FREE ELECTRONIC LIBRARY - Dissertations, online materials

Pages:     | 1 |   ...   | 21 | 22 || 24 | 25 |


-- [ Page 23 ] --

- Centralized and distributed (delegated) network access management features which can respond quickly to access constraints on portions of a common network

- Consistent, scalable encryption technology that can support performance ranges from data packets on Kbps lines up to bulk encryption of Gbps backbones

- Detection capability to alert users when networks and connected systems are under attack, and capability to respond to and recover from such an attack

- Phase in of technical solutions via a clear security loss risk management approach information Product Standards * Commercial technology to provide tools and infrastructure that will allow multi-media products which are mo'e intuitive to military operator. This capability permits fusion of many information sources and is essential for rapid decision making.

- Determine what these product standards should be

- Joint effort between military operator, production organizations, and technologists

- One product will not service all customers Essential Information Needs "* What information is critical for the battlefield (continuously evolve). Data architecture/model for information to determine key points of interoperability "* Common data definitions and common standards for the waveform and physical layers of information systems - Base level information infrastructures of the Services must use the same interchangeable components and standard data elements "* Incremental solutions that support information brokers as intermediate translator - combined with longer term strategies that rely on the P31 process On-line Information Sources/Services "* Information providers on the network with a "pull" and profiled "push": Imagery collection processors;

Digital archives/fileservers (imagery, Intel products, etc.); Intelligence providers; Logistics, Medical histories, MC&G products "* Common information services across a broad range of users: Information browse and retrieval, Information storage management and priority setting, User telephone books, Network management "* Prototype services and field in demonstrations via commercial software solutions and then tightly integrate results into the architectural and standards efforts across the DoD Integratd Manaement * Critical for process improvement * Begin developing tools that can automatically task across DoD resources (seamlessly).

For example: Mission Planning Application generates an Air Tasking Order that assigns mission execution responsibilities to multiple squadrons. This message leads to tasking of numerous actions for the imagery enterprise: it kicks off a search of distributed digital archives for available imagery and products for pilot orientation, tasks production organizations for target materials preparation and threats, and tasks collectors to address information gaps and establish a dissemination profile for new information and products as they are generated.

Figure D-9 D-15 The Architect's guiding principles in evaluating the architecture process must acknowledge that due to continuing technical advances and shifting mission needs, organizational structures, and strategies, there is no "final solution" for information infrastructure. Instead, the architecture process must allow continuous transition from what exists to what is more appropriate. We must allow for rapid integration of applications developed outside the system, with software portable across hardware platforms, and systems scalable to meet evolving requirements and multiple users' needs. Our systems should be able to accept "technology advance" infusions, use commercially available technology to reduce risk, and depend on heavy user involvement and feedback, plus operability testing, throughout the development cycle. Finally, evolutionary acquisition/rapid development (as opposed to rapid prototyping) is required, using "open" system/distributed architecture standards and user pull, multimedia, seamless systems.

43 Some Fundamental Information Architectural Considerations Multi-Level Security The enterprise architecture for C41FTW must address security concerns, including multi-level security, information protection, privacy rights, law enforcement objectives, and national security. The requirements for security in a battlefield architecture will drive the security structure to be implemented. We must place priority values on security requirements;

they should not all be treated equally.

It has been difficult to field and obtain approval for Multi-Level Security (MLS)/ Trusted systems that take advantage of available INFOSEC technology because the onerous security processes are based on older technology and the "elimination" of risk. DoD should adopt a philosophy of "risk management" vis-a-vis "risk avoidance"; the benefits of operating in a multi-level mode should be weighed against the residual risk. Available Trusted technology will permit operation of a C4I system with information classified from "Secret" to "Unclassified".

We need to explore non-traditional means to implement secure environments in the information infrastructure, much in the same way as the Copernicus architecture took a nontraditional approach to implementing a more effective system for information-on-demand to military users. DoD must identify functionalities, criteria, standards, and uniformity objectives which will facilitate seamless, secure interoperability from a top level architecture perspective as well as from a multilevel security and information protection perspective. Solutions must be practical for both operational users and product developers.

Better and faster solutions can only be developed effectively as a product of the development and investment strategies suggested in the technology list in Figure D-10. Without a coordinated, standardized, and structured approach, solutions may not anticipate all factors and therefore will only offer a piecemeal response. Solutions must cross institutional lines, i.e.

g&.vernment-commercial to derive optimal effectiveness from investment decisions.

