Information sharing and security in dynamic coalitions
Download
1 / 32

Information Sharing and Security in Dynamic Coalitions - PowerPoint PPT Presentation


  • 162 Views
  • Uploaded on

Information Sharing and Security in Dynamic Coalitions. Charles E. Phillips, Jr. Computer Science & Engineering Department 191 Auditorium Road, Box U-155 The University of Connecticut Storrs, Connecticut 06269-3155 charlesp@engr.uconn.edu. Profs. T.C. Ting and Steven A. Demurjian

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about 'Information Sharing and Security in Dynamic Coalitions' - Jims


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
Information sharing and security in dynamic coalitions l.jpg
Information Sharing and Security in Dynamic Coalitions

Charles E. Phillips, Jr.

Computer Science & Engineering Department

191 Auditorium Road, Box U-155

The University of Connecticut

Storrs, Connecticut 06269-3155

charlesp@engr.uconn.edu

Profs. T.C. Ting and Steven A. Demurjian

Computer Science & Engineering Department

191 Auditorium Road, Box U-155

The University of Connecticut

Storrs, Connecticut 06269-3155

http://www.engr.uconn.edu/~steve

steve@engr.uconn.edu


Overview of presentation l.jpg
Overview of Presentation

  • Introduction

  • The Dynamic Coalition Problem

    • Civilian Organizations

    • Military Involvement/GCCS

  • Information Sharing and Security

    • Federating Resources

    • Data Integrity

    • Access Control (DAC and MAC)

    • Other Critical Security Issues

  • Candidate Security Approach

  • Conclusions and Future Work


Introduction crisis and coalitions l.jpg
IntroductionCrisis and Coalitions

  • A Crisis is Any Situation Requiring National or International Attention as Determined by the President of the United States or UN

  • A Coalition is an Alliance of Organizations: Military, Civilian, International or any Combination

  • A Dynamic Coalition is Formed in a Crisis and Changes as Crisis Develops, with the Key Concern Being the Most Effective way to Solve the Crisis

  • Dynamic Coalition Problem (DCP) is the Inherent Security, Resource, and/or Information Sharing Risks that Occur as a Result of the Coalition Being Formed Quickly


Introduction near simultaneous crises l.jpg
IntroductionNear Simultaneous Crises

Crisis Point

BOSNIA

(NATO)

NATO Hq

KOSOVO

(US,UK)

Olympic Games

Earthquake

(United Nations)

Ship Wreck

(UK,SP)


Evaluation vs dcp emergent need for coalitions l.jpg
Evaluation vs. DCP Emergent Need for Coalitions

  • “Coalitions must be flexible and no one coalition is or has the answer to all situations.”

    • Secretary of Defense, Donald Rumsfeld

  • “Whenever possible we must seek to operate alongside alliance or coalition forces, integrating their capabilities and capitalizing on their strengths.”

    • U.S. National Security Strategy

  • “Currently, there is no automated capability for passing command and control information and situational awareness information between nations except by liaison officer, fax, telephone, or loaning equipment.”

    • Undersecretary of Defense for Advanced Technology


  • The dynamic coalition problem l.jpg
    The Dynamic Coalition Problem

    • Dynamic Coalition Problem (DCP) is the Inherent Security, Resource, and/or Information Sharing Risks that Occur as a Result of the Coalition Being Formed Quickly

    • Private Organizations (PVO)

      • Doctors Without Boarders

      • Red Cross

    • Non-Government Organizations (NGO)

      • NYPD

    • Government Agencies

      • FBI

      • CIA

      • Military


    Supporting advanced applications dcp objectives for crisis l.jpg
    Supporting Advanced ApplicationsDCP Objectives for Crisis

    • Federate Users Quickly and Dynamically

    • Bring Together Resources (Legacy, COTs, GOTs, DBs, etc.) Without Modification

    • Dynamically Realize/Manage Simultaneous Crises

    • Identify Users by Roles to Finely Tune Access

    • Authorize, Authenticate, and Enforce a Scalable Security Policy that is Flexible in Response to Collation Needs

