Military Communications and Information Technology: A Trusted ...
Share Embed Flag
Download ePaper

Military Communications and Information Technology: A Trusted ...

Military Communications and Information Technology: A Trusted ... Military Communications and Information Technology: A Trusted ...

wil.waw.pl
22.01.2015 Views

466 Military Communications and Information Technology... controlled movement of data streams from inside and outside of the PA networks. The organization of large networks protection mechanism through encryption is not easy. Effective cryptographic tools and a number of organizational operations that allow safe and punctual distribution of cryptographic data are necessary for this purpose [9]. Cryptographic tools should not impact the deterioration of the communication services of an IT system. In order for these devices to work correctly, it is necessary to regularly deliver the cryptographic data (symmetric/asymmetric keys, random sequences and other) [10]. Modern communication networks consisting of several hundred or even several thousand devices require huge amounts of cryptographic data. The generation of cryptographic data entails the performance of large amount of time-consuming calculations and does not only relate to the problem of generation of cryptographic keys, but also to their appropriate protection against errors, disclosure, labeling and storage. The currently applied systems and tools for generating cryptographic data are not very efficient for large communication networks, where symmetric keys are used. For every information relation, appropriate cryptographic data should be assumed, e.g. if there is n=100 stations, at least n*(n-1)/2, i.e. nearly 5 thousand cryptographic data for the “peer-to-peer” information relation model should be prepared. The planning, generation and distribution of cryptographic data for such a large network is a technically complicated system. II. Architecture of an information system Let us consider the example PA system environment. The primary basis for determining the structure of an information system is the territorial division of the country. Within the division, the voivodeships along with the administration authorities that report to governmental institutions are important. The country is divided into 16 voivodeships which are created by poviats. We assume that the information system in question comprises management centers (MC) that may be duplicated given the need to achieve sufficiently high survival level. The composition of an example voivodeship MC is presented in Table 1. In accordance with the administrative division of the country, 16 such MCs are present within the Republic of Poland. The central element of the state management is the president of the Republic of Poland (PRP), however, the majority of information processes will be addressed to the Prime Minister and the PM MC. It was assumed that information reports from the authorities subordinate to the PM will deliver information to the PM MC. Only the information already edited and aggregated will be delivered to the PM MC. An exemption may constitute the information reports delivered by the Ministry of Interior and Administration and Ministry of National Defense. Depending

Chapter 4: Information Assurance & Cyber Defence 467 on the situation, information reports from the ministries of interior and defense might be provided both to the PM and PRP. It was proposed to classify the elements directly subordinate to the relevant ministries as internal elements. These are central authorities not belonging to the GA (Governmental Administration) and central authorities of the GA that will be joined through information relations with the relevant ministries. Figure 1. Architecture of the PA Information System As a result of the above analyses, the architecture of the PA system can be identified. It is graphically shown in Figure 1. The total number of the MCs for that particular information system equals 867 nodes. Probably there will be as many nodes in an communication network that will transfer information streams within the system. Not all nodes will exchange information between themselves, thus,

466 <strong>Military</strong> <strong>Communications</strong> <strong>and</strong> <strong>Information</strong> <strong>Technology</strong>...<br />

controlled movement of data streams from inside <strong>and</strong> outside of the PA networks.<br />

The organization of large networks protection mechanism through encryption is not<br />

easy. Effective cryptographic tools <strong>and</strong> a number of organizational operations that<br />

allow safe <strong>and</strong> punctual distribution of cryptographic data are necessary for this<br />

purpose [9]. Cryptographic tools should not impact the deterioration of the communication<br />

services of an IT system. In order for these devices to work correctly,<br />

it is necessary to regularly deliver the cryptographic data (symmetric/asymmetric<br />

keys, r<strong>and</strong>om sequences <strong>and</strong> other) [10].<br />

Modern communication networks consisting of several hundred or even several<br />

thous<strong>and</strong> devices require huge amounts of cryptographic data. The generation<br />

of cryptographic data entails the performance of large amount of time-consuming<br />

calculations <strong>and</strong> does not only relate to the problem of generation of cryptographic<br />

keys, but also to their appropriate protection against errors, disclosure, labeling<br />

<strong>and</strong> storage.<br />

The currently applied systems <strong>and</strong> tools for generating cryptographic data<br />

are not very efficient for large communication networks, where symmetric keys<br />

are used. For every information relation, appropriate cryptographic data should<br />

be assumed, e.g. if there is n=100 stations, at least n*(n-1)/2, i.e. nearly 5 thous<strong>and</strong><br />

cryptographic data for the “peer-to-peer” information relation model should be<br />

prepared. The planning, generation <strong>and</strong> distribution of cryptographic data for such<br />

a large network is a technically complicated system.<br />

II. Architecture of an information system<br />

Let us consider the example PA system environment. The primary basis<br />

for determining the structure of an information system is the territorial division<br />

of the country. Within the division, the voivodeships along with the administration<br />

authorities that report to governmental institutions are important. The country<br />

is divided into 16 voivodeships which are created by poviats.<br />

We assume that the information system in question comprises management<br />

centers (MC) that may be duplicated given the need to achieve sufficiently high<br />

survival level. The composition of an example voivodeship MC is presented in Table<br />

1. In accordance with the administrative division of the country, 16 such MCs<br />

are present within the Republic of Pol<strong>and</strong>.<br />

The central element of the state management is the president of the Republic<br />

of Pol<strong>and</strong> (PRP), however, the majority of information processes will be addressed<br />

to the Prime Minister <strong>and</strong> the PM MC.<br />

It was assumed that information reports from the authorities subordinate<br />

to the PM will deliver information to the PM MC. Only the information already<br />

edited <strong>and</strong> aggregated will be delivered to the PM MC.<br />

An exemption may constitute the information reports delivered by the Ministry<br />

of Interior <strong>and</strong> Administration <strong>and</strong> Ministry of National Defense. Depending

logo

products

Resources

Company

Terms of service
Privacy policy
Cookie policy
Cookie settings
Imprint
Change language
Made with love in Switzerland
© 2024 Yumpu.com all rights reserved

Hooray! Your file is uploaded and ready to be published.

Saved successfully!

Ooh no, something went wrong!