1 / 32

Government Security

Government Security. Objectives. Define trust, trustworthy environment, assurance, clearance, two-person integrity, no lone zone, certification, accreditation, emergency destruction, humint . Define the four stages of operational planning. Define operations security, unclassified indicator.

vyagi
Télécharger la présentation

Government Security

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Government Security

  2. Objectives • Define trust, trustworthy environment, assurance, clearance, two-person integrity, no lone zone, certification, accreditation, emergency destruction, humint. • Define the four stages of operational planning. • Define operations security, unclassified indicator. • Define two types of TEMPEST zoning. • Define the meaning of red and black labels. • Define computer/transmission emanation protections: shielding, filtering, masking, attenuation, zoning, and protection distribution system. • Define checks in a security clearance • Determine access by security level and compartment. • Define Resource monitor, and differentiate between types of computers: Dedicated, Compartmented, Multilevel Resource, System-High. • Define threats: jamming, traffic analysis, and transmission security techniques: spread spectrum, burst transmissions, low power, directional antenna. • Define 3 techniques the government uses to secure encryption keys. • Define protection of voice communication. Italic has yet to be included.

  3. Trust Trustworthy environment: Safe equipment, reliable boundary, safe people • Assurance: Behavior complies with policy • Formal methods can use proofs • Clearance: Trusted person • Two-Person Integrity: No Lone Zone

  4. Trust Trustworthy environment: Safe equipment, reliable boundary, safe people • Safe Communications • Safe Processing • Safe Storage

  5. Stages of OPSEC Planning • Identify critical resources (e.g., information) • Assess risk • Identify policy goals • Apply security measures

  6. Security Clearances Secure People

  7. Trusted People: Security Clearance • Clearance: Enables trust • Background investigation may include: • Ask person about: drug use, work history, criminal history. • Third party checks on employment, habits. • Criminal background check • Credit check • Confidential Clearance: Low level clearance • Secret Clearance: High level clearance

  8. TEMPEST Zoning – Unclassified Indicators Secure Boundaries

  9. Operations Security Sometimes plans are broadcast unintentionally This is known as ‘unclassified indicators’. • Before a major offensive attack, to-go pizza orders go up in DC/Pentagon, pizza vendors recognize.

  10. TEMPEST

  11. TEMPEST Protects Against Emanations Protecting against radio emanations • Shielding: Put shields around equipment or wiring. • Best if built with shielding • Filtering: limiting radio emanations from power lines and outbound transmissions • Banding: Filters limit specific frequency bands • Masking: Cause radiation using a uniform signal • Attenuation: Reduce the transmit power level to minimize emanations • Zoning: Build a physical buffer between vulnerable equipment and threat agents.

  12. Protected Distribution System • Purpose: Control access to cables • Means: Conduit or pipe that carries cables • Often in plain site, so that tampering can be observed • Seams completely sealed • Can be airtight where pressure change = penetration attempt. • Often camera protected • Alarm sounds when penetration occurs • Protects against radio emanations, too.

  13. TEMPEST: Zoning Vary by Agency & Project • Zone A: 20 Meters or less • Zone B: 100 Meters • Zone C: > 100 Meters • Communications Center requires 60 Meters (200 Feet)

  14. TEMPEST Zoning Threat: Crosstalk or Coupling Solution: Separation Separation between Cables: 2 inches: shielded components 6 inches: unshielded components 3 feet: crypto equipment & shielded components Power Filtering: 2 inches from shielded components 6 inches from other components Red & Black grounds maintained separately. Labeling: Red & Black

  15. Access Control - Secure Processing

  16. Trusted Computing:High Assurance Trustworthy: Never enters insecure state • Formal design specification • Formal methods: proofs show never enters insecure state • Secure, unsecure states defined • Code must match formal specifications Drawbacks: • Expensive to produce: can double cost • Very few systems achieve TCB

  17. Trusted Computer System Trusted Computing Base Reference Monitor Enforces security policy Not bypassable Tamperproof Verified Simple easiest • Formally verified to enforce mandatory protection policy • Verified (Tested) Drawbacks • Cannot assure high availability • Not easy to obtain: MS Word has been used

  18. Multilevel Security:Covert Channel

  19. Need to Know: Access Control

  20. Bell and La Padula Model (BLP) Property of Confinement: • Read Down: if Subject’s class is >= Object’s class • Write Up: if Subject’s class is <= Object’s class Tranquility Principle: Object’s class cannot change Declassification: Subject can lower his/her own class write read & write read read Joe => (Secret)

  21. Military Security Policy (Secret, Eng) (Confid., Finance) • Person has an Authorization Level or Level of Trust • (S,D) = (sensitivity, domain) for Subject • Object has a Security Class • Compartment defines secure projects: Project X, Project Y, Project Z (e.g, Finance) • Confidentiality Property: Subject can access object if it dominates the object’s classification level

  22. Need to Know ClearancesWho has access to what? Top Secret Top Secret DOGGY JONES Secret Secret JONES Secret DOGGY Secret DOGGY JONES Level: Secret Compartments: DOGGY JONES Level: Top Secret Compartments: JONES

  23. Need to Know ClearancesWho has access to what? Top Secret Top Secret DOGGY JONES Secret Secret JONES Secret DOGGY Secret DOGGY JONES Level: Secret Compartments: DOGGY JONES Level: Top Secret Compartments: JONES

  24. Dedicated Computer • Dedicated computer: Dedicated to project and security level • All people have a Need-to-Know access • Common security level associated with computer • Requires physical controls • May timeshare: Project X in morning; Y in afternoon • Must clear storage in between

  25. Computer Classifications • Dedicated: Single compartment • Compartmented: Supports multiple Compartments • Everyone is authorized for same security level (e.g., Top Secret) • Multilevel: Supports multiple security levels and compartments • Can store data that some people cannot read • Guard: a firewall controls data between compartments and security levels

  26. Encryption – Masking Secure Communications

  27. Cryptography

  28. Over the Air Rekeying • Electronic keys are preferred over paper keys Data Transfer Device: Distributes keys • Tracks key distribution • Seed key: A nonsecret key used to generate other keys • Operational Key: A secret key used for operations Crypto equipment uses operational key • Initialized with Seed Key or Black Key (encoded) • Op. key replaced periodically

  29. Communication Threats Threats: • Traffic Analysis: Sense where data is coming/going • Jamming: Loud transmission blocks other transmissions Solutions: • Burst transmissions: Small bursts vary frequency • Spread Spectrum: Single bits vary frequency unpredictably • Low Power: Can be unnoticed • Directional Antenna: Transmit in one direction only

  30. Example: Nuclear Secure Operations

  31. Integrity of OperationsNuclear Devices

  32. Integrity of Operations:Nuclear Devices

More Related