    • Provide a Security Solution that is Portable, Extensible, and Redundant for Survivability

    • Include Management/Introspection Capabilities to Track and Monitor System Behavior


    The dynamic coalition problem coalition architecture l.jpg
    The Dynamic Coalition ProblemCoalition Architecture

    Clients Using Services

    Resources Provide Services

    NATO SYS

    Federal Agencies

    (FEMA, FBI, CIA, etc.)

    Client

    COTS

    U.S. Army

    LFCS

    (Canada)

    Client

    U.S. Navy

    SICF

    (France)

    Client

    French

    Air Force

    Client

    HEROS

    (Germany)

    U.S. Legacy

    System

    SIACCON

    (Italy)

    NATO

    Database

    Client

    NGO/PVO

    Resource

    German

    NGO/PVO

    (Red Cross, NYPD, etc.)

    Client

    GCCS (US)

    COTS

    Client


    The dynamic coalition problem joint and combined information flow l.jpg
    The Dynamic Coalition ProblemJoint and Combined Information Flow

    GCCS

    GCCS-A

    CORPS

    ABCS

    MCS

    XX

    DIV

    FAADC2I

    MCS

    CSSCS

    AFATDS

    ASAS

    X

    BDE

    BSA

    TOC

    MCS

    X X

    | |

    | |

    BN

    BN

    | |

    MCS

    MCS

    CO

    FBCB2

    Common Operating Environment

    Combined: Many Countries

    ARMY

    Joint Task Force

    Adjacent

    Marines

    Navy

    Coalition

    Partners

    Air Force

    GCCS-M

    GCCS-N

    GCCS-AF

    NATO

    Systems

    TCO

    JMCIS

    TBMCS

    Coalition

    Systems

    Joint - Marines, Navy, Air Force, Army


    The dynamic coalition problem combined information flow l.jpg
    The Dynamic Coalition ProblemCombined Information Flow

    Logistics

    GCCS - Joint/Coalition -

    Maneuver

    Air Defense/Air Operations

    Fire Support

    Combined Database

    Intelligence

    Network and Resource

    Management


    The dynamic coalition problem coalition artifacts and information flow l.jpg
    The Dynamic Coalition ProblemCoalition Artifacts and Information Flow

    U.S. Global C2 Systems

    Air Force

    Navy

    Joint

    Command

    System

    Battle

    Management

    System

    NGO/

    PVO

    GCCS

    U.N.

    Army Battle

    Command

    System

    Combat

    Operations

    System

    NATO

    U.S.A

    Army

    Marine Corps

    Dynamic Coalition

    AFATDS

    FADD

    GOAL: Leverage information

    in a fluid, dynamic

    environment

    ASAS

    GCCS-A

    ABCS

    CSSCS

    MCS

    Other

    Army C2


    The dynamic coalition problem global command and control system l.jpg
    The Dynamic Coalition ProblemGlobal Command and Control System

    GCCS Provides:

    - Horizontal and Vertical Integration

    of Information to Produce a

    Common Picture of the Battlefield

    - 20 separate automated systems

    - 625 locations worldwide

    - private network

    Situational Awareness

    GLOBAL C2 SYSTEMS

    MOBILE SUBSCRIBER EQUIPMENT

    DATA RADIO

    SATELLITE

    MISSION PLANNING

    MET

    SUPPORT

    INTEL

    SATCOM

    MANEUVER

    CONTROL

    X X

    AIR DEFENCE

    ARTY

    TOPO

    Client/Server

    MET

    MISSION PLANNING

    AIR DEFENCE

    SUPPORT

    INTEL

    X

    MANEUVER

    CONTROL

    Client/Server

    SATCOM

    ARTY

    TOPO

    Company

    AIR DEFENCE

    FBCB2

    /EBC

    SUPPORT

    INTEL

    Platoon

    Client/Server

    ARTY

    Tactical

    Internet

    MANEUVER

    CONTROL

    BATTLEFIELD C2 SYSTEM

    EMBEDDED BATTLE COMMAND

    SATCOM

    FBCB2

    /EBC

    Squad

    MOBILE SUBSCRIBER EQUIPMENT


    The dynamic coalition problem global command and control system13 l.jpg
    The Dynamic Coalition ProblemGlobal Command and Control System