–  –  –

Figure D-10 OSD should require the use of currently available MLS/Trusted technology to allow classified information to reside on interconnected systems at multiple security levels. To maintain protection of this information, mandatory access control is needed to overcome the vulnerability of discretionary access control that permits authorized users to grant their privileges to others at their discretion. Mandatory access control provides a means of controlling access to data based on the sensitivity of the data as represented by labels of operating systems objects (e.g. files, devices, areas of memory, tables, sequences, views, etc.) and on the formal authorization or clearance of the user attempting to access the data. Mandatory access control and information labeling are two essential features of multi-level security systems.

Personnel, physical, procedural and technical measures have been identified for secure systems. These measures are reasonably easy to implement and all of the necessary components are available now to provide MLS/Trusted information systems security. Examples include: LANs, operating systems, compartmented work stations, databases, a Tessera product which employs the new Digital Signature Standard, and a Navy-certified system that can provide any combination of sanitization, down grading, transliteration, and high- to-low or lowto-high guard functions.

Information and Information Systems Protection If the U.S. is to maintain a competitive combat advantage in future conflicts, then the information and information services upon which it depends must be protected commensurate with the intended use. All of the DoD military and support functions are highly dependent upon the information and information services provided by the Defense Information Infrastructure. The DII is highly susceptible to attacks which disrupt information services (availability) or corrupt the data (integrity) within the infrastructure; many nations and groups have the capability to cause sufficient disruption (both availability and integrity) to the DII and in turn cripple U.S. operational readiness and military effectiveness.

it is important to understand that INFOSEC and Defensive Information Warfare share many attributes but the two are not the same. Existing INFOSEC policies and activities are content-centric. That is, they are focused on the need for protection based on the sensitivity of the content of the information to be protected. The design factors used to protect against normal breakage and natural disasters or attacks to obtain access to sensitive information content are inadequate to deal with the levels of disruption that can be readily caused by D-17 malicious actions. (For example, encryption can protect the content of a signal; an attack that upsets the synchronization of the encryption device will not expose the content of the information but may stop the flow of information and thus stop the function using the information.) If the Department of Defense is to maintain a suitable level of military preparedness to meet the national security requirements of the U.S., the information infrastructure upon which it depends for information services must be strengthened against malicious attack. This must address protection against attacks, detection of attacks, and the ability to react to attacks.

Examples of refocus investment areas are listed in Figure D-11.

Refocus Investment Areas in Information & Information Systems Protection " Protection

- Provide sufficient redundancy so that functions do not depend upon the uninterrupted operation of any particular information system or communications service. What functional events have to happen when and what information is needed to obtain the objective at the desired operational tempo?

- Provide sufficient protection that "over-the-wire" attacks cannot exploit known flaws in operating systems

- Develop security processes and devices (fire walls, etc.)

- Develop metrics to portray the relative value of a function or process to the mission(s) as a function of time during peacetime, force deployment, force employment, and force sustainment

- Conduct the necessary research to enable the network data manager to protect information in a mobile environment

- Develop defensive information warfare exercise capability to stress the information systems supporting the forces so that the military learns how to operate under varying time / bandwidth and error rate ratios "* Detection

- Develop tools to monitor network operations, detect and audit inappropriate behavior, and detect abnormal operating patterns

- Develop tools and techniques for validating the integrity of the data held in a database

- Develop tools to aid in the detection of malicious software code and aid in repair of damaged code * Reaction

- Provide robust capability to perform triage functions and manage restoration of operations FigureD-11 At a minimum ASD (01) should task DISA to develop a roadmap to implement auditing capabilities that can locate and isolate malfeasance, develop tamper-resistant network security components and develop and field technologies that protect the information systems from untrusted software and/or active agents.

Abandon the Grand Design Approach The architect's processes for information systems must abandon physical "Grand Design" approaches. As depicted in Figure D-12, each of the elements that make up an information system has a life-cycle of its own. Attempting to apply one acquisition strategy to components that may have a life that varies by two orders of magnitude has been proven to be unworkable.

