Your search keyword '"GLOBAL Information Grid"' showing total 70 results

1. DOD CYBER IA RANGE OPEN AND READY FOR CUSTOMERS.

Author

Gaudreau, Neil and Combs, Jeffrey

Subjects

COMPUTER systems, COMPUTER security, COMPUTER virus prevention, COMPUTER worms, DATA security, GLOBAL Information Grid

Abstract

The article discusses the move of the Department of Defense (DoD) to develop the Cyber Information Assurance Range (Cyber Range) to test, train, and educate the workforce in the U.S. It explores the capabilities and functions of the Cyber Range, which also replicates Global Information Grid (GIG) characteristics and computer network defense (CND). It also notes that the program eliminates the risks to operational networks and it is maintained by network professionals.

Published

2012

2. Towards an Active, Autonomous and Intelligent Cyber Defense of Military Systems: the NATO AICA Reference Architecture

Author

Mauno Pihelgas, Paul Theron, Agostino Panico, Alexander Kott, Luigi V. Mancini, Krzysztof Rzadca, Martin Drašar, and Benoît Leblanc

Subjects

FOS: Computer and information sciences, Computer Science - Cryptography and Security, Computer science, 020209 energy, 02 engineering and technology, Cyber security, Computer security, computer.software_genre, Intelligent agent, Cyberwarfare, Cyber defense, 0502 economics and business, 0202 electrical engineering, electronic engineering, information engineering, Reference architecture, Architecture, Autonomy, Human security, Cyber warfare, 050210 logistics & transportation, Multi-agent system, 05 social sciences, Global Information Grid, computer, Cryptography and Security (cs.CR)

Abstract

Within the future Global Information Grid, complex massively interconnected systems, isolated defense vehicles, sensors and effectors, and infrastructures and systems demanding extremely low failure rates, to which human security operators cannot have an easy access and cannot deliver fast enough reactions to cyber-attacks, need an active, autonomous and intelligent cyber defense. Multi Agent Systems for Cyber Defense may provide an answer to this requirement. This paper presents the concept and architecture of an Autonomous Intelligent Cyber defense Agent (AICA). First, we describe the rationale of the AICA concept. Secondly, we explain the methodology and purpose that drive the definition of the AICA Reference Architecture (AICARA) by NATO's IST-152 Research and Technology Group. Thirdly, we review some of the main features and challenges of Multi Autonomous Intelligent Cyber defense Agent (MAICA). Fourthly, we depict the initially assumed AICA Reference Architecture. Then we present one of our preliminary research issues, assumptions and ideas. Finally, we present the future lines of research that will help develop and test the AICA / MAICA concept., Comment: This is a pre-print version of the paper that appears in the Proceedings of the International Conference on Military Communications and Information Systems, Warsaw, Poland, 22-23 May 2018. arXiv admin note: substantial text overlap with arXiv:1803.10664

Published

2018

3. Circuit switching is coming back?

Author

Manfred Schneps-Schneppe

Subjects

Circuit switching, Computer science, business.industry, Global Information Grid, Service provider, Computer security, computer.software_genre, Cut-through switching, Telecommunications network, LAN switching, Intelligent Network, Packet switching, Control and Systems Engineering, Signal Processing, Telecommunications, business, computer, Software

Abstract

Communication specialists around the world are facing the same problem: shifting from circuit switching (CS) to packet switching (CS). Communication service providers are favoring “Allover-IP” technologies hoping to boost their profits by providing multimedia services. The main stakeholder in this field of the paradigm shift is the industry itself: packet switching hardware manufacturers are going to earn billions of dollars and thus pay engineers and journalists many millions for the promotion of the new paradigm. However, this drive for profit is tempered by life itself. This article is devoted to the discussion of the telecommunications development strategy. We will provide examples to illustrate the difficulties that complicate the transition from CS to PS and make us question the feasibility of shifting the telecommunications paradigm. We will consider two examples: (1) the development of the global information grid (GIG) of the United States Department of Defense communications network, the world’s largest departmental network, which is still based on SS7 signaling and an intelligent network (2) the emergence of new trends in microelectronics: the construction of networks on a chip (NoC) oriented towards packet switching, where a return to packet switching is observed.

Published

2015

4. Network management challenges for joint forces interoperability

Author

Robert Welsh, Kim Jakubowski, Keith Whittaker, George F. Elmasry, and Manoj Jain

Subjects

Computer Networks and Communications, business.industry, Computer science, Interface (Java), Interoperability, Global Information Grid, Encryption, Computer security, computer.software_genre, Computer Science Applications, Network management, Default gateway, Joint (building), Electrical and Electronic Engineering, business, Telecommunications, Internetworking, computer

Abstract

There are numerous challenges one can face while creating joint network management in tactical networks. Although many of these challenges are political, there are significant technical challenges that are currently being addressed by the research community. This article presents some of the challenges faced by the NM architecture from the tactical edge and across the global information grid, where IPbased networks and radios must work together seamlessly in joint missions in the presence of encryption tunnels. It shows some cases where unconventional NM techniques must be considered in order to meet the objectives of joint missions. These techniques should be considered when different networks from the same force (e.g., the U.S. Army), joint U.S. military services' networks, and coalition forces' networks interface together. The article is divided into three main sections. The first presents some of the urgent challenges facing NM interoperability across the GIG, while the second covers an architectural approach that relies on gateway nodes and abstraction techniques. The third section presents a conflict resolution case showing how different tactical network managers need to interface to each other with techniques that are not considered in commercial networks.

Published

2011

5. Using Modeling and Simulation to Examine the Benefits of a Network Tasking Order

Author

James T. Moore, Gilbert L. Peterson, Kenneth M. Hopkinson, and Matthew Compton

Subjects

Computer science, Quality of service, Global Information Grid, ComputerApplications_COMPUTERSINOTHERSYSTEMS, Computer security, computer.software_genre, Modeling and simulation, Order (exchange), Modeling and Simulation, Command and control systems, Command and control, Systems engineering, Engineering (miscellaneous), computer

Abstract

The Global Information Grid (GIG) is the military’s computer and communications network which supports the myriad of military missions. Military missions are highly planned, passing through many hands in the strategy-to-task methodology to ensure completeness, accuracy, coordination, cohesion, and appropriateness. A benefit of this planning is the possibility to collect knowledge of future conditions that could be of use to network designers whose goals include optimizing and protecting the GIG. This advanced knowledge includes which networked military equipment will be involved, what their capabilities are, where they will be, when they will be there, and particulars on the required data flows. A Network Tasking Order process is proposed as a means of collecting this information, analyzing the information to generate network taskings, and disseminating those taskings. Tactical integration of assets in mobile networks is introduced as another planning variable in the battlefield; not unlike logistical considerations such as fuel, ammunition, water, and so on used currently in operation planning. Modeling and simulation is used to support the proposed benefits.

Published

2010

6. Net-Centric Adapter for Legacy Systems

Author

T. Turner, S. Soderlund, and A. Thomas

Subjects

Engineering, Software modernization, Computer Networks and Communications, business.industry, Net-centric, Legacy system, Mission critical, Global Information Grid, Interoperability, Computer security, computer.software_genre, Computer Science Applications, Control and Systems Engineering, Component-based software engineering, Systems engineering, Electrical and Electronic Engineering, Software architecture, Software engineering, business, computer, Information Systems

Abstract

The Net-Centric Adapter for Legacy Systems (NCALS) is a software technology that makes legacy system data and services available in near real-time to the military Global Information Grid (GIG). The intent of NCALS is to lower the cost and risk, and to decrease the time required for legacy systems to comply with U.S. Department of Defense (DoD) net-centric technical standards. Many different systems could use a common, configurable NCALS software component to comply with these standards. The benefit to the warfighter is improved interoperability with joint and coalition forces. NCALS enables legacy systems to move to a Service-Oriented Architecture (SOA) compatible with the GIG without requiring a costly and risky re-architecture of their legacy software. In addition, NCALS enables mission critical systems such as weapon systems to segregate their real-time, mission critical software from enterprise integration software. This maintains the safety and security required by such systems, while accommodating rapid changes in Internet-based, enterprise technologies. This paper will discuss the legacy system challenge and describe a technology prototype developed by the Naval Surface Warfare Center (NSWC) Dahlgren to realize the NCALS concept. The prototype works automatically, behind the scenes, to expose legacy data to the GIG and to make GIG data available to legacy systems.

