1 / 16

CDIX: The Devils in the Details

Les Owens – Horizontal Fusion Management Team NDIA Conference – Denver 24 March 2004. CDIX: The Devils in the Details. “The secret of success is constancy to purpose.”. Benjamin Disraeli, 1804 - 1881 British Prime Minister and novelist. Outline.

fiona-england
Télécharger la présentation

CDIX: The Devils in the Details

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Les Owens – Horizontal Fusion Management Team NDIA Conference – Denver 24 March 2004 CDIX: The Devils in the Details

  2. “The secret of success is constancy to purpose.” Benjamin Disraeli, 1804 - 1881 British Prime Minister and novelist

  3. Outline • Introduction to Cross-Domain – the Challenge • Statement of Need – Warfighter example • Some of the Challenges – the Devils in the Details • Key CDIX Security Requirements • Tactical Scenario – Data to and from the Warfighter • The Horizontal Fusion CDIX Strategy • Vision for Cross-Domain Information Exchange • Discussion

  4. Cross-Domain Information Exchange Coalition Unclassified JWICS CDIX CDIX CDIX SIPRNET

  5. Statement of Need – Warfighter Example Self-configuring, dynamic, mobile ad hoc network (MANET) connecting soldiers and sensors Satellite link provides TACLANE link encryption to tactical unit All connections protected using embedded cryptography Tactical nodes are commercial IEEE 802.11g radios with ad hoc networking software operating to allow dynamic configuration Note: 802.11 is commercial “WiFi.”

  6. Some of the Challenges – the Devils in the Details • Understanding the security policies that dictate requirements for CDIX • Understanding technical security countermeasures that must be deployed in an environment • Understanding how new and evolving standards and technologies can address the problem • Determining how potential existing and emerging solutions for automated CDIX can be used • Developing an architectural solution and CONOPS in a particular environment • Placement of security functions and performance • Time required for security testing and C&A • Breaking away from “the way its been done”

  7. Key CDIX Security Requirements • Malicious Code Detection must be performed • To prevent and detect viruses, logic bombs, worms, etc. • Metadata tagging with security labels • Digital signature application and verification • Provision of Cryptographic integrity • Provision of Cryptographic authentication • Preventing and detection unauthorized activity • Mobile Code Verification must be performed

  8. Tactical Scenario – to and from the Warfighter Sensors Unclassified Environment Classified Environment PL HFPFI LFN P3 Collateral Space Army CSN TG SIPRNET troops LFN IFIS NGIS PL Sensors

  9. CDIX for Tactical Environment Taxonomy for Cross-Domain Information Exchange in the Tactical Environment Automatic Approach Manual Approach Unclassified  SIPRNet Unclassified  SIPRNet Unclassified  SIPRNet Unclassified  SIPRNet Platoon leader gets information from Collateral Space with web-services terminal and application and delivers to MANET PDAs Web-services terminal and application and delivers to MANET PDAs Platoon leader gets information on MANET PDA and posts information to Collateral Space with web-services terminal and application Fusion Node Gateway delivers to Collateral Space using web-services application

  10. HF CDIX Strategy – Two-Pronged Approach Near-term/QL-2 Fast Action – Bottoms-up Approach 5 months Develop an achievable CDIX solution for part of cross-domain problem • Unclassified to SIPRNET • Coalition to SIPRNET • Limited, high priority data types • Automated [Note: will create value for the warfighter in the near-term] “Design Team” Path 1 “Tiger Team” Path 2 QL-2 and Beyond 8-10 months Fast Action – Top-down Approach CDIX Evolution Path 2 will aggressively explore Content Staging CDIX solution and emerging CDS solutions to provide partial solution for beyond QL-2 – leveraging other DoD CDIX efforts and NCES Path 1 will leverage web-services and existing, known CDS solutions to provide partial solution for near-term (QL-2)

  11. Key Points About Strategy • Provides a two-pronged approach for near-term and longer term • Provides a path that is limited in scope and therefore achievable for this year – does not try to “boil the ocean” • Will show significant value for the warfighter • Is evolutionary in nature – towards the CDIX vision • Will capitalize on our learning process • Will capitalize on the maturation process of technology and policy

  12. CDIX Evolution 2007 2006 Full CDIX Vision 2005 CDIX Solution for more of problem 2004 CDIX Solution for part of problem 2003 Air-gap 2002

  13. DoDPKI Vision for Cross-Domain Information Exchange Tagged Data Robust, interoperable PKI and ubiquitous certificates Domain 1 Single Net Domain 2 SIPRNET Full complement of SOAP/XML services and security features Enhanced security and intelligent boundary devices

  14. “Some men see things as they are and say why. I dream things that never were and say why not.” Robert Kennedy, 1925 - 1968 Senator and Presidential Candidate

  15. Presenter Information Leslie D. Owens (Les) Horizontal Fusion Management Team / Booz Allen Hamilton, Wireless Security Lead 703/902-7091 (office) 703/980-3877 (cellular) Owens_les@ bah.com (email)

  16. Discussion

More Related