310 likes | 580 Views
Implications for security in a NCO environment 18 October 2007 MGen Frans Picavet Global NCO Ambassador Outline Operational Context Challenges Solutions Strategy Solutions Conclusion Operational context
E N D
Implications for security in a NCO environment 18 October 2007 MGen Frans Picavet Global NCO Ambassador
Outline • Operational Context • Challenges • Solutions Strategy • Solutions • Conclusion | 3/7/2014 |
Operational context • Information security = confidentiality, availability and integrity it also includes authentication, authorization and non repudiation • Fighting at the same time third and fourth generation warfare • Effects based planning and execution • Integrating pol, mil, ec, legal and social initiatives • Every platform on every level a joint sensor , wide interoperability • At least NATO Secret, Mission Secret and Mission Unclassified domains • Widened CIMIC, IO, PsyOps, Human Intelligence • Focus on Strat/Pol-Mil, Operational and Tactical level • Joint COP and ISR integration is desperately needed • 50.000ish troops on three continents • Transformation to Network Centric Operations | 3/7/2014 |
Outline • Operational Context • Challenges • Solution strategy • Solutions • Conclusion | 3/7/2014 |
Cyberthreats live in a virtual world of cyberspace (information, information systems, and computer networks) with no real boundaries “Cybercrime”: use of IT by hackers, insider, organized crime Commercial • Cost Driven • Non-Real Time • Response - Collect Legal Evidence Defense • Real time • Mission Critical • Hostile Environment • Information Operations • Active Response - Attack Tolerance & Counter Attack Critical Infrastructure Protection • Driven by Priorities (Not Necessarily Cost!) • Time critical • Terrorism • Response - Determine Culpability “Cyberwarfare”: Information intensive operations conducted during crisis or conflict to achieve specific objectives over an adversary or adversaries “Cyberterrorism”:The conduct of terrorism in cyberspace and on IT components of our nations critical infrastructures NCO Security Cross Domain Relevance e-Crime Law Enforcement CIP Business & Industry NCO IO Military | 3/7/2014 |
The State of Evolving Threats • Expanding e-crime • Big business driven by profit • Innovation to capture new markets (victims) • Victim segmentation and focus • Stealth is the new “black” • Rate of attacks is accelerating • Form of attack is more malicious • Attacks are “designer” in Nature | 3/7/2014 |
Vulnerabilities Growing, Time-to-exploit Shrinking Average # of days between publication and broad exploitation of a vulnerability. Number of vulnerabilities reported to CERT/CC since 1995. Source: CERT/CC Statistics; CERT, August 3, 2004; http://www.cert.org/stats/ Source: Information Security Magazine (based on Foundstone), June 2004; http://infosecuritymag.techtarget.com/ | 3/7/2014 |
Old Security Paradigms are Becoming Obsolete • Integration opens enterprises to their partners – and to attacks and fraud originating from their networks • Resource sharing and virtualization reduces barriers that once protected applications from each others • Provisioning engines and centralized directories (identity, policy) become prime targets for hackers and single points of failure • Openness make it easier for hackers to connect to and “plug into” IT systems • Automation – automatic adjustment of bandwidth, computing resources, security defenses • Speed and adaptiveness amplify security problems • Business Process Transformation / Outsourcing increases dependencies on third parties | 3/7/2014 |
Through enhanced networking, Defense face sophisticated threats and vulnerabilities, and the pressure to achieve and maintain security compliance – all with limited resources, time and budget. Security Concerns • Sabotage of information systems at HQ’rs and Agencies at all level • Theft of information or IT assets • Viruses causing operational and decison tempo slowdowns • Installation of unauthorized hardware and software • System vulnerabilities, including unauthorized access • New technology introduce new vulnerabilities • Web services appeal to hackers • Compliance Considerations • Cost and legal exposure of non-compliance • Poorly established compliance policies, processes and procedures • Lack of effective policy monitoring and compliance reporting | 3/7/2014 |
Notoriously Difficult and Sticky Problems • Massive inflow of vulnerabilities: • Time to exploitation is shrinking • Increasing sophistication of attacks vs. automation of malware • Poorly designed and installed software • Many examples of poor engineering • Many examples of bad configuration • Many examples of poor usability • Minimal outflow • Well-known vulnerabilities do not get fixed, exploitation peek often after release of patch • Growing complexity of (security) management • Complex set-up and administration, many ways to do the same thing • Never changed standard passwords and settings/profiles • Helpdesk and other social attacks • OS, routers, application monocultures • Write once, attack everywhere | 3/7/2014 |
