Military Communications and Information Technology: A Trusted ...
Military Communications and Information Technology: A Trusted ... Military Communications and Information Technology: A Trusted ...
426 Military Communications and Information Technology... • immediately after the end of the mission (e.g. during debriefing), • debriefing session in briefing hall/in headquarters, • at any time by querying/processing factual data repositories gathered by sensors/IT systems, • at any time based on the open source intelligence (OSINT – Open Source Intelligence) data acquired from civilian system (e.g. NASK), which can considered a source of information about incidents from the cyberspace. E. Methodology of information gathering Direct benefits of applying proposed methodology are as follows: • common structure for data retrieved from various sources of information • identification of structural incompleteness within particular observation sheet, in order to assure updated information handling in the future, • preliminary validation of the collected information about incidents in order to: ▷ protect from improper values (and e.g. dates out of range), ▷ account for inertia and physics of the registered phenomenas/processes (e.g. the time required to power on/off a device, initiate/terminate given process), ▷ process the source information to structure it into the form required for later storage in a database, e.g.: divide all the information into types (digital, text, graphical, other). Regarding the structure for data from various sources of information, data from respective reports and notifications will be parameterized and classified into particular blocks/sections in observation sheet. Thanks to such ordering it will be possible to assign attributes to data contained in particular blocks/sections of the observation sheet: • status of the mission concerned by the collected observation (date, type of the mission, cryptonym, code name, composition of the unit, final assessment of the mission, other), • type of incident (good practice, negative experience), • every single incident should be described related to its location (geographical coordinates with the highest possible accuracy, according to different notations: WGS – World Geodetic System, NATO, ...), time (operational time, calendar time), • does the information directly influences soldiers’ health/life (yes/no), • information about the mission (currently executed, mission planned to execution, accomplished mission), • is information confirmed/not confirmed by other soldier participating in a given mission, • information status: up-to-date/out-of-date (specify this date),
Chapter 4: Information Assurance & Cyber Defence 427 Figure 5. Main stages of populating data base of invents • information related to stationary/mobile object, • means by which an information was captured – human senses / additional sensors, • should the information be public/ or restricted, read only, or possible to modify, • quantity and quality of information sources (including personal information) that have confirmed particular elements of information about incident, • is the information new in repository or it is an update of existing one. To summarize above structure of an observation sheet a sample has been provided in the annex to this paper. VI. Conclusions The proposed methodology of collecting information about incidents in cyberspace mapped into a particular group of military activities should enable answering questions about (risk of) certain threats existing in today’s battlefield (especially incidents in the area of cyber security). Such method (of collecting information about cyber incidents) introduces its own identity. In this paper authors propose a comprehensive method that can be applied to collecting information about incidents based on the incidents observation sheet. An effective method of gathering factual data is in the authors’ opinion one of the biggest challenges and show-stoppers in the process of learning adhering to a lessons learnt paradigm (especially considering negative experiences). Thus the authors believe that the proposed method (and recommendations) of collecting information about incidents can be a valuable input into the process of continuous improvement of security level in the cyberspace.
- Page 377 and 378: Development of High Assurance Guard
- Page 379 and 380: Chapter 4: Information Assurance &
- Page 381 and 382: Chapter 4: Information Assurance &
- Page 383 and 384: Chapter 4: Information Assurance &
- Page 385 and 386: Chapter 4: Information Assurance &
- Page 387 and 388: Chapter 4: Information Assurance &
- Page 389 and 390: Chapter 4: Information Assurance &
- Page 391 and 392: Chapter 4: Information Assurance &
- Page 393 and 394: Chapter 4: Information Assurance &
- Page 395 and 396: Network Traffic Characteristics for
- Page 397 and 398: Chapter 4: Information Assurance &
- Page 399 and 400: Chapter 4: Information Assurance &
- Page 401 and 402: Chapter 4: Information Assurance &
- Page 403 and 404: Chapter 4: Information Assurance &
- Page 405 and 406: Chapter 4: Information Assurance &
- Page 407 and 408: Chapter 4: Information Assurance &
- Page 409 and 410: Chapter 4: Information Assurance &
- Page 411 and 412: Chapter 4: Information Assurance &
- Page 413 and 414: Chapter 4: Information Assurance &
- Page 415 and 416: Methodology for Gathering Data Conc
- Page 417 and 418: Chapter 4: Information Assurance &
- Page 419 and 420: Chapter 4: Information Assurance &
- Page 421 and 422: Chapter 4: Information Assurance &
- Page 423 and 424: Chapter 4: Information Assurance &
- Page 425: Chapter 4: Information Assurance &
- Page 429: Chapter 4: Information Assurance &
- Page 432 and 433: 432 Military Communications and Inf
- Page 434 and 435: 434 Military Communications and Inf
- Page 436 and 437: 436 Military Communications and Inf
- Page 439 and 440: On Multi-Level Secure Structured Co
- Page 441 and 442: Chapter 4: Information Assurance &
- Page 443 and 444: Chapter 4: Information Assurance &
- Page 445 and 446: Chapter 4: Information Assurance &
- Page 447 and 448: Chapter 4: Information Assurance &
- Page 449 and 450: Chapter 4: Information Assurance &
- Page 451 and 452: Chapter 4: Information Assurance &
- Page 453 and 454: Chapter 4: Information Assurance &
- Page 455 and 456: Generation of Nonlinear Feedback Sh
- Page 457 and 458: Chapter 4: Information Assurance &
- Page 459 and 460: Chapter 4: Information Assurance &
- Page 461 and 462: Chapter 4: Information Assurance &
- Page 463: Chapter 4: Information Assurance &
- Page 466 and 467: 466 Military Communications and Inf
- Page 468 and 469: 468 Military Communications and Inf
- Page 470 and 471: 470 Military Communications and Inf
- Page 472 and 473: 472 Military Communications and Inf
- Page 474 and 475: 474 Military Communications and Inf
Chapter 4: <strong>Information</strong> Assurance & Cyber Defence<br />
427<br />
Figure 5. Main stages of populating data base of invents<br />
• information related to stationary/mobile object,<br />
• means by which an information was captured – human senses / additional<br />
sensors,<br />
• should the information be public/ or restricted, read only, or possible to<br />
modify,<br />
• quantity <strong>and</strong> quality of information sources (including personal information)<br />
that have confirmed particular elements of information about incident,<br />
• is the information new in repository or it is an update of existing one.<br />
To summarize above structure of an observation sheet a sample has been<br />
provided in the annex to this paper.<br />
VI. Conclusions<br />
The proposed methodology of collecting information about incidents in cyberspace<br />
mapped into a particular group of military activities should enable answering<br />
questions about (risk of) certain threats existing in today’s battlefield (especially<br />
incidents in the area of cyber security). Such method (of collecting information<br />
about cyber incidents) introduces its own identity.<br />
In this paper authors propose a comprehensive method that can be applied to<br />
collecting information about incidents based on the incidents observation sheet.<br />
An effective method of gathering factual data is in the authors’ opinion one<br />
of the biggest challenges <strong>and</strong> show-stoppers in the process of learning adhering<br />
to a lessons learnt paradigm (especially considering negative experiences). Thus<br />
the authors believe that the proposed method (<strong>and</strong> recommendations) of collecting<br />
information about incidents can be a valuable input into the process of continuous<br />
improvement of security level in the cyberspace.