Military Communications and Information Technology: A Trusted ...
Military Communications and Information Technology: A Trusted ... Military Communications and Information Technology: A Trusted ...
382 Military Communications and Information Technology... IV. Evolutionary approach The phased approach has been proposed to implementation and deployment of the HAAG in order to address both urgent operational requirements and provide a robust and flexible solution to cross-domain information sharing for the NNEC and FMN infrastructure. The approach consists of 3 phases that incrementally improve information sharing capability. Phase 0 is a cascading design that provides an immediate response to the urgent requirements for information sharing between NATO and international organizations / non-NATO nations. Phase 1 uses the HAAG as a gateway that enforces authentication, authorization, and accountability of all end-users. Phase 2 uses the HAAG to provide a service where information is released based on security and protection requirements derived from a dynamic policy. A. Phase 0: Cascading design using XLG Phase 0 represents an incremental development path for the existing NCIA medium assurance XML-Labelling Guard (XLG). The proposed solution, applicability of which shall be confirmed case by case through an extensive security risk assessment, attempts to partially compensate lower security assurance level of the XLG by introducing an intermediate, NATO Restricted (NR), security domain between IO/NNN and the NATO Secret (NS) system. The XLG is located between the NR and the NS domain. Several reactive security services, such as intrusion detection and malware protection are redundantly deployed in the NR and NS domains in order to provide increased security assurance via a cascading architecture. Figure 3. Example of a cascading design for IEG-D Phase 0 implementation
Chapter 4: Information Assurance & Cyber Defence 383 B. Phase 1: High assurance automated guard as a gateway A logical evolution of the Phase 0 design is to replace the cascade with a single high assurance guard used as a gateway, an architecture shown in Figure 4. Figure 4. High assurance automated guard (HAAG) as a gateway This architecture uses the HAAG as a dedicated information flow control device between the domain with a lower and a higher trustworthiness. In addition, the HAAG must be accompanied by, and usually collocated with, additional security tools, such as firewalls and malware detection software. Compared to the Phase 0 architecture, there are two important differences. First, the HAAG authenticates users from both low and high domains, whereas only network interfaces were authenticated in Phase 0. The authentication is mainly for auditing and accountability purposes, but can also constitute an input for an authorization of access to the data (e.g. basic enforcement of need-to-know principle). Second, the required assurance level for the HAAG design and implementation is significantly higher. Phase 1 improves the assurance and information flow capabilities in a short to medium time-frame. It relies on support for cross-domain authentication, e.g. by implementing a claims-based identity and access control [11]. This architecture allows also a gradual introduction of elements of the CPR security policies. The CPR security model is envisaged to replace in the long term an inflexible Bell-LaPadula security model, which is not suitable for a modern dynamic and federated coalition environment. C. Phase 2: High assurance automated guard as a separation service In Phase 2 of the HAAG development a more radical approach is taken toward solving the information sharing challenges. This approach is based on a complete rethinking of the security model used within NATO and utilizing implementation of advanced cryptographic mechanisms. In this architecture, depicted in Figure 5, the concept of security domains is abandoned, and the information flow is controlled through a HAAG service implemented in a distributed fashion.