….more challenges… • Cyber attacks should be responded in seconds • Operational Enablement – “Knitting the Net” forces us to realize that in as much as there are new war fighter capabilities, there are new and easier ways to subvert those capabilities. • Most networks are highly secured with no connection to the outside world • MSH systems often no address verification, no non repudiation capabilities, no secure storage, no secure access control • National caveats ask for solutions who work around the constraints • Trace back capabilities requires cooperation of many internet providers | 3/7/2014 |
Outline • Operational Context • Challenges • Solution strategy • Solutions • Conclusion | 3/7/2014 |
Guidance from NATO and member states perspective … (Feasibility study) • The realization of a ‘Networking and Information Infrastructure’ Key Communication Elements are: Use of the Internet Protocol (IP), to provide a common transport mechanism, the Migration to ‘Black’ IP core network and ‘Edge Proxies’ for non-IP networks. Software Defined Radios, Waveform Interoperability and Mobile Ad-Hoc Networking. • Key Information and Integration Elements are : Service Oriented Architecture, Core Enterprise Services, Common Information Strategy, Meta-data standardization (semantics), Developing Ontologies and the use of XML technologies to enable dynamic, role-based, information access The NNEC Feasibility Study concluded that it is challenging, but technically feasible to implement the NII. However it seems evident, based on the work done during this study, that without major changes in NATO CIS implementation and operational structures, policies, and processes NATO will find it difficult to achieve NNEC. | 3/7/2014 |
NATO wants services orientation… | 3/7/2014 |
….more guidance from the Alliance…. • Need to prevent, detect, respond, recover and pursuit • Common core supporting dynamic multinational operations • National resources in a distributed fashion • Need for object level protection, role based • Need general information sharing policies • Need general interconnection sharing policy • Need automatic configuration • Need high assurance devices • Need risk management in stead of risk avoidance | 3/7/2014 |
Industry solutions strategy • Protect against vulnerabilities and behaviors rather than against exploits • Focus on assured network design with High-assurance authorization based on • Security classification • Need-to-know • Meta-data on the information • Use data centric models and user & services identity management • Focus on vulnerabilities checks of legacy and new systems, services • SOA needs single centralized identity management and security policy infrastructure including outside communities of interest and federated user life cycle management • Focus on enabling/securing non-traditional boundaries, between the “spaces” • Leverage (real time) knowledge and experience of other industries around the world • Use strong testing capabilities to track application compliance to security requirements | 3/7/2014 |
Solution framework Defend ISS • Discovered 51% of high risk vulnerabilities since 1998* • 1994 First commercial Vulnerability Scanner • 1996 First commercial Intrusion Detection System (RealSecure) • 2000 First Intrusion Prevention System (Guard) • 2004 First Managed Security Service protection guarantee (Managed Protection Services) • 2005 First behavioral-based Anti-Virus of its kind Access Defends against internal and external threats. • Preemptive protection stops threats before impact. • Enjoy a combined solution that includes: • Network security • Data security • Applications security • Physical security IBM Tivoli Security software is used by: Assess Access • 15 of the top 20 commercial bank companies worldwide • 6 top health care companies worldwide • 4 of the top 5 telecommunications companies worldwide • 6 of the top 10 aerospace and defense companies worldwide • 7 of the top 10 computer and data service companies worldwide Assesses your security exposure. • Inventory assets • Apply trusted security policies • Identify and prioritize vulnerabilities • Conduct strategic remediation Controls access. • Manage user identity efficiently • Demonstrate consistent execution of security policy • Define, implement, maintain and audit identity and access policies Monitors security events to facilitate remediation and compliance. • Advanced monitoring and reporting enable proactive detection and analysis of threats • Security event management solutions help you spot trends, identify focus areas and prioritize risk • Respond to auditor requests with greater ease and efficiency Monitor | 3/7/2014 |
Information Access Principles • Based on roles, not identity • One and only one identity, • But one or more roles • Multi-factor authentication • What you know [pin] • What you have [token] • Who you are [biometric] • High-assurance devices decide on releasability [authorization] • Security classification • Need-to-know • Meta-data on the information | 3/7/2014 |
Outline • Operational Context • Challenges • Solution strategy • Solutions • Conclusion | 3/7/2014 |
Security and Privacy Research at IBM World wide ~150 researchers | 3/7/2014 |
Web Services Security Applications Suppliers SOAP/HTTP Services Driven Interactions Web Services Legacy Applications Partners Security Checkpoint SOAP Web Services Non Web Services Web ServicesRemote Portlets Web Services Company Portal Remote Portals How do we identify and authenticate the service requester ? How do we identify and authenticate the source of the message ?Is the client authorized to send this message? Can we ensure message integrity & confidentiality ?How can I audit the access to Web Services? Multiple layers of enforcement – perimeter, gateway, app server, application | 3/7/2014 |
