GSAW Information Assurance in Government Space Systems: From Art to Engineering

Similar documents
National Policy Governing the Use of High Assurance Internet Protocol Encryptor (HAIPE) Products

UNCLASSIFIED R-1 ITEM NOMENCLATURE

OSD RDT&E BUDGET ITEM JUSTIFICATION (R2 Exhibit)

UNCLASSIFIED. Exhibit R-2, RDT&E Budget Item Justification Date February 2007 Appropriation/Budget Activity RDT&E Defense-Wide, BA 7

DIACAP and the GIG IA Architecture. 10 th ICCRTS June 16, 2005 Jenifer M. Wierum (O) (C)

Campus IT Modernization OPERATIONAL CONTINUITY FLEXIBLE TECHNOLOGY MODERNIZED SYSTEMS

Test & Evaluation of the NR-KPP

Streamlined FISMA Compliance For Hosted Information Systems

An Introduction to Department of Defense IA Certification and Accreditation Process (DIACAP)

OSD RDT&E BUDGET ITEM JUSTIFICATION (R2 Exhibit)

Solutions Technology, Inc. (STI) Corporate Capability Brief

Modular Open Systems Approach (MOSA) Panel on Standards

UNCLASSIFIED. UNCLASSIFIED Office of Secretary Of Defense Page 1 of 10 R-1 Line #218

Defense Information Systems Network (DISN) Test and Evaluation Network (DTEN)

NCES Program Overview. Rita Espiritu NCES Program Manager

Forecast to Industry Program Executive Office Mission Assurance/NetOps

Joint Federated Assurance Center (JFAC): 2018 Update. What Is the JFAC?

DoDD DoDI

National Information Assurance (IA) Policy on Wireless Capabilities

Rapid Communications Deployment: Federated Service Management to Support Multi-National Preparedness in Crisis

Net-centric Characteristics

DELIVERING MISSION BASED OUTCOMES TO THE INTELLIGENCE COMMUNITY SINCE 2002 MISSION-DRIVEN SOLUTIONS 1

Securing Content in the Department of Defense s Global Information Grid

Title: Information Assurance (IA) Design Review Information Package (DRIP) Number: DI-MGMT Approval Date:

UNCLASSIFIED. FY 2016 Base FY 2016 OCO

FPM-IT-420B: FAC-P/PM-IT Planning & Acquiring Operations of IT Systems Course Details

DoD Information Technology Security Certification and Accreditation Process (DITSCAP) A presentation by Lawrence Feinstein, CISSP

UNCLASSIFIED. FY 2016 Base FY 2016 OCO

UNCLASSIFIED R-1 ITEM NOMENCLATURE FY 2013 OCO

Innovate Integrate Standardize Improving the C&A Process to Deliver Today s Technology Tomorrow

Implementing a Modular Open Systems Approach (MOSA) to Achieve Acquisition Agility in Defense Acquisition Programs

DoD Internet Protocol Version 6 (IPv6) Contractual Language

Mobile Payment Security

Retrofitting Ground Systems to improve Cyber Security

Grid Technologies Panel

IMPROVING CYBERSECURITY AND RESILIENCE THROUGH ACQUISITION

Department of Defense INSTRUCTION

Exhibit R-2, RDT&E Budget Item Justification February 2004

ENCORE II REQUIREMENTS CHECKLIST AND CERTIFICATIONS

Appendix 12 Risk Assessment Plan

About the DISA Cloud Playbook

Information Warfare Industry Day

What is milcloud 2.0?

