200 likes | 536 Views
NATO Information Assurance. 5 June 2009. AFCEA TechNet Europe 2009. A NATO view of the application of Information Assurance Techniques. Outline. NC3 Organization NCSA NATO Information Assurance Identity Management. NC3 Organization. NC3 Organisation. SACEUR. NATO C3 Board
E N D
NATO Information Assurance 5 June 2009 AFCEA TechNet Europe 2009 A NATO view of the application of Information Assurance Techniques
Outline • NC3 Organization • NCSA • NATO Information Assurance • Identity Management
NC3 Organization NC3 Organisation SACEUR NATO C3 Board (NC3 Board) NC3 Reps NATO C3 Agency (NC3A) NATO CIS SERVICES AGENCY (NCSA)
NCSA Mission To ensure the provision of secure end-to-end information exchange services and information processing services required for NATO Consultation, Command and Control, using fielded Communications and Information Systems in the most cost effective manner.
Current NCSA Structure Izmir Sector Mons Sector Ramstein Sector NorfolkSector BrunssumSector Madrid Sector Naples Sector Heidelberg Sector Lisbon Sector Northwood Sector 1 NATO Signal Bn Maastricht 2 NATO Signal Bn Naples NCSA HQ MONS NCISS Latina Total PE: ~ 3300 Deployable
NCSA Areas of Responsibility IC NO CA EN LG LH UK NL. PL GE BE CZ. • Norfolk Sector • Mons Sector • Brunssum Sector (includes CLD-B) • Naples Sector (includes CLD-N) • Northwood Sector • Madrid Sector • Lisbon Sector • Izmir Sector • Heidelberg Sector and Ramstein Sector without assigned AOR Lux. SZ US HU FR RO SI IT BU SP PO TU GR EUFOR KFOR ISAF IRAQ
INFOSEC -> IA • NATO definition • NNEC enabler • Risk management • Strong authentication
SMI Services • Identity management • Credential management • Attribute management • Privilege management • Digital policy mangement
SMI Services • IA configuration management • Crypto key management • IA metadata management • IA audit managment
NATO Identity Management • EAPC(AC/322-SC/5-WG/5)WP(2009)0001 NATO Identity Management (NIdM) • AC/322-D(2005)0044 INFOSEC Technical And Implementation Guidance On Identification and Authentication • AC/322-D(2004)0024REV2 NATO Public Key Infrastructure (NPKI) Certificate Policy (CertP) Rev2
NATO Identity Management • Passwords • Tokens • Biometrics
NPKI • Information sharing • Effects-based approach • Improved decision making • Physical access control
NPKI Today • Office Communication Suite (OCS) • NATO Restricted (NR) network • NEKMS
NATO Information Assurance • Email Content Checking • Mail guards • OS/applications security settings • Forensic capability • Security event management • IDS • Firewalls • Anti-virus software
IA Threats • Spam • Malware • Web defacements • User indiscretions • Targeted attacks • Classified information leakage • Vulnerabilities exposed by poor maintenance • System privilege abuse
IA Future • Increased capacity • Smarter tools • Centralized management • Consolidated IA picture • Faster reaction
Conclusion • Speed up • Cooperate closely • Do not forget the human factor • Flexibility and mobility