Military Communications and Information Technology: A Trusted ...
Military Communications and Information Technology: A Trusted ... Military Communications and Information Technology: A Trusted ...
466 Military Communications and Information Technology... controlled movement of data streams from inside and outside of the PA networks. The organization of large networks protection mechanism through encryption is not easy. Effective cryptographic tools and a number of organizational operations that allow safe and punctual distribution of cryptographic data are necessary for this purpose [9]. Cryptographic tools should not impact the deterioration of the communication services of an IT system. In order for these devices to work correctly, it is necessary to regularly deliver the cryptographic data (symmetric/asymmetric keys, random sequences and other) [10]. Modern communication networks consisting of several hundred or even several thousand devices require huge amounts of cryptographic data. The generation of cryptographic data entails the performance of large amount of time-consuming calculations and does not only relate to the problem of generation of cryptographic keys, but also to their appropriate protection against errors, disclosure, labeling and storage. The currently applied systems and tools for generating cryptographic data are not very efficient for large communication networks, where symmetric keys are used. For every information relation, appropriate cryptographic data should be assumed, e.g. if there is n=100 stations, at least n*(n-1)/2, i.e. nearly 5 thousand cryptographic data for the “peer-to-peer” information relation model should be prepared. The planning, generation and distribution of cryptographic data for such a large network is a technically complicated system. II. Architecture of an information system Let us consider the example PA system environment. The primary basis for determining the structure of an information system is the territorial division of the country. Within the division, the voivodeships along with the administration authorities that report to governmental institutions are important. The country is divided into 16 voivodeships which are created by poviats. We assume that the information system in question comprises management centers (MC) that may be duplicated given the need to achieve sufficiently high survival level. The composition of an example voivodeship MC is presented in Table 1. In accordance with the administrative division of the country, 16 such MCs are present within the Republic of Poland. The central element of the state management is the president of the Republic of Poland (PRP), however, the majority of information processes will be addressed to the Prime Minister and the PM MC. It was assumed that information reports from the authorities subordinate to the PM will deliver information to the PM MC. Only the information already edited and aggregated will be delivered to the PM MC. An exemption may constitute the information reports delivered by the Ministry of Interior and Administration and Ministry of National Defense. Depending
Chapter 4: Information Assurance & Cyber Defence 467 on the situation, information reports from the ministries of interior and defense might be provided both to the PM and PRP. It was proposed to classify the elements directly subordinate to the relevant ministries as internal elements. These are central authorities not belonging to the GA (Governmental Administration) and central authorities of the GA that will be joined through information relations with the relevant ministries. Figure 1. Architecture of the PA Information System As a result of the above analyses, the architecture of the PA system can be identified. It is graphically shown in Figure 1. The total number of the MCs for that particular information system equals 867 nodes. Probably there will be as many nodes in an communication network that will transfer information streams within the system. Not all nodes will exchange information between themselves, thus,
- Page 415 and 416: Methodology for Gathering Data Conc
- Page 417 and 418: Chapter 4: Information Assurance &
- Page 419 and 420: Chapter 4: Information Assurance &
- Page 421 and 422: Chapter 4: Information Assurance &
- Page 423 and 424: Chapter 4: Information Assurance &
- Page 425 and 426: Chapter 4: Information Assurance &
- Page 427 and 428: Chapter 4: Information Assurance &
- Page 429: Chapter 4: Information Assurance &
- Page 432 and 433: 432 Military Communications and Inf
- Page 434 and 435: 434 Military Communications and Inf
- Page 436 and 437: 436 Military Communications and Inf
- Page 439 and 440: On Multi-Level Secure Structured Co
- Page 441 and 442: Chapter 4: Information Assurance &
- Page 443 and 444: Chapter 4: Information Assurance &
- Page 445 and 446: Chapter 4: Information Assurance &
- Page 447 and 448: Chapter 4: Information Assurance &
- Page 449 and 450: Chapter 4: Information Assurance &
- Page 451 and 452: Chapter 4: Information Assurance &