Published

2009

7. Improving the Global Information Grid's Performance through Satellite Communications Layer Enhancements

Author

Richard A. Raines, Michael R. Grimaila, Rusty O. Baldwin, Barry E. Mullins, V.P. Hubenko, and Robert F. Mills

Subjects

Information Age, Situation awareness, Multicast, Computer Networks and Communications, Computer science, End user, business.industry, Information sharing, Global Information Grid, Battlespace, Computer security, computer.software_genre, Computer Science Applications, Communications satellite, Electrical and Electronic Engineering, Telecommunications, business, computer

Abstract

With the information age in full and rapid development, users are becoming accustomed to having immediate access to information. Users demand more capabilities from every kind of electronic device: more processing power, more features, and better connectivity. Users are also realizing the benefits of collaborating with others in their communities to help expand the body of knowledge. One user that understands the benefits of information sharing is the United States Department of Defense. The DoD's Network-Centric Enterprise Services initiative, along with the concept of pushing the "power to the edge," aims to enable end users with maximum situational awareness and the most comprehensive battlespace, all in a secure networking environment. Providing so much data and capabilities to the end user, however, will require an increase in communications capability and efficiency. To address increased capability needs, the DoD is continually developing and enhancing the global information grid (GIG) throughout its various "layers" of communication infrastructure. One such layer of infrastructure involves the use of cooperative low Earth orbiting satellites for efficient multicasting communications. In this article we review the network-centric concept and the GIG infrastructure. We then discuss the potential benefits to adding a low Earth orbit satellite communications infrastructure to the GIG model. Finally, we show how multicasting protocols can enhance the efficiency within the GIG and reduce some of the long-haul communications burdens

Published

2006

8. Key Challenges of Military Tactical Networking and the Elusive Promise of MANET Technology

Author

Brian Haberman, Jack L. Burbank, William Kasch, and P.F. Chimento

Subjects

Space technology, Computer Networks and Communications, Wireless ad hoc network, business.industry, Network security, Computer science, Global Information Grid, Access control, Mobile ad hoc network, Computer security, computer.software_genre, Computer Science Applications, Network management, Key (cryptography), Network-centric warfare, Electrical and Electronic Engineering, business, computer

Abstract

Mobile ad hoc networks (MANETs) are considered by many as fundamental to realizing the global information grid (GIG) and the vision of network-centric warfare. Indeed, a fully realized MANET would be powerful in enabling highly mobile, highly responsive, and quickly deployable tactical forces. However, significant technical challenges remain before this realization is viable. Addressing these deficiencies is a significant task that will require the invention and adoption of new technology. The goal of this article is not to declare these capabilities impossible to achieve. Rather, it is to manage the expectation of the capabilities achievable in the foreseeable future through edification on the technical difficulties standing between current technology and the desired capabilities. This article provides an overview of the military MANET problem space, describing the ideal military MANET solution. Several deficiencies are highlighted that exist between MANET technologies and the desired capability. Identified technical issues include system-level architecture, routing (both interior and exterior), management, security, and medium access control (MAC), with an emphasis on the former two areas

Published

2006

9. 4.4.2 Net-Centric Dynamic System Model Architecture

Author

Yves LaCerte

Subjects

Engineering, business.industry, Event (computing), Net-centric, Distributed computing, Global Information Grid, Interoperability, Context (language use), Computer security, computer.software_genre, Determinism, Chain of events, Architecture, business, computer

Abstract

Net-Centric weapon systems interoperate on the Global Information Grid to achieve information superiority. In a sensor-to-shooter scenario, the chain of events that connect the initiation of a control event to its result is not within a closed space. The chain may incorporate information gathering devices and weapons a thousand miles apart, or any of a myriad of devices in a more local confederated environment. Net-Centric systems need to consider determinism not only on the control side, but the communications side as well. This paper investigates a Net-Centric Dynamic System Model architecture in the context of interoperability.

Published

2004

10. Tactical Command and Control Systems and Network Centric Warfare

Author

Çağatayhan Çolakoğlu

Subjects

System of systems, Battle, Computer science, media_common.quotation_subject, Global Information Grid, ComputerApplications_COMPUTERSINOTHERSYSTEMS, Fire support, Computer security, computer.software_genre, Network-enabled capability, Command and Control,Network Centric Warfare,Network Enabled Capability,Global Information Grid, Command and control, Network-centric warfare, Architecture, computer, media_common

Abstract

One of the major requirements of a Command and Control (C2) system is to gather and distribute information. By bringing these systems under a network centric warfare architecture brings an integrated C2 system of systems. In this paper, information is given on current and near term air defence, fire support and battle management C2 systems. Capabilities for network centric warfare architecture are mentioned by applying of these capabilities to tactical C2 systems.

Published

2014

11. Assessing dual use embedded security for IMA

Author

Thomas Gaska

Subjects

Engineering, Cloud computing security, business.industry, Global Information Grid, Information security, Computer security model, Information assurance, Computer security, computer.software_genre, Security information and event management, Security service, Software security assurance, business, computer

Abstract

Next generation Systems-of-Systems (SoS) Manned and Unmanned Integrated Modular Avionics (IMAs) designs will be challenged to appropriately address emerging security requirements for enhanced Information Assurance (IA) and Trusted Processing (TP). Improvements in security must be accomplished in concert with appropriate insertion of emerging next generation COTS Open Standards leveraging more highly integrated System-on-Chip (SoC) hardware components. New security extensions also need to comply with industry software domain initiatives including Future Airborne Capability Environment (FACETM). At the same time these security extensions need to address mandates for Global Information Grid (GIG) IA and derived protection of Critical Program Information (CPI)/counterfeit components with TP and Trusted Manufacturing (TM) infrastructure. The security threat complexity needs to address exponential pressures in Cyber Warfare with 50-100 Billion interconnected software based devices. It also needs to address the hardware component counterfeit/modification challenges as we move to 10+ Billion transistor chips by 2020 and have further dependence on global supply chain Intellectual Property (IP) and manufacturing. Security is a dual use technology that is receiving focused investment at the university and commercial industry levels. There is a need to be aware of what potential there is for exploiting dual use developments that can be leveraged from investments in cyber security for embedded systems infrastructure. Integrated security initiatives for next generation automobile architecture initiatives like the E-safety Vehicle InTrusion protected Applications (EVITA) project, PREparing SEcuRe Vehicle-to-X Communication Systems (PRESERVE) project, and the AUTomotive Open Systems ARchitecture (AutoSAR) project provide a taxonomy for structuring the dual use assessment. This paper presents a sampling of current university research and future industry initiatives in automotive security for embedded systems and the potential relevance to addressing needs in next generation IMA.

Published

2013

12. Effectiveness of the Department of Defense Information Assurance Accreditation Process

Author

Joseph L Valladares

Subjects

Engineering, ComputingMilieux_THECOMPUTINGPROFESSION, Cost effectiveness, business.industry, Global Information Grid, ComputerApplications_COMPUTERSINOTHERSYSTEMS, Certification, Computer security, computer.software_genre, Information assurance, Engineering management, Host Based Security System, Information system, business, computer, Certification and Accreditation, Accreditation

Abstract

For many years, the Department of Defense (DoD) has used very formalized processes for authorizing the operation of its information systems. This authorization process, known as accreditation within the DoD, has always been based on certification testing of those systems and an assessment of the risks associated with operating those systems on the DoD's Global Information Grid (GIG). Despite using these various costly and process-intensive methods for certification and accreditation (C&A), it is questionable whether or not these processes have actually improved the security of DoD systems and networks commensurate with the cost and effort involved. Further, given current advances in systems security technologies, recent changes in DoD's strategy for operating in cyberspace, and even the very structure of the DoD's enterprise networks in the near future, should (or even can) the DoD continue to test and authorize information systems using these same methodologies? This paper addresses this question and proposes other ways the DoD can more effectively assess its systems and networks to better ensure their security over time.

Published

2013

13. FISMA Compliance Methodologies

Author

Laura P. Taylor

Subjects

Engineering, business.industry, Risk management framework, Global Information Grid, NIST, ComputerApplications_COMPUTERSINOTHERSYSTEMS, Directive, business, Computer security, computer.software_genre, computer, Compliance (psychology)

Abstract

Civilian agencies follow the National Institute of Standards and Technology (NIST) Risk Management Framework (RMF). It addresses the concern for Controlled, but Unclassified Information (CUI). The Department of Defense (DoD) will start using the DoD RMF shortly. It addresses DoD's Global Information Grid (GIG) that includes one unclassified network and three classified networks. The Intelligence Community (IC) Directive 503 (ICD 503) identifies its own unique approach. It minimizes the IC-specific guidance and addresses the security issues associated with interconnected systems.