    Joint Services

    :

    a.k.a

    Weather

    METOC

    Video Teleconference

    TLCF

    Joint Operations Planning and Execution System

    JOPES

    Common Operational Picture

    COP

    Transportation Flow Analysis

    JFAST

    Logistics Planning Tool

    LOGSAFE

    Defense Message System

    DMS

    NATO Message System

    CRONOS

    Component Services

    :

    Army Battle Command System

    ABCS

    Air Force Battle Management System

    TBMCS

    Marine Combat Operations System

    TCO

    JMCIS

    Navy Command System


    The dynamic coalition problem global command and control system14 l.jpg
    The Dynamic Coalition ProblemGlobal Command and Control System

    Common Picture

    Common Operational Picture


    The dynamic coalition problem gccs shortfalls user roles l.jpg
    The Dynamic Coalition ProblemGCCS Shortfalls: User Roles

    • Currently, GCCS Users have Static Profile Based on Position/Supervisor/Clearance Level

    • Granularity Gives “Too Much Access”

    • Profile Changes are Difficult to Make - Changes Done by System Admin. Not Security Officer

    • What Can User Roles Offer to GCCS?

      • User Roles are Valuable Since They Allow Privileges to be Based on Responsibilities

      • Security Officer Controls Requirements

      • Support for Dynamic Changes in Privileges

      • Towards Least Privilege


    The dynamic coalition problem gccs shortfalls time controlled access l.jpg
    The Dynamic Coalition ProblemGCCS Shortfalls: Time Controlled Access

    • Currently, in GCCS, User Profiles are Indefinite with Respect to Time

      • Longer than a Single Crisis

      • Difficult to Distinguish in Multiple Crises

      • No Time Controllable Access on Users or GCCS Resources

    • What can Time Constrained Access offer GCCS?

      • Junior Planners - Air Movements of Equipment Weeks before Deployment

      • Senior Planners - Adjustment in Air Movements Near and During Deployment

      • Similar Actions are Constrained by Time Based on Role


    The dynamic coalition problem gccs shortfalls value based access l.jpg
    The Dynamic Coalition ProblemGCCS Shortfalls: Value Based Access

    • Currently, in GCCS, Controlled Access Based on Information Values Difficult to Achieve

      • Unlimited Viewing of Common Operational Picture (COP)

      • Unlimited Access to Movement Information

      • Attempts to Constrain would have to be Programmatic - which is Problematic!

    • What can Value-Based Access Offer to GCCS?

      • In COP

        • Constrain Display of Friendly and Enemy Positions

        • Limit Map Coordinates Displayed

        • Limit Tier of Display (Deployment, Weather, etc.)


    The dynamic coalition problem gccs shortfalls federation needs l.jpg
    The Dynamic Coalition ProblemGCCS Shortfalls: Federation Needs

    • Currently, GCCS is Difficult to Use for DCP

      • Difficult to Federate Users and Resources

      • U.S. Only system

      • Incompatibility in Joint and Common Contexts

      • Private Network (Not Multi-Level Secure)

    • What are Security/Federation Needs for GCCS?