–  –  –

FigureD-12 Software applications are (or should be) inexpensive, should serve local needs (as long as they can't fiddle with the data structure) and should be rapidly built using standard software components and objects. The life span of a generation of commercial computing hardware is currently under two years. After four to five years it is now cheaper to replace rather than repair hardware components. The useful life span of software applications can vary from one-time-use to about ten years, occasionally even longer. But usually the functional process that uses a software application changes more rapidly than once a decade, so the software application must be redone or it will inhibit functional progress.

Data can have a very long life. (Most people would like their medical record to retain its viability for a century.) Although some data is transient, much is retained. The design of databases and the maintenance of data integrity is where much of the cost of information systems is accumulated and where standardization and central management attention pays.

DoD Directive 8120.1, Life-Cycle Management of Information Systems and the companion instruction (DODI 8120.2) recognize these different cycles and established the policy that the acquisition of these components should be done separately and using rapid prototyping and evolutionary acquisition procedures. However, too many are still trying to buy information systems using the outdated physical "Grand Design" approach.

Common Data Definitions and Waveform Standards Joint Pub 1 makes it dear, the doctrine of Joint Warfare ana _.e Joint Task Force are the organizing principle for the U.S. military. This is supported by the C4I For The Warrior concept that calls for the vertical and horizontal sharing of information. Note from Figure Dnotwithstanding the desire to drop military specifications, data elements, formats and waveforms rLust be standardized or we will continue to have the Tower of Babel seen in all recent wars.

Since our previous discussions have twice highlighted the need for establishing joint information needs and design of databases as the fundamental starting point for the objective capability, the information sharing envisioned in C4IFTW will not happen unless data element standardization remains a high priority effort and dissimilar and redundant terms are ruthlessly rooted out. The Air Force "Horizon" concept and the Army "Enterprise Strategy" recD-19 ognize that force projection will be anchored at the CONUS base. We are convinced that if terminology and information technology piece-parts are not interchangeable in garrison the information systems that deploy forward will not "plug and play" on the battlefield.

Pages:     | 1 |   ...   | 21 | 22 || 24 | 25 |

Similar works:

«Get free download Classical And Contemporary Cryptology in here. Also read document Classical And Contemporary Cryptology online CLASSICAL AND CONTEMPORARY CRYPTOLOGY PDF Get book classical and contemporary cryptology PDF?. So you are person who likes to download classical and contemporary cryptology Pdf to any kind of device,whether its your laptop, Kindle or iPhone, there are more options now than ever before. Perhaps because of the growing popularity of Kindle, or competitors like The Nook,...»

«The author(s) shown below used Federal funds provided by the U.S.Department of Justice and prepared the following final report: Document Title: National Assessment of School Resource Officer Programs Final Project Report Author(s): Peter Finn, Jack McDevitt Document No.: 209273 Date Received: March 2005 Award Number: 2000-IJ-CX-K002 This report has not been published by the U.S. Department of Justice. To provide better customer service, NCJRS has made this Federallyfunded grant final report...»

«FISH AND WILDLIFE SERVICE EXTERNAL RELATIONS AND OUTREACH External Relations and Outreach Part 101 Legislative Process and Working with Congress Chapter 1 Congressional Hearings and Procedures 101 FW 1 1.1 What is the purpose of this chapter? This chapter provides guidance for U.S. Fish and Wildlife Service (Service) employees in preparing for congressional hearings, including field hearings. 1.2 What are the objectives of the chapter? Our objectives are to: A. Provide guidance and an internal...»

«CC'TSNOLO ARChAEOWGY qj~.Zlt\ CA {let. 1\~5 ROMANO-BRITISH CEMETERIES AT CIRENCESTER COTSWOLD ARCHAEOLOGICAL TRUST LTD. Th is vo lume is dedicated to the mem ory o f Ca lvin Wells ( 1)( lH1'J7H) CIRENCESTER EXCAVATIONS II ROMANO-BRITISH CEMETERIES AT CIRENCESTER by Alan McWhirr, Linda Viner and Calvin Wells WITH CONTRIBUTIONS FROM Dorothy Charlesworth, T.e. Darvill, Brenda Dickinson, Margaret Guido, B.R. Hartley, M. Hassall, M. Henig, R.H. Leech, D. Mackreth, R. Reece, Valery Rigby, T. Slater,...»