This is to certify that. Chris FitzGerald. has completed the course. Systems Security Engineering _eng 2/10/08

Service-Oriented Architecture for Command and Control Systems with Dynamic Reconfiguration

Systems Engineering Update/SD-22

Appendix 12 Risk Assessment Plan

DoD Mobility Mobility Product Security Certification Processes

U.S. FLEET CYBER COMMAND U.S. TENTH FLEET Managing Cybersecurity Risk

A Roadmap-Based Framework for Acquiring More Agile and Responsive C4I Systems. GMU-AFCEA C4I Symposium 19 May 2010 Eric Yuan

Department of Defense (DoD) Joint Federated Assurance Center (JFAC) Overview

UNCLASSIFIED. FY 2016 Base FY 2016 OCO

Information Systems Security Requirements for Federal GIS Initiatives

TABLE OF CONTENTS. Page REFERENCES 5 DEFINITIONS 8 ABBREVIATIONS AND/OR ACRONYMS 18 C1. CHAPTER 1 - INTRODUCTION 20

Integrated C4isr and Cyber Solutions

(U) High Assurance Internet Protocol Encryptor (HAIPE ) JCMO

DoD Software Assurance Initiative. Mitchell Komaroff, OASD (NII)/DCIO Kristen Baldwin, OUSD(AT&L)/DS

UNCLASSIFIED. R-1 Program Element (Number/Name) PE D8Z / Software Engineering Institute (SEI) Applied Research. Prior Years FY 2013 FY 2014

UNCLASSIFIED. UNCLASSIFIED R-1 Line Item #176

Cyber Challenges and Acquisition One Corporate View

Cloud-based Open Architecture Approach for Common Enterprise Ground Services

Service Vs. System. Why do we need Services and a Services Viewpoint in DM2 and DoDAF? Fatma Dandashi, PhD March 4, 2011

Cyber Update Mr. Paul Phillips AFLCMC/WNSA (937) May 17

TRIAEM LLC Corporate Capabilities Briefing

GPS OCX BLOCK 1 NETCENTRIC INTERFACES. Walid Al-Masyabi Raytheon Company, Intelligence, Information and Services,

Providing Cybersecurity Inventory, Compliance Tracking, and C2 in a Heterogeneous Tool Environment

MINIMUM SECURITY CONTROLS SUMMARY

INFORMATION ASSURANCE DIRECTORATE

Accelerating Cloud Adoption

Systems Engineering for Software Assurance

Virtustream Cloud and Managed Services Solutions for US State & Local Governments and Education

Team Capabilities and Specializations

NDIA SE Conference 2016 System Security Engineering Track Session Kickoff Holly Dunlap NDIA SSE Committee Chair Holly.

Department of Defense Fiscal Year (FY) 2013 IT President's Budget Request Defense Technical Information Center Overview

INFORMATION ASSURANCE DIRECTORATE

FISMAand the Risk Management Framework

Building an Assurance Foundation for 21 st Century Information Systems and Networks

CIS 444: Computer. Networking. Courses X X X X X X X X X

CYBER SOLUTIONS & THREAT INTELLIGENCE

Test Resource Management Center Directed Energy T&E Conference A Joint DEPS ITEA Event

Davidson Technologies: A Medium Sized Business Experience with DFARS 7012/NIST

Information Sharing in the GIG Environment and the C2 Perspective

Risk Management Framework for DoD Medical Devices

Forecast to Industry 2016

UNCLASSIFIED FY 2016 OCO. FY 2016 Base

FiXs - Federated and Secure Identity Management in Operation

Accelerate Your Enterprise Private Cloud Initiative

Agile Coalition Environment (ACE) Freedom within a Framework. Michele McGuire Space & Naval Warfare Systems Command Office of Chief Engineer (056)

Cybersecurity in Acquisition

Vol. 1 Technical RFP No. QTA0015THA

Defense Information Systems Agency (DISA) Department of Defense (DoD) Cloud Service Offering (CSO) Initial Contact Form

Cloud Computing Strategy

NATIONAL COMPUTER SECURITY CENTER A GUIDE TO PROCUREMENT OF SINGLE AND CONNECTED SYSTEMS

MOVING MISSION IT SERVICES TO THE CLOUD

Department of Defense Defense Information Enterprise Architecture Version 1.0 April 11, 2008

AFCEA Welcome/Opening Keynote Speech. Murad Bayar, Undersecretary for Defense Industries, MoND, Turkey

Department of Defense Fiscal Year (FY) 2014 IT President's Budget Request Defense Advanced Research Projects Agency Overview