- Page 453 and 454: Chapter 4: Information Assurance &
- Page 455 and 456: Generation of Nonlinear Feedback Sh
- Page 457 and 458: Chapter 4: Information Assurance &
- Page 459 and 460: Chapter 4: Information Assurance &
- Page 461 and 462: Chapter 4: Information Assurance &
- Page 463: Chapter 4: Information Assurance &
- Page 468 and 469: 468 Military Communications and Inf
- Page 470 and 471: 470 Military Communications and Inf
- Page 472 and 473: 472 Military Communications and Inf
- Page 474 and 475: 474 Military Communications and Inf
- Page 476 and 477: 476 Military Communications and Inf
- Page 478 and 479: 478 Military Communications and Inf
- Page 480 and 481: 480 Military Communications and Inf
- Page 482 and 483: 482 Military Communications and Inf
- Page 485 and 486: Modern Usage of “Old” One-Time
- Page 487 and 488: Chapter 4: Information Assurance &
- Page 489 and 490: Chapter 4: Information Assurance &
- Page 491 and 492: Chapter 4: Information Assurance &
- Page 493 and 494: Chapter 4: Information Assurance &
- Page 495: Chapter 4: Information Assurance &
- Page 498 and 499: 498 Military Communications and Inf
- Page 500 and 501: 500 Military Communications and Inf
- Page 502 and 503: 502 Military Communications and Inf
- Page 504 and 505: 504 Military Communications and Inf
- Page 506 and 507: 506 Military Communications and Inf
- Page 508 and 509: 508 Military Communications and Inf
- Page 511 and 512: A Abut Fatih 161 Akcaoglu Ismail 11
466 <strong>Military</strong> <strong>Communications</strong> <strong>and</strong> <strong>Information</strong> <strong>Technology</strong>...<br />
controlled movement of data streams from inside <strong>and</strong> outside of the PA networks.<br />
The organization of large networks protection mechanism through encryption is not<br />
easy. Effective cryptographic tools <strong>and</strong> a number of organizational operations that<br />
allow safe <strong>and</strong> punctual distribution of cryptographic data are necessary for this<br />
purpose [9]. Cryptographic tools should not impact the deterioration of the communication<br />
services of an IT system. In order for these devices to work correctly,<br />
it is necessary to regularly deliver the cryptographic data (symmetric/asymmetric<br />
keys, r<strong>and</strong>om sequences <strong>and</strong> other) [10].<br />
Modern communication networks consisting of several hundred or even several<br />
thous<strong>and</strong> devices require huge amounts of cryptographic data. The generation<br />
of cryptographic data entails the performance of large amount of time-consuming<br />
calculations <strong>and</strong> does not only relate to the problem of generation of cryptographic<br />
keys, but also to their appropriate protection against errors, disclosure, labeling<br />
<strong>and</strong> storage.<br />
The currently applied systems <strong>and</strong> tools for generating cryptographic data<br />
are not very efficient for large communication networks, where symmetric keys<br />
are used. For every information relation, appropriate cryptographic data should<br />
be assumed, e.g. if there is n=100 stations, at least n*(n-1)/2, i.e. nearly 5 thous<strong>and</strong><br />
cryptographic data for the “peer-to-peer” information relation model should be<br />
prepared. The planning, generation <strong>and</strong> distribution of cryptographic data for such<br />
a large network is a technically complicated system.<br />
II. Architecture of an information system<br />
Let us consider the example PA system environment. The primary basis<br />
for determining the structure of an information system is the territorial division<br />
of the country. Within the division, the voivodeships along with the administration<br />
authorities that report to governmental institutions are important. The country<br />
is divided into 16 voivodeships which are created by poviats.<br />
We assume that the information system in question comprises management<br />
centers (MC) that may be duplicated given the need to achieve sufficiently high<br />
survival level. The composition of an example voivodeship MC is presented in Table<br />
1. In accordance with the administrative division of the country, 16 such MCs<br />
are present within the Republic of Pol<strong>and</strong>.<br />
The central element of the state management is the president of the Republic<br />
of Pol<strong>and</strong> (PRP), however, the majority of information processes will be addressed<br />
to the Prime Minister <strong>and</strong> the PM MC.<br />
It was assumed that information reports from the authorities subordinate<br />
to the PM will deliver information to the PM MC. Only the information already<br />
edited <strong>and</strong> aggregated will be delivered to the PM MC.<br />
An exemption may constitute the information reports delivered by the Ministry<br />
of Interior <strong>and</strong> Administration <strong>and</strong> Ministry of National Defense. Depending