      • Quick Admin. While Still Constraining US and Non-US Access

      • Employ Middleware for Flexibility/Robustness

      • Security Definition/Enforcement Framework

      • Extend GCCS for Coalition Compatibility that Respects Coalition and US Security Policies


    Information sharing and security federated resources l.jpg
    Information Sharing and SecurityFederated Resources

    RESOURCES

    Command&Control Vehicles

    Army Airborne Command & Control System

    Army Battle Command System

    Embedded Command System

    JSTARS

    Unmanned Aerial Vehicle

    Satellites

    INTEL FUSION

    Embedded Battle Command

    FIELD ARTILLERY

    Embedded Battle Command

    AIR DEFENCE

    Embedded Battle Command

    MANEUVER CONTROL

    Embedded Battle Command

    ABCS

    Common Picture

    PERSONNEL AND LOGISTICS

    Embedded Battle Command

    Bradley / EBC

    Embedded Battle Command

    Fwd Support Element

    Ammo/Fuel

    Refit


    Information sharing and security syntactic considerations l.jpg
    Information Sharing and SecuritySyntactic Considerations

    • Syntax is Structure and Format of the Information That is Needed to Support a Coalition

    • Incorrect Structure or Format Could Result in Simple Error Message to Catastrophic Event

    • For Sharing, Strict Formats Need to be Maintained

    • In US Military, Message Formats Include

      • Heading and Ending Section

        • United States Message Text Formats (USMTF)

        • 128 Different Message Formats

      • Text Body of Actual Message

    • Problem: Formats Non-Standard Across Different Branches of Military and Countries


    Information sharing and security semantics concerns l.jpg
    Information Sharing and SecuritySemantics Concerns

    • Semantics (Meaning and Interpretation)

      • USMTF - Different Format, Different Meaning

        • Each of 128 Messages has Semantic Interpretation

        • Communicate Logistical, Intelligence, and Operational Information

    • Semantic Problems

      • NATO and US - Different Message Formats

      • Different Interpretation of Values

        • Distances (Miles vs. Kilometers)

        • Grid Coordinates (Mils, Degrees)

        • Maps (Grid, True, and Magnetic North)


    Information sharing and security pragmatics issues l.jpg
    Information Sharing and SecurityPragmatics Issues

    • Pragmatics - The Way that Information is Utilized and Understood in its Specific Context

    • For Example, in GCCS


    Information sharing and security pragmatics issues23 l.jpg
    Information Sharing and Security Pragmatics Issues

    GBS

    DSCS

    DR

    DR

    DR

    Node Estimate

    Current FDD laydown has 53 autonomous Command Post/TOCs (i.e., nodes)

    For a full Corps >200 nodes

    299ENG

    DR

    GBS

    GBS

    CMDRBCV

    TAC

    DR

    SEN

    GBS

    SEN

    DISCOM

    DR

    DR

    GBS

    DR

    DR

    VTel

    DIV REAR

    BVTC

    1st BDE

    MVR BN

    SINCGARS (FS)

    EPLRS (AD)

    Info/Intel/Plans

    GBS

    BVTC

    BVTC

    GBS

    Sustainment

    DR

    DR

    SEN

    BVTC

    XX

    GBS

    DR

    DR

    GBS

    MVR BN

    Mobility

    GBS

    BVTC

    204FSB

    Relay

    GBS

    DR

    SEN

    GBS

    TGT/Fires

    DR

    DR

    BVTC

    704MSB

    GBS

    GBS

    DR

    DR

    MVR BN

    SINCGARS (FS)

    EPLRS (AD)

    GBS

    4-42FA

    SEN

    LEN

    XXX

    X

    DR

    SEN

    DR

    DR

    GBS

    DIVARTY

    DR

    588ENG

    GBS

    DR

    BVTC

    GBS

    CMDRBCV

    TAC

    SINCGARS (FS)

    EPLRS (AD)