INFORMATION ASSURANCE DIRECTORATE

UNCLASSIFIED. Exhibit R-2, RDT&E Budget Item Justification Date: February 2008 Appropriation/Budget Activity RDT&E, Dw BA 06

ISC2. Exam Questions CAP. ISC2 CAP Certified Authorization Professional. Version:Demo

Transcription:

GSAW 2006 Information Assurance in Government Space Systems: From Art to Engineering Charles Lavine The Aerospace Corporation 310-336-1595 lavine@aero.org 1

Toward the Global Information Grid Toward the Global Information Grid and Net-Centric Operations And Network Centric Operations Past FY03-FY10 FY06-FY20 Graphics developed by DISA 2

Information Assurance is in Transition The Global Information Grid concept is changing the computing landscape DoD security policy and processes are changing Requirements (DoDI 8500.2) Certification and Accreditation Boundary Protection (Cross Domain Solutions) DoD IA for Space policy signed AFSPC/LC designated accreditor NSA changes (Space SPO) NSS Acquisition Management process has changed DoD 5000.2 NSS 03-01 NSS Engineering has evolved Systems Engineering Software Engineering 3

Moving NSS IA From Art to Engineering What do we need to have: Well-defined role in system acquisition processes Well-defined role in system engineering processes Consistent Certification and Accreditation process Identify Capabilities Reasonable cost models Understandable Requirements Express Architecture in system perspective Agreed to verification procedures Well-defined roles and responsibilities Contracting mechanisms to support engineering Research to support future directions Appropriate training and expertise 4

Topics Discussed at IA Workshop Roles And Responsibilities Contracting for IA IA Research Directions IA Cost Modeling Key Management Architectures IA Requirements Interpretations 5

C & A Roles, Responsibilities, and Relationships User Representative Represent mission needs Contractor Build, test and document system System requirements, MAC and confidentiality levels System and IA documents, test plans, results Program Manager Acquire system Contractor documents Certification Authority Appraise system IA (e.g., write SSAA, perform vulnerability scans) SSAA, Risk description, Readiness recommendation DAA Assess risk and authorize system operation Roles and Responsibilities 6

IA Acquisition and Engineering in National Security Space Systems Acquisition National Security Space Acquisition Policy 03-01 Certification and Accreditation Cross Domain Solutions DOD Information Assurance Policy Program Protection Engineering Capabilities Requirements Architecture Design Build Test Software and Systems Engineering Contracting 7

Research Challenges Software Assurance Dynamic Communities of Interest Cross-organization Network and system administration Dynamic, federated systems Trust management High assurance Higher assurance mechanisms needed for highly connected systems Security agility Respond to failures/attacks Confidentiality and integrity protection for data In transit and at rest Information availability Research 8

Network Security At What Cost? Establishing network defenses How much should you budget? Acquisitions? Labor? Licenses? Support? What are the cost tradeoffs? What would you do if you did not get enough money? Maintaining network defenses How much does it take to maintain your defenses? Acquisitions? Labor? Licenses? Support? How do you justify these costs in the POM? What would you do if you were short changed? Cost Models 9

Key Management Infrastructure (KMI) Support for GIG 2000 2001 2002 2003 2004 2005 2006 2007 2008 2009 2010 2011 2012 COMSEC Material Control System (Physical Products) IOC Rel 3 EKMS Ph 4 IOC Ph 5 IOC KMI Client/AKP replaces LMD/KP OTNK Pilot KMI CI-2 IOC KMI CI-3 IOC IOC Transform Key Provisioning from human intensive operations to Net- Centric operations Support infrastructure changes to enable direct delivery of keying material to End Cryptographic Units. Support network management of key provisioning services via the net. Support new Crypto Modernization Algorithm Suite (JTRS, WIN-T, TC, etc) Provide Seamless Foreign Interoperability and Releasability to enable Cross Domain Solutions and Allied and Coalition sharing. Key Management Infrastructe 10 10

Backup Charts 11

Security is Policy driven 12

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback