1 / 22

Government Roadmap Tom Clark Delta Wave Communications, Inc.

Broadband for a mobile planet TM. Government Roadmap Tom Clark Delta Wave Communications, Inc. BGAN and information assurance. Requirements in the government sector. Information assurance implies that The content cannot be altered or intercepted by an uninvited parties.

nay
Download Presentation

Government Roadmap Tom Clark Delta Wave Communications, Inc.

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Broadband for a mobile planetTM Government Roadmap Tom Clark Delta Wave Communications, Inc.

  2. BGAN and information assurance

  3. Requirements in the government sector • Information assurance implies that • The content cannot be altered or intercepted by an uninvited parties. • The confidentiality (identity and location of the end user) is protected • Statistical analysis of the data transfers is prevented • Security has to be deployed at two levels to cover these requirements: • At the Transport mechanism level (or Network level) • A the Data exchange level (Ciphering the data content)

  4. BGAN network: Built-in protection (1) IP Core Network WWW Server Internet DP POP Burum SAS Customer HQ Air Interface • Data and signaling ciphered in accordance with UMTS standards (TS33.102) • Position report encrypted • Temporary IDs used to maintain anonymity of the terminal user (SIM). • Satellite control is US Type-1 Encrypted

  5. BGAN network: Built-in protection (2) IP Core Network WWW Server Internet DP POP Burum SAS Customer HQ Satellite Access Station • Joint military/commercial Satellite Earth Stations in the Netherlands and Italy. • Fully Redundant SAS sites • Data communications network protected by firewalls

  6. BGAN network: Built-in protection (3) IP Core Network WWW Server Internet DP POP Burum SAS Customer HQ Typical DP PoP Interconnect • Routed over leased lines or VPN over IP networks • Redundancy - backup links: VPN over public IP network or ISDN • Firewall protected • IPSec encryption applied between Inmarsat and DP POPs

  7. BGAN network: Built-in protection (4) IP Core Network WWW Server Internet DP POP Burum SAS Customer HQ Typical DP / Customer Interconnect • VPN over IP networks:IPSec encryption • Firewall protected

  8. Leased Line BGAN network: Built-in protection (5) IP Core Network DP POP Burum SAS Customer HQ Dedicated DP / Customer Interconnect • Private dedicated links • IP Sec encryption • Firewall protected

  9. Leased Line End-to-end Application Layer • COTS VPN (e.g. Cisco, Checkpoint, Nortel, Netscreen) • Government standard encryption including Type-1/Top Secret Protecting the content over IP networks IP Core Network WWW Server Internet DP POP Burum SAS Customer HQ

  10. End-to-end Application Layer • ISDN Encryption - STE • Serial Bulk Encryption – KIV-7 • Analogue Encryption – STU-IIb/III Protecting the content over circuit-switched Circuit Switched Core Network STU International PSTN/ISDN Burum SAS Customer HQ STU

  11. Focus on encryption devices 64Kb Circuit Switched Data - 3.1Khz Audio • STU-IIIMotorola/ATT/GE • Sectera Wireline (FNBDT/PSTN)General Dynamics • OmniXi L3 • STE (via STU interface) L3 Circuit Switched Data - ISDN UDI/RDI • STE L3 • KIV-7 Mykotronics • OmniXi L3 • Brent, Brent 2, Hannibal, Thamer Packet Switched Services • DC2K IP EncryptorThales • KG-175 Taclane ClassicGeneral Dynamics • KG-235 Sectera INEGeneral Dynamics • KG-250 AltaSecViaSat • KG-240 Red Eagle L3

  12. Interoperability results so far… • Thales DC2K • STU-IIB/III • STE • Viasat KG-250 • Taclane KG-175 • Sectera KG-235 • Successfully tested over BGAN

  13. Preliminary results(i) Up to 100% improvement • FTP transfer of 1MB file, using T&T explorer 500 and LINUX platform; • Throughputaveraged over 10 file transfers • Best Throughput observed over 10 file transfers

  14. Conclusions • Network Security (TRANSEC) • BGAN uses all of the latest Commercial security measures to protect itself against service interception, eavesdropping or statistical analysis from third parties. • Content Security (INFOSEC) • Commercial and Government Grade encryption mechanisms have been proven to work over BGAN ensuring end-to-end confidentiality and integrity of the data content.

  15. Position reporting in BGAN

  16. BGAN - position reporting • Why is User Terminal position reporting required? • Regulatory • May require that UT position is known when operating in certain jurisdictions • Billing • Allows for zone/country based tariffs • Expedites call setup process • BGAN UT contains built-in GPS receiver • GPS position reported (encrypted) to network as part of registration process • Special circumstances mean that important government customers may find this facility an obstacle to purchasing the service

  17. Solution – disable position reporting • Considerations • Minimum level of UT position reporting for network access is required – spot beam ID • GPS receiver required in UT in order to determine its location and provide optimised operation • Solution • Disablement through a SIM feature • UT translates GPS position to a spot beam ID using internal map • Only spot beam ID reported to network • UT operates discretely within a spot beam (200 - 600 km diameter)

  18. Discrete Operation SIM Solution – disable position reporting Position Reporting Disabled

  19. Secure voice over 32kbps streaming IP BGAN Service

  20. Secure voice in the government sector • Key application for both Civil and Military Government agencies • Core Secure Voice traffic is low but stable and expected to remain stable • Secure Voice is an enabler for BGAN Sales in Government Sector. • Cost and Functionalities scrutinised by Procurement decision makers in that sector • Secure Voice over 3.1kHz Audio Channel (64kb/s) does not cater for all markets • Need for Cost Effective Secure Voice Solutions over BGAN

  21. Example of architecture Solutions: Technical • The 4kbps Voice service cannot be used for encrypted voice • Secure Voice over IP is the way forward:The BGAN 32kbps Streaming Class (IP) service can be used as transport mechanism for Encrypted Voice.

  22. Broadband for a mobile planetTM

More Related