JAMES BUCHANAN DEMOCRAT JOHN PATHFINDER FREEMONT REPUBLICAN MILLARD FILLMORE KNOW NOTHING PARTY.
Defense Needs for Future Information Assurance Standards John James [email protected] “Know the...
-
Upload
mercy-rice -
Category
Documents
-
view
219 -
download
1
Transcript of Defense Needs for Future Information Assurance Standards John James [email protected] “Know the...
Defense Needs for FutureInformation Assurance Standards
John James
“Know the enemy, know yourself; your victory will never be endangered. Know the ground, know the
weather; your victory will then be total”*
* The Art of War by Sun Tzu , Translated by Samuel B. Griffith, Page 129
“We need improved information assurance standards to enable joint interoperability”**
** GEN Paul Kern, CG, AMC, plenary speaker, IEEE Information Assurance Workshop, West Point, NY, 18 June 2003
Contents
• Complex system representation– Static models of dynamic systems
– Adaptive models of dynamic systems
• Trustworthiness of military information systems– If you are on the net, you are trusted
– Accreditation is done at the lowest level of the network
• Future military information systems requirements– The implications of autonomous combat vehicles
– Military networks will change even more rapidly than today
• Characteristics of standards for future military systems– Adaptive accreditation of networks of devices
Complex System Representation
• Static models of dynamic systems– Discrete components – Continuous components– Multiple time and spatial scales– Presence of at least one equilibrium at each model level
• Adaptive models of dynamic systems– Discrete components – Continuous components– Multiple time and spatial scales– Presence of at least one equilibrium at each model level– Models adapt (evolve) as system dynamics change
Trustworthiness of Military Information Systems
• If you are on the net, you are trusted– Networks operate at different levels of security– Building gateways (guards) between networks
operating at different security levels is difficult
• Accreditation is done at the lowest level of the network– Network components (vehicles, workstations, servers,
switches, routers …) are accredited– Detecting if a network has been compromised remains
problematic
Future Military Information Systems Requirements
• The implications of autonomous combat vehicles– How does a machine “understand” commander’s intent?
– As elements of the situation (constraints) change, how will the machine adapt a current plan to meet the commander’s intent?
• Military networks will change even more rapidly than today– Military networks “move” with the force
– As the tempo of operations increase, the rate at which the network architecture must adapt will increase
• Insufficient to look only at Confidentiality, Integrity, Availability, Authentication, and Non-repudiation
Characteristics of standards for future military systems
• Standard for accreditation of complex adaptive systems– Multiple time scales
– Multiple spatial scales
– Representation of system architecture (ADL)
– Representation of system interfaces (IDL)
• Consideration of standards attributes for accreditation of military information systems (next 7 slides consider accrediting a feedback process)
Current to Future Force“The Joint Operations Concepts … builds on the goal of Full Spectrum Dominance: the defeat of any adversary or control of any situation across the full range of military operations. Full Spectrum Dominance is based on the ability to sense, understand, decide and act faster than an adversary in any situation”*
* The Way Ahead , http://www.army.mil/thewayahead/foreword.html , Pages 5-6
Information Assurance Processes
OFF-LINE VALIDATION ON-LINE VERIFICATIONDIS
CRETE MODEL U
PDATE
CONTINUOUS M
ODEL UPDATE
SYST
EM S
TATE
SYSTEM O
PTIMALIT
Y
SECURITYSERVICES
TRANSMISSION
STORAGE
PROCESSING
INFORMATIONSTATES
CONFIDENTIALITY
INTEGRITY
AVAILABILITY
AUTHENTICATION
NON-REPUDIATION
PROTECTION
DETECTION
REACTION
SECURITYMAINTENANCE
TECHNOLOGY
POLICIES AND PRACTICES
PEOPLE
SECURITYCOUNTER
MEASURES
OP
ER
AT
ION
AL
AR
CH
ITE
CT
UR
E
SYST
EM
SA
RC
HIT
EC
TU
RE
TE
CH
NIC
AL
AR
CH
ITE
CT
UR
E
Accreditation processes occur over time
INFORMATIONDOMINANCE
SERVICES
SITUATION-ASSESSMENT SUPPORT
MILITARY-DECISION-MAKING-PROCESS SUPPORT
TRUTH-MAINTENANCE SUPPORT
DISCRETE M
ODEL UPDATE
CONTINUOUS M
ODEL UPDATE
SYST
EM S
TATE
SYSTEM O
PTIMALIT
Y
OFF-LINE VALIDATION ON-LINE VERIFICATIONDIS
CRETE MODEL U
PDATE
CONTINUOUS M
ODEL UPDATE
SYST
EM S
TATE
SYSTEM O
PTIMALIT
Y
SECURITYSERVICES
TRANSMISSION
STORAGE
PROCESSING
INFORMATIONSTATES
CONFIDENTIALITY
INTEGRITY
AVAILABILITY
AUTHENTICATION
NON-REPUDIATION
PROTECTION
DETECTION
REACTION
SECURITYMAINTENANCE
TECHNOLOGY
POLICIES AND PRACTICES
PEOPLE
SECURITYCOUNTER
MEASURES
SYST
EM
SA
RC
HIT
EC
TU
RE
TE
CH
NIC
AL
AR
CH
ITE
CT
UR
E
INFORMATIONDOMINANCE
SERVICES
SITUATION-ASSESSMENT SUPPORT
MILITARY-DECISION-MAKING-PROCESS SUPPORT
TRUTH-MAINTENANCE SUPPORT
DISCRETE M
ODEL UPDATE
CONTINUOUS M
ODEL UPDATE
SYST
EM S
TATE
SYSTEM O
PTIMALIT
Y
Archi
tect
ure c
ompo
nent
s and
para
met
er v
alue
s cha
nge o
ver t
ime
Info
rmat
ion
Ass
uran
ce s
ervi
ces
who
se
valu
es (
stat
es)
chan
ge o
ver
tim
e
SERVICES
SERVICES
SERVICES
Joint Forces Information Architecture
SystemsSystemsArchitectureArchitecture
TechnicalTechnicalArchitectureArchitecture
OperationalOperationalArchitectureArchitecture
Operational Architecture (OA) is the totalaggregation of missions, functions, tasks,information requirements, and businessrules
Technical Architecture is the “buildingcodes” upon which systems are based
Systems Architecture is the physicalimplementation of the OA, the layout andrelationship of systems andcommunications
JointJointInteroperabilityInteroperability
Summary
• Critical infrastructure processes (such as military operations) have discrete and continuous components
• Understanding complex dynamical processes requires modeling both discrete and continuous components
• Future standards should support adaptive accreditation of systems that enable meeting enterprise process goals (such as commander’s intent)