Service Oriented Assurance for COP Creation Service Service Service Guard Guard Broker Broker Broker Guard: • Label Management • Authentification • Cryptology Management • Single-Level Broker COP | 3/7/2014 |
Data in the NextGen Sec.Arch Today’s Security Architectures Air Gap Today’s Security Architectures: • Systems are labeled • Data inherits label from system • Limited Flexibilty: • Downclassification costly • Data can only live on same-level systems Next Generation Security Architecture: • System determines “default” data label • Data may have different label • All data can be transported on all layers • Protections against unauthorized downflow: • Read Protection (Encryption) • Write Protection (Authentication) • Flow authorization/blocking (Guards) Next Generation Security Arch. Secret Guard Confidential Guard Unclassified | 3/7/2014 |
modify Data Transport Data Transport via Upper Level • “Confidential” Radar Pictures in Secret Operational Picture • Transmission of Restricted Mail via Confidential Systems Benefits: • Less need for down classification • Common transmission of high/low data Security: • Modified data needs “normal” down classification Data Tunneling via Lower Level • Transmission of Secret Situation Picture via Conf Peers • Distribution of Patches via Untrusted Networks Benefits: • Cheaper / more networks • Common transmission of high/low data Security: Data is encrypted Guards Guards modify | 3/7/2014 |
Data Down classification Down classification Procedure: • Obtain data & credentials • Verify credentials • Change Classification • Return d.c. data to application • Optional: Send to lower systems Down classification Requirements • Authorized roles (user/sender/receiver) • Authorized application/service • Correct format • Same requirements (other policy) for • Down/up-transmission • Integrity trust changes • Note: Classification != Communication Application | 3/7/2014 |
Innovation: NCO Center of Excellence - Helsinki • Who: The Finnish Defense Forces and IBM • When: Established January 2006 • Focus: NCO solutions built on service oriented architecture. • Utilizing commercial off-the-shelf (COTS) products • Based on open standards Objectives: Develop solutions to support FDF NCO capability development. Leveraging the latest technology innovations productize NCO solutions created by FDF and IBM for application and usage in other defense organizations Creating innovation exchange with other defense forces Lower risks by experimentation and evolutionary approach in developing capabilities Results PoC’s of Knowledge transfer to C4ISR project MIP and TMIH on SOA COP on SOA SOA scalability MLS in SOA environment (in preparation) with Zurich lab as partner | 3/7/2014 |
Security Operations Center SOC Atlanta - Detroit BackBone SOC Tokyo SOC Brussels SOC Brisbane Managed Security Services & the Virtual-SOC Customer Sites Global Security Operations Center Meta data (logs, events) Management Monitoring Alerting Reporting Value of Managed Security Services • 24x7 service • Quality SLA’s • Security specialist • Proven processes • Alerting and Remediation IT-Security Manager • Early warning • Security Research • Lower TCO • Less risk | 3/7/2014 |
Extension: Autonomic Management Architecture GlobalAutonomicManager Measure Policies & Consent Execute SecurityManagement Console AutonomousSub-Systems SecurityMonitoringConsole Policies &Management Commands Status & Audit Information | 3/7/2014 |
Security in the Federated Enterprise Service Bus FRED Publishes selected MIP data, Geo, Hydro and Met FEDERATED Network Enterprise Core Services provide the Enabling SOA infrastructure On Which To Run Business Services • Discovery • Mediation • Messaging • Transformation • Security • Registry • Service Mgmt • QoS Publishes LINK 16 information FREDLET Tactical Data Links IBM WebSphere FREDLET OpenJOP BEA ESB Publishes ATO/ACO Consumes RMP, Met, Geo and Hydro Without ‘FRED’ lack of Corporate Governance leads to ‘Islands of SOA’ FREDLET ARRC C2IS Oracle Publishes enhanced Geo Services Consumes ATO/ACO, Met, Geo and Hydro Logical Federated ESB Common Denominator for Network Enterprise Core Services ESB FREDLET AgileJOP Publishes RMP Consumes Met, Geo and Hydro | 3/7/2014 |
Outline • Operational Context • Challenges • Solution strategy • Solutions • Conclusion | 3/7/2014 |
Conclusion • Terrorist networks adapt quicker their tactics in days and hours • Security is a matter of anybody: supplier, service provider, operator, user (private and military business) • Most information sharing is hampered by policy and not by technology • Need strong monitoring system, authorities to shut systems down remotely • Good procedures to trace evidence, and discipline not to destroy this • Lower risks by experimentation and evolutionary approach in developing interoperable information security capabilities • Need greater degree of structural and effective collaboration and coordination of all parties at all levels to complement and reinforce each other • De-risk by working closely with strategic trusted partners who invest in continuous research and security operations centres | 3/7/2014 |