Life-Cycle Management - Army Logistics University - U.S. Army
Life-Cycle Management - Army Logistics University - U.S. Army
Life-Cycle Management - Army Logistics University - U.S. Army
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
As a group, the tested UltraLog defenses provided significant<br />
protection from cyberattack. For the experiments conducted,<br />
all UltraLog defenses were rated “green” (acceptable) for completely<br />
or nearly completely defending against the intended attack.<br />
agent trying to transmit damaging instructions<br />
or orders.<br />
• Unsigned or improperly signed messages were<br />
rejected. Operational decisions rely on the accuracy of<br />
information contained in incoming transmissions. In<br />
UltraLog, information integrity is ensured in part by<br />
the digital signature that accompanies incoming messages.<br />
This experiment assessed whether or not target<br />
agents accepted or rejected unsigned messages. Policy<br />
was modified by Red Team hackers so that the<br />
agents of one unit transmitted messages without signatures.<br />
UltraLog agents successfully rejected 731 of<br />
731 unsigned messages. UltraLog successfully defended<br />
against agents receiving and accepting messages<br />
of questionable origin. From an operational<br />
perspective, logistics functions were protected.<br />
Unsigned or Improperly Signed Code Modules<br />
It is essential that code that is introduced into a<br />
deployed and functioning information system be<br />
from a trusted source. The ability of an adversary to<br />
insert malicious code can be extremely damaging; in<br />
UltraLog, this ability could completely compromise<br />
operational and logistics functionality. Only code<br />
that contains the digital signature of someone known<br />
and trusted is supposed to be accepted and loaded<br />
into UltraLog. This experiment demonstrated that<br />
UltraLog was able to prevent the loading of code that<br />
was not accompanied by a trusted digital signature.<br />
Adaptable Security Posture<br />
In the event of multiple security violations,<br />
UltraLog is designed to sense the increased security<br />
threat environment, increase the threat condition<br />
level, and modify security defenses appropriately for<br />
the new threat environment. A series of experiments<br />
was conducted involving multiple attacks against the<br />
system. These attacks included multiple invalid logins,<br />
invalid and unsigned message transmissions, and<br />
invalid code insertions. In each case, UltraLog detected<br />
and prevented the disallowed activity, generated<br />
alert messages, and increased the system’s<br />
security posture in response to the heightened threat.<br />
The policy enforcement infrastructure also rebuffed<br />
denial-of-service attacks by limiting the system<br />
interfaces available for attack.<br />
ARMY LOGISTICIAN PROFESSIONAL BULLETIN OF UNITED STATES ARMY LOGISTICS<br />
Final Analysis of UltraLog Security<br />
As a group, the tested UltraLog defenses provided<br />
significant protection from cyberattack. For the<br />
experiments conducted, all UltraLog defenses were<br />
rated “green” (acceptable) for completely or nearly<br />
completely defending against the intended attack. The<br />
overall security functionality of UltraLog was rated<br />
green in recognition that significant portions of the<br />
threat envelope had been effectively secured.<br />
Improvements over previous years were noted in<br />
the areas of preventing unauthorized access to information,<br />
securing interagent communications, preventing<br />
malicious code insertion, and preventing<br />
unauthorized operations. Other enhancements<br />
demonstrated that the security services are scalable<br />
to support large distributed systems. Progress was<br />
made in controlling unauthorized access to data and<br />
processes operating in system memory.<br />
Progress also was made in the system’s ability to<br />
manage security policy and respond to changes in the<br />
threat environment. This included the development<br />
of templates that enhance the ability of policy<br />
administrators to specify and modify enforceable<br />
security policies. Overall, UltraLog’s security policy<br />
framework and the specific policies tested successfully<br />
deflected hacker attacks.<br />
As it nears the end of its development cycle,<br />
UltraLog has made significant strides in building a<br />
security infrastructure sufficient to protect distributed<br />
agent-based applications. Clearly, based on<br />
assessment-derived data, the integrity and<br />
confidentiality of the highly distributed logistics<br />
information systems envisioned for the modern<br />
battlefield can be protected—even from a determined<br />
adversary. ALOG<br />
COMMANDER JAMES C. WORKMAN, USN (RET.), IS<br />
EMPLOYED BY LOS ALAMOS TECHNICAL ASSOCIATES, INC.,<br />
IN STERLING, VIRGINIA. HE HOLDS A B.S. DEGREE IN<br />
FINANCIAL MANAGEMENT FROM THE UNIVERSITY OF ORE-<br />
GON AND AN M.S. DEGREE IN FINANCIAL MANAGEMENT<br />
FROM THE NAVAL POSTGRADUATE SCHOOL. COMMANDER<br />
WORKMAN SERVED 20 YEARS IN THE NAVY SUPPLY CORPS,<br />
CULMINATING IN JOINT TOURS AT THE OFFICE OF THE SEC-<br />
RETARY OF DEFENSE AND THE DEFENSE LOGISTICS AGENCY.<br />
23