Published

2013

14. A Model for Command and Control of Cyberspace

Author

Jeffrey A May

Subjects

Engineering, Mission Command, business.industry, Control (management), Global Information Grid, Computer security, computer.software_genre, Cyberwarfare, Defense Switched Network, Argument, Command and control, business, Cyberspace, computer

Abstract

A combination of the United States Transportation Command and the United States Special Operations Command model for command and control is a more appropriate model for the United States Cyber Command to direct the operation and defense of the Department of Defense networks in cyberspace. This paper will define the proposed command and control model and compare that to the current command and control model being used by United States Cyber Command. The argument will be made that cyberspace is a true joint domain and United States Cyber Command will need to control not only the networks, but also the manning, training, and the funding in order to direct the operation and defense of the United States Department of Defense networks.

Published

2012

15. Information Security for Situational Awareness in Computer Network Defense

Author

Uri Blumenthal, William W. Streilein, J.W. Haines, and Gerald C. O'Leary

Subjects

Computer network operations, Situation awareness, business.industry, Computer science, Internet privacy, Global Information Grid, ComputerApplications_COMPUTERSINOTHERSYSTEMS, Information security, business, Computer security, computer.software_genre, computer, Security information and event management

Abstract

Situational awareness – the perception of “what is going on” – is crucial in every field of human endeavor, especially so in the cyber world where most of the protections afforded by physical time and distance are taken away. Since ancient times, military science emphasized the importance of preserving your awareness of the battlefield and at the same time preventing your adversary from learning the true situation for as long as possible. Today cyber is officially recognized as a contested military domain like air, land, and sea. Therefore situational awareness in computer networks will be under attacks of military strength and will require military-grade protection. This chapter describes the emerging threats for computer SA, and the potential avenues of defense against them.

Published

2012

16. Designing a Cyber Attack Information System for National Situational Awareness

Author

Zhendong Ma, Thomas Bleier, Paul Smith, and Florian Skopik

Subjects

Situation awareness, Computer science, business.industry, Global Information Grid, Internet privacy, Computer security, computer.software_genre, Conceptual framework, Information and Communications Technology, Information system, Key (cryptography), Cyber-attack, Cyberspace, business, computer

Abstract

Information and communication technology (ICT) systems underpin many of today’s societal functions and economic development. Consequently, protecting a nation’s ICT infrastructure from deliberate cyber attacks and unintentional disruptions is of paramount importance. Collaboration among all parties across all domains of cyberspace is the key to effective and coordinated effort to cope with cyber threats. This is particularly the case as cyber threats become increasingly sophisticated and distributed. In this paper, we introduce the foundational building blocks to realize an efficient incident response cycle on a national level, and propose the design of a conceptual framework – the Cyber Attack Information System (CAIS) – for establishing national cyber situational awareness.

Published

2012

17. Does the United States Need a New Model for Cyber Deterrence?

Author

Kamaal T. Jabbour and E. Paul Ratazzi

Subjects

business.industry, Computer science, Interdependent networks, Global Information Grid, Information technology, ComputerApplications_COMPUTERSINOTHERSYSTEMS, Computer security, computer.software_genre, Domain (software engineering), Computer network operations, The Internet, Deterrence theory, business, Cyberspace, computer

Abstract

Joint Publication 1–02, Department of Defense (DoD) Dictionary of Military and Associated Terms,1 defines Cyberspace as a global domain within the information environment consisting of the interdependent networks of information technology infrastructures, including the Internet, telecommunications networks, computer systems, and embedded processors and controllers and Cyberspace operations as the employment of cyber capabilities where the primary purpose is to achieve military objectives or effects in or through cyberspace. Such operations include computer network operations and activities to operate and defend the Global Information Grid. We view cyberspace first and foremost as a foundational domain that enables US military superiority and secondarily as another warfighting domain in its own right, where specific effects can We view cyberspace first and foremost as a foundational domain that enables US military superiority and secondarily as another warfighting be achieved through cyberspace operations. In the past, cyberspace has been viewed as a largely uncontested environment.2 However, a recent Air Force Scientific Advisory Board (SAB) study3 concluded that during a conflict, the nature and availability of this environment can and will change dramatically. Furthermore, there exists mounting evidence that our national approach to security in this domain is not keeping pace with the threat,4 our military networks have widespread vulnerabilities,5 and the strategy to protect our national interests in this new environment has been largely unsuccessful.6

Published

2012

18. GIG End-to-End Policy Based Network Management: A new approach to large-scale distributed automation

Author

Steven A. Davidson, Frank Bronzo, Mu-Cheng Wang, Jerry D. Burchfiel, J. Zinky, and Sam Mohan

Subjects

business.industry, Computer science, Scale (chemistry), Global Information Grid, Computer security, computer.software_genre, Automation, Data modeling, Network management, End-to-end principle, Wireless, Combatant, business, computer

Abstract

Providing seamless, reliable communications across the Global Information Grid (GIG) presents many unique challenges for network management. Beyond the fact that, as an entity, the GIG encompasses many diverse, operating environments (wired and wireless, tactical and strategic), it faces the challenge of operating a connected series of separate administrative domains which are each governed by different Services (and organizations with each of the services), Combatant Commands (COCOMs), and Agencies. At the same time, it is expected - in fact it is required - to operate as a seamless whole in order to support on-going missions - despite the challenges of a dynamically-changing environment and shifting mission priorities

Published

2011

19. Command and Control of the Department of Defense in Cyberspace

Author

Frank A. Shaul

Subjects

Engineering, National security, ComputingMilieux_THECOMPUTINGPROFESSION, business.industry, Global Information Grid, Homeland security, ComputerApplications_COMPUTERSINOTHERSYSTEMS, ComputingMilieux_LEGALASPECTSOFCOMPUTING, Public relations, Computer security, computer.software_genre, Cyberwarfare, National Strategy to Secure Cyberspace, Command and control, business, Cyberspace, computer, Information exchange

Abstract

This paper examines current national cyberspace strategy and its implementation throughout the Department of Defense (DoD), the Service components and the Department of Homeland Security (DHS). Understanding the ordered effects of cyberspace will assist our nation s leaders, DoD, and DHS to develop and implement policy and structure for effective command and control of the nation s cyberspace resources to achieve national security objectives. To develop, implement, and sustain a viable strategy for cyberspace DoD leadership must focus defense policy on resources required to develop military and civilian leadership, and to train our military forces to defend the global information grid and assist in the protection of commercial networks as necessary to defend U.S. interests. Based on strategic guidance and the recent standup of United Sates Cyber Command (USCYBERCOM) and its mission to defend DoD networks, and to centralize command of cyberspace operations, Congress must authorize USCYBERCOM in coordination with DHS to act appropriately in defense of our nation s commercial and military information networks.

Published

2011

20. What is Cyber Warfare?

Author

Steve Winterfeld and Jason Andress

Subjects

Engineering, Computer science, business.industry, Global Information Grid, Botnet, ComputerApplications_COMPUTERSINOTHERSYSTEMS, Computer security, computer.software_genre, Phishing, GeneralLiterature_MISCELLANEOUS, Critical infrastructure, Operational level of war, Cyberwarfare, Identity theft, Terrorism, Global Positioning System, ComputingMilieux_COMPUTERSANDSOCIETY, Cyber-attack, Asymmetric warfare, Cyber electronic warfare, Artillery, Cyberspace, business, computer, Hacker

Abstract

Publisher Summary This chapter illustrates what cyber warfare is and how it can impact the life or business on a personal level and explores the national aspect from both the policy and practical levels. The Department of Defense defines cyberspace as the notional environment in which digitized information is communicated over computer networks. The National Military Strategy for Cyberspace Operations defines cyberspace as the domain characterized by the use of electronics and the electromagnetic spectrum to store, modify, and exchange data via networked systems and associated physical infrastructures. Today's critical infrastructure networks are key targets for cyber attack because they have grown to the point where they run the command and control systems, manage the logistics, enable the staff planning and operations, and are the backbone of the intelligence capabilities. More importantly today, most command and control systems, as well as the weapon systems themselves, are connected to the Global Information Grid or have embedded computer chips. Airplanes have become flying routers receiving and sending targeting information constantly. Air Defense and Artillery are guided by computers systems and they shoot smart munitions that adjust their flight based on Global Positioning System updates to guide themselves to the target. The Intelligence Surveillance and Reconnaissance systems gather so much information the challenge is sifting through it to find the critical data. Today's infantry squad has communication gear, Global Positioning System, tracking devices, cameras, and night vision devices. The computer chip is ubiquitous and has become one of the U.S. centers of gravity. It is the strength and could be turned into the weakness if taken away.