    HCLOS

    Basic Distribution Requirement

    • Distribution Polices

    • Automation & Notification

    • User Controls

    • Transport Mechanisms

    • System and Process Monitors

    • Security, Logs, and Archives

    SEN

    DR

    DR

    GBS

    DR

    DR

    XX

    Division Slice

    2nd BDE

    MVR BN

    GBS

    BVTC

    DR

    GBS

    DR

    DR

    DR

    GBS

    SEN

    124th SIG BN

    GBS

    DR

    DR

    C2V

    MVR BN

    GBS

    4 FSB

    Relay

    HCLOS

    DIV CDR

    DR

    DR

    Theater Injection Point (TIP)

    DR

    GBS

    DR

    DR

    MVR BN

    GBS

    GBS

    A2C2S

    3-16FA

    XXX

    SEN

    SEN

    X

    GBS

    GBS

    VTel

    DIV CDR

    DMAIN

    DR

    DR

    DR

    BVTC

    SINCGARS (FS)

    EPLRS (AD)

    4ENG

    DR

    DR

    GBS

    CMDRBCV

    GBS

    TAC

    SEN

    GBS

    DR

    DR

    404 ASB

    SEN

    DR

    DR

    GBS

    MVR BN

    GBS

    3rd BDE

    BVTC

    XX

    DR

    DR

    DR

    DR

    SEN

    SEN

    GBS

    GBS

    DR

    DR

    4th BDE

    DTAC 1

    Distribution Policy

    SEN

    MVR BN

    GBS

    DR

    DR

    GBS

    BVTC

    BVTC

    SINCGARS (FS)

    EPLRS (AD)

    SINCGARS (FS)

    EPLRS (AD)

    64 FSB

    Relay

    DR

    DR

    • What

    • When

    • Where

    • How

      - Prioritized

      - Encrypted

      - Network

    MVR BN

    GBS

    GBS

    DR

    DR

    GBS

    DR

    DR

    DR

    DR

    GBS

    GBS

    3-29FA

    SEN

    1/4 AVN BN

    2/4 AVN BN

    9-1FA

    DR

    DR

    GBS

    1/10CAV

    1/10 CAV Sqdn

    CMDRBCV

    Note: 3rd BDE not part of 1DD in Sep 2000.

    • Pragmatics in GCCS


    Information sharing and security data integrity l.jpg
    Information Sharing and SecurityData Integrity

    • Concerns: Consistency, Accuracy, Reliability

    • Accidental Errors

      • Crashes, Concurrent Access, Logical Errors

      • Actions:

        • Integrity Constraints

        • GUIs

        • Redundancy

    • Malicious Errors

      • Not Totally Preventable

      • Actions:

        • Authorization, Authentication, Enforcement Policy

        • Concurrent Updates to Backup DBs

        • Dual Homing


    Information sharing and security discretionary access control l.jpg
    Information Sharing and Security Discretionary Access Control

    • What is Discretionary Access Control (DAC)?

      • Restricts Access to Objects Based on the Identity of Group and /or Subject

      • Discretion with Access Permissions Supports the Ability to “Pass-on” Permissions

    • DAC and DCP

      • Pass on from Subject to Subject is a Problem

        • Information Could be Passed from Subject (Owner) to Subject to Party Who Should be Restricted

      • For Example,

        • Local Commanders Can’t Release Information

        • Rely on Discretion by Foreign Disclosure Officer

      • Pass on of DAC Must be Carefully Controlled!


    Information sharing and security role based access control l.jpg
    Information Sharing and Security Role Based Access Control

    • What is Role Based Access Control (RBAC)?

      • Roles Provide Means for Permissions to Objects, Resources, Based on Responsibilities

      • Users May have Multiple Roles Each with Different Set of Permissions

      • Role-Based Security Policy Flexible in both Management and Usage

    • Issues for RBAC and DCP

      • Who Creates the Roles?

      • Who Determines Permissions (Access)?

      • Who Assigns Users to Roles?

      • Are there Constraints Placed on Users Within Those Roles?


    Information sharing and security mandatory access control l.jpg
    Information Sharing and Security Mandatory Access Control

    • What is Mandatory Access Control (MAC)?

      • Restrict Access to Information, Resources, Based on Sensitivity Level (Classification) Classified Information - MAC Required

      • If Clearance (of User) Dominates Classification, Access is Allowed

    • MAC and DCP

      • MAC will be Present in Coalition Assets

      • Need to Support MAC of US and Partners

      • Partners have Different Levels/Labels

      • Need to Reconcile Levels/Labels of Coalition Partners (which Include Past Adversaries!)


    Information sharing and security other issues l.jpg
    Information Sharing and SecurityOther Issues

    • Intrusion Detection

      • Not Prevention

      • Intrusion Types:

        • Trojan Horse, Data Manipulation, Snooping

      • Defense:

        • Tracking and Accountability

    • Survivability

      • Reliability and Accessibility

      • Defense:

        • Redundancy

    • Cryptography

      • Fundamental to Security

      • Implementation Details (key distribution)


    Candidate security approach software architecture l.jpg
    Candidate Security ApproachSoftware Architecture

    Global Clock

    Resource (GCR)

    Security Policy Client (SPC)

    Wrapped

    Wrapped

    General

    Lookup

    Resource

    Resource

    COTS

    Resource

    for Database

    for COTS

    Service

    Client

    Application

    Security Authorization

    Client (SAC)

    Application

    Wrapped

    Resource

    for Legacy

    Application

    Lookup

    Service

    Unified Security Resource (USR)

    Security

    Policy

    Services

    Security

    Authorization

    Services

    Security

    Registration

    Services

    Security

    Analysis and Tracking (SAT)

    Database

    Client

    Java

    Client

    Software

    Agent

    Legacy

    Client


    Candidate security approach enforcement framework l.jpg
    Candidate Security ApproachEnforcement Framework

    1 Register_Client(DoRight,100.150.200.250, ArmyLogCR1)

    2 Verify_UR(DoRight,ArmyLogCR1)

    3 Client OK?

    4 Return Result,Create_Token(DoRight,ArmyLogCR1,Token)

    6 CrisisPicture(Token,CR1, NA20, NC40)

    5. Discover/Lookup(GCCS,Joint,CrisisPicture)

    Returns Proxy to Course Client

    11 Return Result,CrisisPicture(…)

    7 IsClient_Registered(Token)

    8 Return Result of IsClient_Registered(…)

    GCCS

    Client

    Security

    Registration

    Services

    USR

    Security

    Authorization

    Services

    Lookup

    Service

    Global

    Clock

    Tracking

    Tool

    9 Check_Privileges(Token, GCCS, Joint,

    CrisisPicture, [NA20,NC40])

    GCCS

    Resource

    Security

    Policy

    Services

    10 Return Result of Check_Privileges(…)


    Candidate security approach security assurance checks l.jpg
    Candidate Security ApproachSecurity Assurance Checks

    Start Constraint-Based

    Assurance Checks

    Required

    User-Authentication

    Check

    Yes

    Authentication

    Successful

    No

    Authentication

    Unsuccessful

    (to error handler)

    No

    Mandatory

    Access Control

    Check

    Time

    Constraint

    Check

    Value

    Constraint

    Check

    Yes

    Authorization

    Successful

    (continue process)

    Yes

    Yes

    No

    No

    No

    Authorization

    Unsuccessful

    (to error handler)


    Conclusions and ongoing work l.jpg
    Conclusions and Ongoing Work

    • Explored Information Sharing Issues

    • Defined the Dynamic Coalition Problem

    • Discussed Coalition Participants

    • Examined GCCS and Needed Improvements

    • Offered Candidate Security Approach

    • Related/Ongoing Research Includes

      • Support for Mandatory Access Controls

      • Role Deconfliction and Mutual Exclusion

      • User Constraints

      • User Role Delegation Authority

      • www.engr.uconn.edu/~steve/DSEC/dsec.html