC Open Platform Interface Legend: Legend: Legend: MLS NIC COTS/NDI High Assurance (HA) Platform Customized COTS/NDI High Assurance (HA) Platform Customized COTS/NDI High Assurance (HA) Platform Customized MLSSwitch COTS Processor COTS Processor ADD: HA SK, MLS NIC, Multi-Level Workstation • IA infrastructure enables collaborative information exchange • An evolutionary secure networkarchitecture allows affordable securitytechnology insertions • Framework to support current andfuture applications; e.g., collaborativewarfare applications such as NCCT Platform CDS Platform CDS I/O Module I/O Module I/O Mezz I/O Mezz High Collaboration Warfare

  13. General Dynamics’ MLS Efforts Planned assurance levels Type 1 for HAIPE® High robustness, high assurance for key TSE components of the architecture Type 1 for data-at-rest Trusted labeling study Performing on contract for trusted labeling investigation Researching existing trusted labeling and make recommendations on modification to support a standardized approach to multi-layer secure networks Seeking to harmonize labeled network, internal research and development with trusted environment Active member in FACE Consortium

  14. Technology Demonstration Join us in the exhibit area SNAP demonstrationhighlights the operationalbenefits of high-assurance,multi-level, networksolutions ideal for SWaPconstrained platforms SNAP extends recent advancements in multi-level computing to the network, including high-assurance, multi-level network encryption Includes General Dynamics’ Close Air Support and situational awareness applications running on MILS COTS processors

  15. Points Of Contact Technical Kent Lindell 952-921-6328 kent.lindell@gd-ais.com Michael Hohman 480-441-6861 michael.hohman@gdc4s.com Business Development Mark Grovak 952-921-6115 mark.Grovak@gd-ais.com Tom Plachecki 480-441-8477 tom.plachecki@gdc4s.com All other product and service names are the property of their respective owners. ® Reg. U.S. Pat. & Tm. Off.

More Related