Published

2011

21. Cybersecurity: A joint terminal engineering office perspective

Author

Wes Gavins and Judy Hemenway

Subjects

Engineering, business.industry, Global Information Grid, Information assurance, Computer security, computer.software_genre, Vulnerability assessment, Systems development life cycle, Information system, System integration, business, computer, Risk management, Certification and Accreditation

Abstract

The integration of cyberspace and space systems development and operations activities has become essential to the successful achievement of Air Force Space Command (AFSPC) Net-Centric mission requirements. In general, approaches to Air Force risk management and cybersecurity have focused largely on the implementation of technology as reactive mechanisms in the operational environment. The importance of proactively addressing the risks associated with space/cyberspace integration at any point in the system development lifecycle (SDLC) and iteratively re-addressing those risks throughout the SDLC has become even greater in the face of continually evolving cyberspace threats. In response to this situation, an approach to threat and vulnerability assessments has been developed to conduct risk identification, analysis, handling, and monitoring iteratively throughout the SDLC for the Military Satellite Communications (MILSATCOM) Systems Wing (MCSW) portfolio of programs. The U.S. Department of Defense (DoD) Joint Terminal Engineering Office (JTEO) emphasizes proactive end to end terminal engineering analysis that is critical to the success of terminal acquisition programs (systems development) and the operational (warfighter) mission. This paper presents the JTEO's approach to addressing cyber-based threats and vulnerabilities to MILSATCOM systems, architectures, and Joint terminal development that integrates both qualitative and quantitative engineering analyses for improved decision-making regarding the effectiveness of and return on investment (ROI) from terminal requirements. The JTEO approach to threat, vulnerability and risk assessment adapts MCSW and AFSPC enterprise risk management strategies by identifying cyberspace threats to the terminal segment and supporting the mitigation of those threats during systems engineering, development, systems integration, test and evaluation, and information assurance (IA) certification and accreditation (C&A) and supplying the results of those efforts to the enterprise. The JTEO cybersecurity initiatives support the terminal C&A process and can also support the process by which terminals may gain approval to connect to MILSATCOM systems, and potentially, through those MILSATCOM systems, to the Defense Information Systems Network (DISN)/Global Information Grid (GIG).

Published

2010

22. Cybersecurity risk management

Author

Judy Hemenway, Peter T. Katsumata, and Wes Gavins

Subjects

Engineering, business.industry, Global Information Grid, Homeland security, ComputingMilieux_LEGALASPECTSOFCOMPUTING, System lifecycle, Security policy, Computer security, computer.software_genre, Critical infrastructure, Information system, business, computer, Risk management, Vulnerability (computing)

Abstract

Mission systems have become increasingly integrated with and dependent on the Information Technology (IT) and digital communications systems of cyberspace, resulting in increased susceptibility of those systems, and the missions they support, to cybersecurity attacks. Consequently, the integration of Cyberspace Operations with Terrestrial, Afloat, Air and Space Operations has become essential to the success of those missions, and the development, fielding, and operation of those mission systems in a secure manner have become vitally important. In general, approaches to cybersecurity for mission systems and for the development infrastructure that supports the production of those systems have focused on the implementation of technology as reactive mechanisms in the operational environment. Although those technical mechanisms are evolving and becoming increasingly sophisticated, they are not sufficient to provide the strength of protection and resiliency that is needed in today's complex and highly interconnected cyberspace domain. A more proactive approach is needed that builds in protective and resiliency mechanisms during acquisition and development, providing increased assurance that the security features, practices, procedures, and architecture of an information system are strong enough to mitigate all known operational risks, and accurately enforce Department of Defense (DoD) security policies. This paper presents a methodology for cybersecurity risk management (CSRM) for DoD mission systems that incorporates both qualitative and quasi-quantitative analyses for improved decision-making regarding effectiveness and return on investment (ROI). This methodology is designed to be used iteratively throughout the entire system lifecycle, during both system acquisition and operations. The methodology is in alignment with the Department of Homeland Security (DHS) National Infrastructure Protection Plan (NIPP), DoD's Defense Industrial Base (DIB) Critical Infrastructure and Key Resources Sector-Specific Plan, National Institute of Standards and Technology (NIST) risk management standards, International Organization for Standardization (ISO) risk management standards, DoD risk management standards, DoD policies and directives for the Global Information Grid (GIG), and other emerging national cybersecurity initiatives.

Published

2010

23. Defense Critical Infrastructure Program (DCIP) Space Sector Overview

Author

Douglas Thayer

Subjects

Prioritization, Process management, business.industry, Global Information Grid, ComputingMilieux_LEGALASPECTSOFCOMPUTING, ComputerApplications_COMPUTERSINOTHERSYSTEMS, Space (commercial competition), Computer security, computer.software_genre, Critical infrastructure, Identification (information), Combatant, Business, computer, Risk management

Abstract

The Department of Defense (DoD) established the Defense Critical Infrastructure Program (DCIP) as its risk management program to ensure the availability of critical assets and encourage strategies to protect against and mitigate the effects of hazards and threats to these assets. Activities of the DCIP include the identification, prioritization, assessment and assurance of Defense Critical Infrastructure (DCI) as a comprehensive program. Participants in the program include Services, Combatant Commands, Defense Agencies, and Defense Infrastructure Sectors. Defense Infrastructure Sectors are virtual organizations within the DCIP program that traverse normal organization boundaries and encompass networks, assets and associated dependencies to perform similar functions within the DoD. Examples of DCIP Sectors include the Defense Industrial Base, the Global Information Grid, and Space.

Published

2010

24. AF-TRUST, Air Force Team for Research in Ubiquitous Secure Technology

Author

Laurence J Rohrbough, S. Shankar Sastry, Janos Sztipanovits, Douglas C. Schmidt, and Kenneth P. Birman

Subjects

Engineering, business.industry, Network security, Quality of service, Information architecture, Global Information Grid, Information security, Computer security, computer.software_genre, Information assurance, Engineering management, Enterprise system, Resilience (network), business, computer

Abstract

AF-TRUST was established to address Air Force challenges associated with the Global Information Grid (GIG) and Network Centric Enterprise Systems (NCES). The AF-TRUST team (Berkeley, Cornell, Vanderbilt) focused on top Air Force research priorities and advanced the state-of-the-art in cyber-assurance to address key trust- and Quality of Service (QoS)-related properties simultaneously throughout the lifecycles of large-scale Air Force systems. This was done via a novel combination of analytical and experimental techniques with research and development activities focused in three areas: (1) Scalable, Real-Time, and Fault-Tolerant Quality of Service (QoS), (2) Very Large-Scale Information Assurance and Security Policy Management, and (3) Scalable and Secure Discovery, Information Architecture, and Mediation.

Published

2010

25. Access Control Mechansim for Mobile Ad Hoc Network of Networks (MANoN)

Author

Hussein Zedan, Ali H. Al-Bayatti, and Francois Siewe

Subjects

Wireless ad hoc network, Computer science, business.industry, Global Information Grid, Mobile computing, Access control, Mobile ad hoc network, Computer security, computer.software_genre, Network simulation, Intelligent Network, Security management, business, computer, Computer network

Abstract

Many military research efforts have concentrated on how to allow war-fighters to take advantage of all available information within the battlefield in a rapid and flexible manner. As a result, the development of the Global Information Grid (GIG) was the key enabler for this process; hence, adding to the development of the mobile networking part of the GIG, the concept of the Mobile Ad hoc Network of Networks (MANoN) is introduced. This paper proposes a novel access control mechanism achieving the prevention essential; defined in the ITU-T M.3400 security management recommendation to manage securely the future of military Network-Centric Warfare (NCW). The authors will employ formal description as a method of handling both sequential and parallel composition in flexible timely constrains, in addition, this technique will be evaluated using the Network Simulator (NS-2) to provide and check whether access control requirements are met in a comprehensive manner.