- Page 331 and 332: Managing Lessons Learnt from Daily
- Page 333 and 334: Chapter 3: Information Technology f
- Page 335 and 336: Chapter 3: Information Technology f
- Page 337 and 338: Chapter 3: Information Technology f
- Page 339 and 340: Chapter 3: Information Technology f
- Page 341 and 342: Chapter 3: Information Technology f
- Page 343: Chapter 3: Information Technology f
- Page 347 and 348: Federated Cyber Defence System - Ap
- Page 349 and 350: Chapter 4: Information Assurance &
- Page 351 and 352: Chapter 4: Information Assurance &
- Page 353 and 354: Chapter 4: Information Assurance &
- Page 355 and 356: Chapter 4: Information Assurance &
- Page 357: Chapter 4: Information Assurance &
- Page 360 and 361: 360 Military Communications and Inf
- Page 362 and 363: 362 Military Communications and Inf
- Page 364 and 365: 364 Military Communications and Inf
- Page 366 and 367: 366 Military Communications and Inf
- Page 368 and 369: 368 Military Communications and Inf
- Page 370 and 371: 370 Military Communications and Inf
- Page 372 and 373: 372 Military Communications and Inf
- Page 374 and 375: 374 Military Communications and Inf
- Page 377 and 378: Development of High Assurance Guard
- Page 379 and 380: Chapter 4: Information Assurance &
- Page 381: Chapter 4: Information Assurance &
- Page 385 and 386: Chapter 4: Information Assurance &
- Page 387 and 388: Chapter 4: Information Assurance &
- Page 389 and 390: Chapter 4: Information Assurance &
- Page 391 and 392: Chapter 4: Information Assurance &
- Page 393 and 394: Chapter 4: Information Assurance &
- Page 395 and 396: Network Traffic Characteristics for
- Page 397 and 398: Chapter 4: Information Assurance &
- Page 399 and 400: Chapter 4: Information Assurance &
- Page 401 and 402: Chapter 4: Information Assurance &
- Page 403 and 404: Chapter 4: Information Assurance &
- Page 405 and 406: Chapter 4: Information Assurance &
- Page 407 and 408: Chapter 4: Information Assurance &
- Page 409 and 410: Chapter 4: Information Assurance &
- Page 411 and 412: Chapter 4: Information Assurance &
- Page 413 and 414: Chapter 4: Information Assurance &
- Page 415 and 416: Methodology for Gathering Data Conc
- Page 417 and 418: Chapter 4: Information Assurance &
- Page 419 and 420: Chapter 4: Information Assurance &
- Page 421 and 422: Chapter 4: Information Assurance &
- Page 423 and 424: Chapter 4: Information Assurance &
- Page 425 and 426: Chapter 4: Information Assurance &
- Page 427 and 428: Chapter 4: Information Assurance &
- Page 429: Chapter 4: Information Assurance &
382 <strong>Military</strong> <strong>Communications</strong> <strong>and</strong> <strong>Information</strong> <strong>Technology</strong>...<br />
IV. Evolutionary approach<br />
The phased approach has been proposed to implementation <strong>and</strong> deployment<br />
of the HAAG in order to address both urgent operational requirements <strong>and</strong> provide<br />
a robust <strong>and</strong> flexible solution to cross-domain information sharing for the NNEC<br />
<strong>and</strong> FMN infrastructure.<br />
The approach consists of 3 phases that incrementally improve information<br />
sharing capability. Phase 0 is a cascading design that provides an immediate response<br />
to the urgent requirements for information sharing between NATO <strong>and</strong> international<br />
organizations / non-NATO nations. Phase 1 uses the HAAG as a gateway<br />
that enforces authentication, authorization, <strong>and</strong> accountability of all end-users.<br />
Phase 2 uses the HAAG to provide a service where information is released based<br />
on security <strong>and</strong> protection requirements derived from a dynamic policy.<br />
A. Phase 0: Cascading design using XLG<br />
Phase 0 represents an incremental development path for the existing NCIA medium<br />
assurance XML-Labelling Guard (XLG). The proposed solution, applicability<br />
of which shall be confirmed case by case through an extensive security risk assessment,<br />
attempts to partially compensate lower security assurance level of the XLG<br />
by introducing an intermediate, NATO Restricted (NR), security domain between<br />
IO/NNN <strong>and</strong> the NATO Secret (NS) system. The XLG is located between the NR<br />
<strong>and</strong> the NS domain. Several reactive security services, such as intrusion detection<br />
<strong>and</strong> malware protection are redundantly deployed in the NR <strong>and</strong> NS domains<br />
in order to provide increased security assurance via a cascading architecture.<br />
Figure 3. Example of a cascading design for IEG-D Phase 0 implementation