«The Asian Conference on Arts & Humanities 2013 Official Conference Proceedings Osaka, Japan Passageway and Its Double: Reconsideration of Function of Parodos in Greek Theatre Jungman Park Hankuk University of Foreign Studies, South Korea 0288 The Asian Conference on Arts & Humanities 2013 Official Conference Proceedings 2013 iafor The International Academic Forum www.iafor.org 356 The Asian Conference on Arts & Humanities 2013 Official Conference Proceedings Osaka, Japan Introduction Parodos...»

«S Ł U P S K I role of Prince Adam JerzyICzartoryski. C Z N E The E S T U D I A H S T O R Y 93 Nr 17 R O K 2011 A R T Y K U Ł Y JACEK GOCLON UWr WROCŁAW THE ROLE OF PRINCE ADAM JERZY CZARTORYSKI IN DEVELOPING THE CONTACTS BETWEEN THE VILNA SCIENTIFIC DISTRICT AND ENGLAND (1803-1824) Prince Adam Jerzy Czartoryski was appointed by the Rusian Tsar Curator of the Vilna Scientific District in 1803. He remained at this post for exactly twenty years. During this period he attempted to reorganise and...»

«Future Ministry Numbers Projections of future ministry numbers to aid deployment planning 10 September 2012 Introduction It is a fact that the supply of stipendiary clergy is declining as the rate of retirements exceeds the supply of new curates at the national level. The strategic challenge this creates for dioceses is described in transforming presence and elsewhere. The practical challenge is to estimate the number of ordained stipendiaries available to the Diocese of Chelmsford and indicate...»

«RHYBUDD O GYFARFOD / NOTICE OF MEETING Awdurdod Parc Cenedlaethol Eryri Snowdonia National Park Authority Aneurin Phillips Aneurin Phillips Prif Weithredwr Chief Executive Awdurdod Parc Cenedlaethol Eryri Snowdonia National Park Authority Penrhyndeudraeth Penrhyndeudraeth Gwynedd LL48 6LF Gwynedd LL48 6LF Ffôn/Phone (01766) 770274 E.bost/E.mail : Ffacs/Fax (01766)771211 parc@eryri-npa.gov.uk Gwefan/Website: www.eryri-npa.gov.uk Cyfarfod: Pwyllgor Perfformiad ac Adnoddau Dyddiad: Dydd Mercher...»

«Journal of Information Technology Education: Volume 9, 2010 Innovations in Practice Academic Library Services in Virtual Worlds: An Examination of the Potential for Library Services in Immersive Environments Jenna Ryan and Marjorie Porter Rebecca Miller Louisiana State University Virginia Polytechnic Institute Baton Rouge, LA, USA and State University Blacksburg, VA, USA jryan1@lsu.edu; eiroj2@lsu.edu millerrk@vt.edu Executive Summary Current literature on libraries is abundant with articles...»

«NOVATECH 2010 Changing the Stormwater Pond Design Game Changer le mode de conception des bassins de rétention Cory Albers1, Bernie Amell2 Fluid Forms Inc., 75 Coville Circle NE, Calgary, Alberta, Canada, T3K 5L5, cory.albers@fluidforms.ca Riparia Ltd., #202 403 31 Avenue NE, Calgary, Alberta, Canada, T2E 9B3, bernie@riparia.ca RÉSUMÉ Actuellement, la conception des bassins de rétention focalise sur l’atténuation volumétrique des débits d’entrée des eaux d’orage afin de protéger...»

«National Institute of Justice Violence Theory Workshop Summary Summary of a workshop sponsored by the National Institute of Justice December 10–11, 2002 The opinions and conclusions expressed in this document are solely those of the authors and do not necessarily reflect the views of the U.S. Department of Justice. NCJ 242216 Violence Theory Workshop Summary Summary of a workshop sponsored by the National Institute of Justice December 10–11, 2002 Violence Theory Workshop, Day 1, December...»

«Bruce Poliquin (ME-02) Research Report The following report contains research on Bruce Poliquin, a Republican member of Congress from Maine’s 2nd district. Research for this research book was conducted by the Democratic Congressional Campaign Committee’s Research Department between November 2015 and April 2016. By accepting this report, you are accepting responsibility for all information and analysis included. Therefore, it is your responsibility to verify all claims against the original...»

<<  HOME   |    CONTACTS
2016 www.dissertation.xlibx.info - Dissertations, online materials

Materials of this site are available for review, all rights belong to their respective owners.
If you do not agree with the fact that your material is placed on this site, please, email us, we will within 1-2 business days delete him.