Published

2010

26. NetCentric Application End-to-End Mission Effectiveness Metering and Visualization

Author

Nick Stavros, Marc Abrams, and James Seeley

Subjects

Engineering, Service (systems architecture), computer.internet_protocol, business.industry, Global Information Grid, ComputerApplications_COMPUTERSINOTHERSYSTEMS, Service-oriented architecture, Computer security, computer.software_genre, End-to-end principle, Service level, Systems engineering, Leverage (statistics), Open architecture, Conformance testing, business, computer

Abstract

A significant shortfall in current NetCentric Test and Evaluation (T&E) capabilities is the ability to properly meter and assess the end-to-end effectiveness of Joint and Air Force Mission Tactical Services (MTS) based missions. Tactical missions may be based in part or totally on Service Oriented Architecture (SOA) services (e.g., WS, REST, Data Delivery Service (DDS)). Programs of Record (PORs) are embracing SOAs in all facets of 21 st Century Warfare as an effective way to leverage the power of the Global Information Grid (GIG). Current open architecture/standards conformance and compliance testing tools are insufficient to fully evaluate the overall performance of services based missions. Warfighters are reluctant to fully embrace MTS, without confidence that required end-to-end performance (e.g., Service Level Agreements (SLAs)) is achieved and maintained. A new T&E methodology is needed to meter end-to-end effectiveness of tactical missions and visualize this metric on a near real time basis.

Published

2010

27. The joint IP modem: Overview, capabilities and Global Information Grid integration

Author

Ling-Bing Kung, Beverly Simons, and Bruce Bennett

Subjects

Engineering, business.industry, Interoperability, Global Information Grid, Transmission security, Computer security, computer.software_genre, law.invention, Open standard, law, Default gateway, Internet Protocol, Communications satellite, Information system, Telecommunications, business, computer

Abstract

In February 2006, the Department of Defense (DoD) Chief Information Officer (CIO) issued a memorandum with the subject heading, “Department of Defense Policy for Transmission of Internet Protocol Over DoD-Leased and DoD-Owned Transponded Satellite Communications Systems” explaining the need to provide a single solution that supports direct interoperability between users, maximizes bandwidth-on-demand efficiencies, and does not constrain the Department to a single vendor's products. The memorandum goes on to recognize the Defense Information Systems Agency (DISA) as the executive agent to provide technical leadership, and develop a strategy to acquire and install the Joint Internet Protocol Modem (JIPM) for use by the COCOMs, Services and Agencies. DISA ensured that the JIPM was based on Net-Centric technologies utilizing open standard DVB-S2/RCS and COTS IP technology to achieve timely and economical delivery of capabilities with the addition of NSA approved transmission security (TRANSEC). Bandwidth efficiency and security are increasingly more important as Net-Centric satellite communications are seamlessly integrated with the Defense Information Systems Network Global Information Grid (DISN/GIG). As explained in this paper, the JIPM will deliver this efficiency and security to satisfy DoD Gateway's (e.g., Teleport and STEP) requirement to provide secure, worldwide IP Satellite Communications (SATCOM) access to the deployed WarFighter (e.g., GBS) and to deliver capabilities essential to meeting tactical remote user's communication requirements to achieve final authority to operate.

Published

2009

28. Buying Down Strategic Risk: Institutionalizing Security Force Assistance

Author

Jeffrey W. Dill

Subjects

Engineering, business.industry, Global Information Grid, Military acquisition, Military strategy, Public relations, Computer security, computer.software_genre, Military justice, Irregular warfare, Security forces, International security, Organizational structure, business, computer

Abstract

The Armed Forces of the United States will continue to organize, train, equip and advise security forces in Afghanistan, Iraq, and other partner countries for the foreseeable future. This project examines ongoing efforts by the Department of Defense to bring irregular warfare, of which foreign security force assistance is a key component, into strategic balance with conventional (traditional) warfare. The research identifies gaps that exist between the new defense strategy, defense policy, and organizational structure, conventional force employment, and training. Recommendations are provided to address the identified gaps in order for the Armed Forces of the United States to better achieve an appropriate strategic balance, buy down strategic risk, and be more capable of responding to complex issues and operations associated with the current and future global security landscape.

Published

2009

29. Command and Control of Network Operations

Author

Robert A. Barker

Subjects

Engineering, Operations research, Mission Command, business.industry, media_common.quotation_subject, Global Information Grid, Doctrine, ComputerApplications_COMPUTERSINOTHERSYSTEMS, Computer security, computer.software_genre, Network operations center, Command and control, Network-centric warfare, Combatant, business, computer, Military doctrine, media_common

Abstract

Command and control of network operations is required to synchronize cyberspace operations, fully utilize the concepts of Joint Net-Centric Operations (JNO), and operate and defend the joint communications network. The current network operations command and control structure does not provide the Geographical Combatant Commander unity of command or unity of effort in his execution of these requirements. The 2008 Unified Command Plan (UCP) assigns the Geographical Combatant Commander authority over all military operations, to include the joint theater network, in his area of responsibility. It assigns the mission of directing operation and defense of the global information grid (GIG) to Commander, United States Strategic Command (USSTRATCOM). The current network operations command and control structure was developed in support of the USSTRATCOM mission without appropriately addressing the Geographical Combatant Commander's authority over his theater network. Command relationships based on UCP assigned responsibilities and in accordance with joint command and control doctrine must be developed to provide the Geographical Combatant Commander unity of command and unity of effort to allow him to fully integrate the network as a component of the Joint Warfight.

Published

2009

30. Proactive Self Defense in Cyberspace

Author

Bruce D. Caulkins

Subjects

Engineering, business.industry, Internet privacy, Global Information Grid, ComputerApplications_COMPUTERSINOTHERSYSTEMS, ComputingMilieux_LEGALASPECTSOFCOMPUTING, Computer security, computer.software_genre, Information assurance, Information warfare, Cyberwarfare, National Strategy to Secure Cyberspace, Cyberterrorism, Cyber-attack, business, Cyberspace, computer

Abstract

The most prevalent form of warfare in the 21st Century will occur in cyberspace. Cyberwarfare can take on many forms and levels of volatility and the persistent environment of cyberwarfare will force network and systems security specialists to continue improving upon their tools of the trade. Most of these tools are reactive in nature. The U.S. Department of Defense (DoD) and other government agencies need to develop a blend of reactive and proactive tools and standards to properly secure and defend the Global Information Grid (GIG) from cyber attacks. This paper will discuss the strategic requirements for enacting a proactive self-defense mechanism in cyberspace. It starts by providing a background on the cyber issues, vulnerabilities, and threats that face us today. Then it discusses the future cyber threats and how a proactive cyber defense will combat these threats. Supporting technologies like modeling and simulation and the Disruption Tolerant Network (DTN) are addressed as well. The paper then concludes with strategic recommendations for establishing a proactive self-defense in cyberspace to properly secure the GIG while maintaining superiority in the cyber domain.

Published

2009

31. DNS and Multilevel Secure Networks: Architectures and Recommendations

Author

Cynthia E. Irvine, David J. Shifflett, Timothy E Lavin, and Paul C. Clark

Subjects

Software_OPERATINGSYSTEMS, business.industry, Computer science, Domain Name System, ComputerSystemsOrganization_COMPUTER-COMMUNICATIONNETWORKS, Global Information Grid, Testbed, Enterprise information security architecture, Computer security, computer.software_genre, law.invention, law, Internet Protocol, The Internet, DNS hijacking, business, Communications protocol, computer, Computer network

Abstract

The Domain Name System (DNS) protocol was introduced to solve a naming problem in TCP/IP networking, namely, to provide a translation service of system names to network addresses (i.e., Internet Protocol (IP) addresses). The protocol was not developed with a requirement to support multilevel secure (MLS) networks. However, the Department of Defense (DoD) vision for the Global Information Grid (GIG) entails support for multilevel networks. In the future, DNS installations must securely deal with multilevel issues. This paper describes specific design recommendations for providing MLS DNS in the context of the GIG Vision, and the Monterey Security Architecture (MYSEA) Testbed. It also describes several other potential MLS DNS architectures along with their advantages and disadvantages.

Published

2009

32. Universal Monitoring Platform for Interactive Real-Time Expansive networks (UMPIRE)

Author

Shervin Mostashfi and David Bridges

Subjects

Collaborative software, Computer science, business.industry, Global Information Grid, Network monitoring, Computer security, computer.software_genre, System monitoring, Engineering management, Key (cryptography), Software system, Test plan, business, computer, Wireless sensor network

Abstract

Peerless Technologies Corporation and team members Clear Creek Applied Technologies (CCAT) and Science Applications International Corporation (SAIC) propose our exclusive uniform, yet extensible, virtual platform, namely Universal Monitoring Platform for Interactive Real-time Expansive networks (UMPIRE) to enable Department of Defense (DoD) to monitor the health of distributed simulation networks (e.g. Global Information Grid [GIG]) that include Live, Virtual and Constructive components (LVC). Our team will design and develop a methodology and test plan for handling the real-time monitoring of networked LVC components in a geographically distributed secure simulation environment and a proof-of-feasibility demonstration of key enabling concepts. Based on cutting-edge technologies available, our team envisions the provision of indispensable support to any current or future national security related endeavors partaken by the DoD. Considered as immediate aspirations for this effort, Research and development will concentrate on novel mechanisms, methodologies, and advanced collaboration technology to monitor the health of distributed simulation networks.

Published

2009

33. Role of Policy Based Enterprise Management in GIG NetOps

Author

G. Shiwmangal, Narendra Kumar, G. MacArthur, A. John, Sitaram Kowtha, Hsin-Ping Chang, S. Crum, A. Mayer, Mark James, B. Fuchs, Amanpreet S. Johal, Edward Chow, P. Kumar, J. Medero, and X.X. Jiang

Subjects

Engineering, business.industry, Global Information Grid, computer.software_genre, Computer security, Automation, Engineering management, Grid computing, Agency (sociology), Information system, Use case, Information infrastructure, business, computer, Policy-based management

Abstract

The Department of Defense (DoD) global information grid (GIG) is a globally networked information infrastructure comprised of heterogeneous information transport networks, computing/data centers, enterprise services and applications, as well as end-user systems and devices. The net-centric operations (NetOps) mission areas span the operation and defense of the GIG. Real-time management and operations of the highly complex, dynamic, and diverse GIG requires a significant level of automation. Policy based enterprise management (PBEM) is an approach for introducing standards based automation of GIG NetOps incrementally. This paper describes PBEM concepts and use case scenarios developed for the Defense Information Systems Agency (DISA) NetOps that are extendable to GIG NetOps. A number of policy based enterprise management (PBEM) related activities are underway in DISA and DoD. One of the goals of these efforts is to collaborate and leverage lessons learned, as well potentially conduct joint demonstrations, pilots and field trials.

Published

2008

34. Fact or Fiction: Internet Surveillance and Reconnaissance Cell

Author

Erin M. Anderson

Subjects

Engineering, education.field_of_study, Situation awareness, business.industry, Global Information Grid, Population, ComputingMilieux_LEGALASPECTSOFCOMPUTING, ComputerApplications_COMPUTERSINOTHERSYSTEMS, Computer security, computer.software_genre, Network operations center, Computer network operations, Global network, Command and control, business, Cyberspace, education, computer

Abstract

In today's society, cyberspace is at the heart of daily living and is both a gift and a burden. The United States is taking measures to ensure that cyberspace continues to be a gift to the population. However, those measures can be a burden on those implementing them if the underlying command and control is immature or complex. The Department of Defense (DOD) has taken a proactive approach to viewing cyberspace as a battlefield and engaging in its defense. The U.S. Strategic Command (USSTRATCOM) has DOD command and control over cyberspace and has delegated much of that to the Defense Information Systems Agency (DISA) Joint Task Force - Global Network Operations (JTF-GNO) for every day global network operations. The Geographic Combatant Commander (CCDR) is responsible for computer network operations within the Geographic Combatant Command (GCC) area of responsibility. The CCDR uses a Theater Network Operations Control Center (TNCC) to oversee network operations in the theater. JTF-GNO has forward deployed assets in GCC known as a Theater Network Operations Center (TNC) which provide the CCDR with the Global Information Grid (GIG) situational awareness within the theater relative to the global view. USEUCOM has taken its defense of its cyberspace assets one step further by creating a Cyber-Threat Intelligence Cell to characterize current threats with the intent to proactively prevent cyber attacks. The CCDR has many options available to successfully protect and defend the GCC cyberspace assets, but these options can be complex and insufficient. This paper compares and contrasts current theater structures and relationships and recommends a course of action for the CCDR to proactively and effectively protect and defend theater cyberspace assets.

Published

2008

35. Coordinating the Global Information Grid Initiative with the NG9-1-1 Initiative

Author

M. Schmitt

Subjects

Engineering management, Grid computing, Net-centric, Global Information Grid, Rank (computer programming), Interoperability, Military computing, Business, computer.software_genre, Computer security, computer

Abstract

As the Department of Defense develops the Global Information Grid, the Department of Transportation develops the Next Generation 9-1-1 system. Close examinations of these initiatives show that the two are similar in architectures, applications, and communications interoperability. These similarities are extracted from the lowest user level to the highest commander rank that will be involved in each network. Once the similarities are brought into perspective, efforts should be made to collaborate between the two departments.

Published

2008

36. Navy internet protocol version 6 (IPv6) transition strategy in support of network-centric operations and warfare

Author

R.C. Ferro, Thang Huu Ho, Albert Legaspi, Anh Nguyen, S. Lam, Tuan Nguyen, Phuong Thi Thu Nguyen, M. Stell, Cuong Quoc Tran, R. Ogden, and Danielle Greene

Subjects

Engineering, Battle, business.industry, Information sharing, media_common.quotation_subject, Global Information Grid, ComputerApplications_COMPUTERSINOTHERSYSTEMS, Computer security, computer.software_genre, IPv6, Navy, Military communications, Information system, The Internet, business, Telecommunications, computer, media_common

Abstract

Network-centric warfare is the operational concept that provides information sharing amongst a large array of networked nodes, including mobile platforms, sensors, space systems, weapons, munitions and war fighters. This information sharing enhances battle space situation awareness, which allows war fighters to get the right information at the right time and place, and to make the right decisions ahead of adversaries. IPv6 is an enabling technology of network-centric operations and warfare for improving the scalability, robustness, agility, security, flexibility and manageability of military communication systems. The large address space, built-in stateless node discovery, Internet Protocol (IP) security (IPSec) and mobility functions offered in IPv6 will be an important enabler for information sharing and distribution amongst war fighters in a dynamic battle space environment. As described in a mid-2003 memo1, to achieve its vision of network-centric operations and warfare, the Department of Defense (DoD) established a goal to transition all military communications networks to IPv6 across the Global Information Grid (GIG), and for all systems that are part of the Defense Information System Network (DISN) that will interoperate with the GIG. The purpose of this paper is to present the Navy overall strategy of transitioning its critical network infrastructure to IPv6 to support network-centric warfare and fleet operations. The paper also highlights the U.S. Navy's recent accomplishments, namely the two Joint Staff IPv6 Operational Criteria - Criterion 4 (known as JCS 4) demonstrations of voice, data, and video integration. In addition, the paper discusses the way forward in light of the establishment and deployment of the multi-site Navy Technical Excellence Center with focus on current and future IPv6 test and evaluation - encompassing laboratory tests, field tests (i.e., experiments), demonstrations, and modeling and simulation - to address operational - - needs and requirements of the war fighters.

Published

2008

37. Enhancing the Deployment and Security of SIPRNET and JWICS Networks using Intrinsic Fiber Monitoring

Author

Shane Shaneman and Cary Murphy

Subjects

Engineering, Network architecture, business.industry, Global Information Grid, Cryptography, Information security, Information assurance, Computer security, computer.software_genre, Encryption, NSA cryptography, Network performance, business, computer, Computer network

Abstract

With the increased requirements for SIPRNET and JWICS access, secure network connectivity has become increasingly pervasive throughout the Department of Defense. The increased deployment of secure networks has resulted in an evolution of secure network architectures and the Information Assurance methods and tools used to protect them. Specifically, new technological advances in the ability to monitor and protect fiber optic cables and connections possess huge potential for cost savings and enhanced protection of critical networks and C4ISR facilities. With the accelerated development and deployment of C4ISR applications on the Global Information Grid, warfighters are developing a strategic dependence upon the availability and integrity of secure networks. While encryption has been used for decades to protect the confidentiality and non-repudiation of national security information (NSI), encryption alone provides no coverage or protection against threats to network availability and integrity. Through recent developments in intrinsic fiber monitoring technology, critical connections can now be proactively monitored to detect any threats or physical attacks on the network WITHOUT degrading network performance or restricting network bandwidth. Using the principles of the Defense in Depth strategy, intrinsic fiber monitoring provides a very agile and scalable protection methodology that can be used by itself or in combination with cryptographic equipment to provide the required protection of classified networks and the ability to withstand the ever-increasing threats to the networks.

Published

2007

38. Service Oriented Architecture (SOA) - Security Challenges and Mitigation Strategies

Author

Cecilia Phan

Subjects

Authentication, computer.internet_protocol, Computer science, business.industry, Global Information Grid, Vulnerability, Access control, Service-oriented architecture, Information security, Cryptographic protocol, Computer security, computer.software_genre, Encryption, The Internet, Single sign-on, business, computer, XML

Abstract

Service Oriented Architecture (SOA) is a new way of operating a network system, and as with all new technologies, it comes with its share of challenges. Of particular difficulty is the challenge of securing a service-oriented system. Due to the intentionally decentralized nature of this system, data flows in all directions and needs to be protected at all times. Additionally, to implement access control it must be first defined somewhere, and the rest of the system needs to be aware of the rules and respect them. Since there are many resources in such a system, it becomes cumbersome to require users to authenticate themselves every time they attempt to access a new resource. "Single Sign On" (SSO) functionality, where a user's credentials are promulgated throughout the Global Information Grid (GIG) to reach all desired services, is a desirable capability but problematic. Additionally, in an SOA all of these security functions are implemented in XML, which brings its own set of problems. This paper will address the security challenges for a SOA. We will describe the problems stemming from the fact that XML is not inherently secure, resulting in special vulnerabilities in the security protocols. We will present strategies for mitigating these vulnerabilities to defend against replay attacks, encryption problems and policy considerations.

Published

2007

39. A QoS management system for dynamically interoperating network- centric systems

Author

Richard E. Schantz, Matthew Gillen, Joseph P. Loyall, and Praveen Sharma

Subjects

Information management, Engineering, Process management, business.industry, Interoperability, Global Information Grid, Computer security, computer.software_genre, Management information systems, Information system, Resource allocation, Network-centric warfare, Resource management, business, computer

Abstract

Effective network-centric warfare requires information exchange with suitable quality of service (QoS) to meet the warfighter's needs. Information delivered too late or with the wrong resolution, form, or precision is insufficient for the user to perform his role in a warfighting scenario. Key characteristics of network-centric warfare environments, as instantiated by the Global Information Grid, are dynamic reconfiguration and interoperability, in which Communities of Interest (COIs) can be formed and reformed dynamically to respond to real-time threats and unfolding situations. There is a need for a QoS management capability that can support the dynamic interoperability and real-time requirements of networkcentric warfare. In order to be effective, this QoS management capability must manage the production, delivery, and consumption of information within available resources, mediate competing demands for resources, and adjust to dynamic conditions. In this paper, we describe the architecture for a QoS Management System (QMS) that works alongside information management systems in dynamic COIs. The QMS provides QoS management (including resource management and quality of information management) in dynamically changing, mission driven environments for interoperating assets within a COI and for assets and resources shared among COIs. The QMS provides mechanisms for QoS policy specification, QoS enforcement and monitoring, dynamic resource allocation, and application adaptation in dynamic COIs. It is based on a layered architecture that maps mission requirements to QoS policies and enforcement. We describe the QMS architecture, prototype implementation, demonstration, and evaluation. Based on these experiences, we also discuss future research directions.

Published

2007

40. An investigative analysis of information assurance issues associated with the GIG's P&P architecture

Author

Robert Cole, D. L. Farroha, A. DeSimone, and Bassam S. Farroha

Subjects

Decision support system, Engineering, Situation awareness, business.industry, Global Information Grid, Interoperability, Information assurance, Computer security, computer.software_genre, Data integrity, Network-centric warfare, The Internet, business, computer

Abstract

The Global Information Grid (GIG) is a collection of systems, programs and initiatives aimed at building a secure network and set of information capabilities modeled after the Internet. The GIG is expected to facilitate DoD's transformation by allowing warfighters, policy makers and support personnel to engage in rapid decision making. The roadmap is designed to take advantage of converged services of voice, data, video, and imagery over common data links. The vision is to have commanders identify threats more effectively, make informed decisions, and respond with greater precision and lethality. The information advantage gained through the GIG and network-centric warfare (NCW) allows a warfighting force to achieve dramatically improved information positions, in the form of common operational pictures that provide the basis for shared situational awareness and knowledge, and a resulting increase in combat power. The GIG Precedence and Preemption (P&P) requirements stem from the need to utilize scarce resources at critical times in the most effective way in support of national security, the intelligence community and the war-fighter. Information Assurance (IA) enables all information and data to be available end-to-end to support any mission without delay in accordance to the sensitivity of the task. Together, P&P and IA ensure data availability integrity, authentication, confidentiality, and non-repudiation. This study addresses and analyzes the QoS and P & P requirements and architecture for the GIG. Threat scenarios are presented and used to evaluate the reference architectures. The goal of the study is to assess the Information Assurance concerns associated with implementing Precedence and Preemption within the GIG and to guarantee an acceptable minimum level of security and protection for DoD networks.

Published

2007

41. The Department of Defense's Transition of Program of Record (POR) Systems from Internet Protocol Version Four (IPv4) to Internet Protocol Version Six (IPv6)

Author

Michael A Scott and Kyle L Perkins

Subjects

Engineering, business.industry, computer.internet_protocol, ComputerSystemsOrganization_COMPUTER-COMMUNICATIONNETWORKS, Global Information Grid, Tactical communications, Computer security, computer.software_genre, IPv4, Network operations center, law.invention, IPv6, Financial management, Engineering management, law, Internet Protocol, Communications protocol, business, computer

Abstract

The objective of this Joint Applied Project was to examine the technical, financial, and implementation aspects for DoD transitioning POR systems to IPv6. The research outlines the initial intended useful life and limitations of IPv4 and IPv6. The financial aspects of transitioning to IPv6 are examined from a programs perspective, relative to the Program Objective Memorandum (POM). Implementation of transition strategies and mechanisms are identified and courses of action for implementing the mandatory IPv6 requirement are recommended. The principal finding of this research is that DoD Global Information Grid (GIG) assets must function in a dual IPv4/IPv6 capacity when transitioning to IPv6 in order to maintain the relevance of currently fielded programs. Furthermore, legacy GIG assets should be transitioned using Technology Refresh or Software Block upgrade programs while paying careful attention to the effects the transition has on tactical network operations.

Published

2006

42. DoD Towards Software Services

Author

R.A. Paul

Subjects

Service (systems architecture), Utility computing, Grid computing, Computer science, Global Information Grid, Information system, Command and control, Services computing, Service provider, Computer security, computer.software_genre, computer

Abstract

Department of Defense is moving rapidly towards service-oriented computing (SOC) recently as evidence of DoD 5 projects such as network centric enterprise services (NCES), global information grid enterprise services (GES), and joint battle management command and control (JBMC2). SOC represents a completely new and emerging paradigm of computing instead of thinking in terms of products. Systems will be constructed by reusable services. SOC is different from the traditional computing paradigms as it involves at least three parties in computing: service providers, service consumers, and service brokers.

Published

2006

43. Model-Based Communication Networks and VIRT: Orders of Magnitude Better for Information Superiority

Author

Frederick Hayes-Roth

Subjects

Military capability, Grid computing, Computer science, Global Information Grid, Principal (computer security), Context (language use), computer.software_genre, Computer security, computer, Telecommunications network

Abstract

Defense community leaders have spearheaded an effort to transform and elevate military capability around information superiority. This means improving decisions and outcomes by making US and coalition forces better informed, more coordinated, faster and more adaptive. Our research focuses on how to architect communications so these goals are reached. We find that the "smart pull" approach described in Global Information Grid (GIG) technical guidance can't meet these goals. The principal weaknesses stem from the stateless approach that can't make good use of the operator's context and dynamic information requirements. A better approach must exploit dynamic context and operator requirements to assure that high-value information flows quickly where it's needed (VIRT) and is processed promptly by recipients. Initial studies have shown that this approach reduces the volume of bits by several orders of magnitude. It also raises the productivity of every operator enormously by assuring each can give immediate attention to truly valued information. Because the GIG, NCES, FORCEnet and related initiatives promise to cost billions of dollars and span a decade or more, we believe a change in direction is required to attain the goals of information superiority. Model-based communication networks and VIRT are essential pillars of an effective approach.

Published

2006

44. Cooperative Service Level Agreement

Author

Paul Kim, Burt Liebowitz, Kun Park, B. Doshi, Deborah Goldsmith, and Sherry Wang

Subjects

Service (business), business.industry, Computer science, Quality of service, Global Information Grid, Computer security, computer.software_genre, Service-level agreement, Service level, Component (UML), Mobile telephony, Telecommunications, business, computer, Diversity (business)

Abstract

With ever increasing mobility of the work force and of the communication infrastructure itself, we will continue to see the growth in diversity of network domains and diversity of applications. The Global Information Grid (GIG) is a prime example of such a networking environment. In most networking scenarios, the component network domains are owned and operated by different organizations. This paper discusses how to deliver end-to-end service with requisite Quality of Service (QoS) to such networks so that overall mission goals are maximally achieved with minimal cost while allowing autonomous operations within each component network. In particular, this paper proposes a cooperative Service Level Agreements (SLA) approach and describes related SLA processes and roles.

Published

2006

45. Modeling and Simulation of Haipe

Author

Phong Ta, G. Comparetto, Mohammad Mirhakkak, and V. Fineberg

Subjects

Routing protocol, business.industry, Computer science, Global Information Grid, Information assurance, Computer security, computer.software_genre, law.invention, Secure communication, Grid computing, law, Internet Protocol, Scalability, High Assurance Internet Protocol Encryptor, business, computer, Computer network

Abstract

The High Assurance Internet Protocol Encryptor (HAIPE) is a critical component of the Global Information Grid (GIG) that will enable secure communications to support Information Assurance (IA) in the evolving network-centric architecture of the Department of Defense (DoD) and Intelligence Community networks. We developed a HAIPE model, including a HAIPE discovery approach proposed by the GIG Routing Working Group (GRWG), to assess the impact of HAIPE overhead on the performance and scalability of the GIG. This paper describes our HAIPE model, presents the operation of the HAIPE-related protocols including HAIPE discovery, and defines future work.

Published

2006

46. Information display: the weak link for NCW

Author

Mike Gilger

Subjects

Decision support system, Engineering, Situation awareness, business.industry, Global Information Grid, Computer security, computer.software_genre, Battlespace, Data visualization, Network-centric warfare, User interface, Information infrastructure, business, computer

Abstract

The Global Information Grid (GIG) enables the dissemination of real-time data from any sensor/source as well as the distribution of that data immediately to recipients across the globe, resulting in better, faster, and more accurate decisions, reduced operational risk, and a more competitive war-fighting advantage. As a major component of Network Centric Warfare (NCW), the GIG seeks to provide the integrated information infrastructure necessary to connect the robust data streams from ConstellationNet, FORCENet, and LandWarNet to allow Joint Forces to move beyond Situational Awareness and into Situational Understanding. NCW will provide the Joint Forces a common situational understanding, a common operating picture, and any and all information necessary for rapid decision-making. However, with the exception of the 1994 introduction of the Military Standard 2525 "Common Warfighting Symbology," there has been no notable improvement in our ability to display information for accurate and rapid understanding. In fact, one of the notable problems associated with NCW is how to process the massive amount of newly integrated data being thrown at the warfighter: a significant human-machine interface challenge. The solution; a graphical language called GIFIC (Graphical Interface for Information Cognition) that can display thousands of data points simultaneously. Coupled with the new generation COP displays, GIFIC provides for the tremendous amounts of information-display required for effective NCW battlespace awareness requirements, offering instant insight into joint operations, tactical situations, and targeting necessities. GIFIC provides the next level of information-display necessary for a successful NCW, resulting in agile, high-performance, and highly competitive warfighters.

Published

2006

47. Prometheus: Enhancing the Quality of Service of the Joint Battlespace Infosphere

Author

Michael K. Reiter, Douglas C. Schmidt, and Kenneth P. Birman

Subjects

Engineering, Process management, business.industry, media_common.quotation_subject, Quality of service, Global Information Grid, Context (language use), Computer security, computer.software_genre, Enterprise system, Scalability, Joint Battlespace Infosphere, Quality (business), business, computer, Information exchange, media_common

Abstract

This project investigated performance, scalability and associated quality of service (QoS) needs of the Global Information Grid (GIG) and Network-Centric Enterprise Systems (NCES) in the context of large-scale DoD C2 and C4ISR systems-of-systems (SoS) architectures, with additional attention to security considerations. The objectives of this study were to: Explore and classify near-term (lower risk) requirements and opportunities; Develop prototypical proofs-of-concepts and evaluations aimed at establishing a technology baseline in the area of QoS-enabled JBI; Produce a guide to future RD Develop an empirically-based understanding of the extent to which QoS and other properties can be addressed in limited ways by these COTS platforms; and Identify open questions on which fundamental research may be required to close the gap between capabilities of existing SOA platforms, including anticipated platform extensions, and requirements that arise in DoD contexts.

Published

2006

48. Emergency Mobile Wireless Networks Flyaway Communications (FLAC) with WiMAX 802.16 Technology

Author

M. Donahoo and B. Steckler

Subjects

Engineering, Wireless network, business.industry, Global Information Grid, Long-haul communications, Computer security, computer.software_genre, Communications system, Communications management, Control communications, Mobile telephony, Last mile, business, Telecommunications, computer

Abstract

Wireless networks using 802.16 WiMAX Technology in a "Fly-Away" Communications (FLAC) package. Terrestrial communication networks continue to evolve very fast, with the extension offered by new IEEE 802.16 promising critical advantages benefiting civilian, government, Homeland Security, and crisis management in addition to the commercial market. A real world situation, such as the recent Tsunami in South East Asia is a good example of a complete collapse of the existing communications infrastructure from a natural disaster. Remarkable results were achieved by a group led by the Naval Postgraduate School (NFS) in establishing an ad-hoc communications network using a satellite ground station, an IEEE 802.16 router servicing an 802.11 cell phone network in Thailand shortly after all communication infrastructure was lost to the recent Tsunami. This event gave rise to the concept that a standard "Fly-Away" mobile communications network was a critical asset for world associations such as the UN, FEMA, Red Cross, NATO, etc. that could be procured via a GSA catalog by anyone and used to support rural, and disaster areas that have either lost, or just do not have a communications infrastructure in place. Military versions would connect to future transformation communications systems being designed, such as TSAT, MUOS, JTRS, IWN, all designed to provide a high band width, multimedia communication backbone. The evolving capabilities of 802.16 are the natural extension of the terrestrial global information grid to mobile platforms, as well as taking the information that "Last mile" to provide basic communication, telemedicine and situational awareness.

Published

2006

49. Dynamic Policy Enablement and Management in Net-Centric Warfare Systems and Communications

Author

Jeff Morrow and J. Laub

Subjects

Flexibility (engineering), Control communications, Computer science, Net-centric, Control (management), Global Information Grid, Telecommunications service, Computer security, computer.software_genre, computer

Abstract

The development of the concepts for the global information grid and for Net-Centric Warfare systems identify the need for more dynamic and configurable means to enable and control authenticity, access, privileges, interconnections not only in the networked environment, but also in the mission environment. Policy-based mechanisms have been identified as the primary means to achieve this flexibility. This paper examines what "policy" is, what operational benefits can be achieved by utilizing policy-based mechanisms, and how policy can be utilized to control the following in a coherent and integrated manner: communications, networking, security, data and services, workstations, mission subsystems, and entire mission systems. Special emphasis will be given in the paper to communications, networking, security, data and services. The paper also examines the "policy management infrastructure" that is needed to manage the lifecycle of policies throughout the entire system and its communications and networks

Published

2006

50. Flight Plan Toward a Department of Defense Strategy to Operationalize and Integrate Global Network Operations (NetOps)

Author

John M. Odey

Subjects

Engineering, Process management, business.industry, Global Information Grid, Flight plan, Military strategy, Combat readiness, ComputerApplications_COMPUTERSINOTHERSYSTEMS, Context (language use), Computer security, computer.software_genre, National Strategy to Secure Cyberspace, Command and control, business, computer, Information exchange

Abstract

Assured timely and relevant information is critical to effective warfighting. Global Network Operations (NetOps) provides the construct to provide this information to the right person at the right time ideally in the right context. A DoD strategy to operationalize and integrate Global NetOps is necessary to set the proper direction and assimilate warfighting information ends ways and means. NetOps strategy must include well defined roles and responsibilities for all major elements a single effective command and control structure with proper governance required resources common understanding among all services and agencies and integration into the full spectrum of DoD operations. The NetOps strategy should nest directly within national-level strategies including the National Military Strategy and National Strategy to Secure Cyberspace. In addition DoD must take action to develop a common set of NetOps goals and objectives manage NetOps as an operational weapons system provide the Commander U.S. Strategic Command authority and responsibility over all DoD NetOps funding and programs and establish a directing NetOps Council with flag officer representation from all combatant commands services and defense agencies. The end result is a construct to enable transformational joint operations concepts facilitate network centric operations and ensure DoD continues to optimize warfighting capabilities.

Published

2006