slide1 l.
Skip this Video
Loading SlideShow in 5 Seconds..
Information Warfare in the Trenches : Teaching Cadets the Basics of Information Assurance PowerPoint Presentation
Download Presentation
Information Warfare in the Trenches : Teaching Cadets the Basics of Information Assurance

Loading in 2 Seconds...

play fullscreen
1 / 36

Information Warfare in the Trenches : Teaching Cadets the Basics of Information Assurance - PowerPoint PPT Presentation

  • Uploaded on

Information Warfare in the Trenches : Teaching Cadets the Basics of Information Assurance. Information Assurance Education OR Training: Blurring the Boundaries Aaron J. Ferguson, Ph.D., CISSP National Security Agency Visiting Professor United States Military Academy

I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
Download Presentation

PowerPoint Slideshow about 'Information Warfare in the Trenches : Teaching Cadets the Basics of Information Assurance' - adamdaniel

An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.

- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript

Information Warfare in the Trenches: Teaching Cadets the Basics

of Information Assurance

Information Assurance Education OR Training: Blurring the Boundaries

Aaron J. Ferguson, Ph.D., CISSP

National Security Agency Visiting Professor

United States Military Academy

Department of Electrical Engineering & Computer Science

  • Education – the act or process of bringing an understanding to an individual.
  • Training – the process or routine of making proficient with specialized instruction and practice.
  • Using Bloom’s Taxonomy as a model, provide strategies for using the training standards to build a curriculum that educates—allows the student to take Information Security Professional and Designated Approval Authority knowledge and demonstrate conceptual understanding in multiple contexts.
attributes of information assurance education
Attributes of Information Assurance Education
  • Context Sensitive
  • Dynamic
  • Multidisciplinary
  • Application-Oriented
center of academic excellence in information assurance education
Center of Academic Excellence in Information Assurance Education
  • Provides an excellent Roadmap for Information Assurance Course and Curriculum Development
    • NSTISSI 4011 – Training of INFOSEC Professionals
    • NSTISSI 4012 – Designated Approval Authority
  • Strategies
    • USMA Courses
    • USMACOM Case Study
nstissi 4011 training of infosec professionals
NSTISSI 4011 – Training of INFOSEC Professionals
  • The NSTISSI 4011 establishes the minimum training standard for the training of information systems security professionals in the disciplines of telecommunications and automated information systems security.
what are the infosec professional big ideas
What are the INFOSEC Professional “Big Ideas?”
  • Awareness
    • Sensitivity to the threats and vulnerabilities of national security information systems, and a recognition of the need to protect data, information, and the means of processing them and builds a working knowledge of INFOSEC principles and practices
  • Performance
    • The skill and/or ability to design, execute, or evaluate agency INFOSEC security procedures and practices.
  • Courses
    • CS482 – Information Assurance
      • Cyber Defense Exercise
    • IT460 – Cyber Warfare
    • NSA Coder’s Cup
nstissi 4012 designated approving authority
NSTISSI 4012 – Designated Approving Authority
  • The NSTISSI 4012 establishes the minimum course content or standard for the development and implementation of training for Designated Approving Authorities in the disciplines of telecommunications security and information systems (IS) security.

What are the DAA “Big Ideas?”

  • INFOSEC Functions
  • Legal Liability Issues
  • Policy
  • Threats and Incidents
  • Access
  • Administration

What is a Controlled Interface Device (aka Security Guard)?




  • Guard: A device or collection of devices that mediate controlled transfers of information across security boundaries (e.g., between Security Domain “A” and Security Domain “B”).
    • It is “trusted” to allow sharing of data across boundaries (possibly including controlled “read up” and/or “write down”)
    • Part of the “high side” security architecture
    • Enforces a defined security policy
  • Other characteristics: type of data being passed, direction of data flow; human or fully automated review; number of connections; connection protocol (serial; Ethernet)

Guards Versus Firewalls

  • Guards
    • Generally implemented on trusted platform (often B1 or higher)
    • Connects domains at different levels
    • Opens doors that are normally closed
    • Prevents data leakage
    • Filters data at application level
    • Few services allowed through (e.g., E-mail, messages, file transfer)
    • Often no IP forwarding
    • Performs downgrading
  • Firewalls
    • Not generally implemented on trusted platform
    • Connects domains at same level
    • Closes doors that are normally open
    • Controls network services
    • Filters packets at protocol level; may proxy packets at application level
    • More services allowed through (e.g., file transfer, E-mail, TELNET, HTTP)
    • Some types offer IP forwarding
    • No downgrading required
usmacom case study
USMACOM Case Study
  • Establish secure network communications with coalition partners to provide an immediate Coalition Task Force (CTF) capability.
  • CTF membership is based on trust level—level of trust between the US and country seeking membership in the CTF.
  • The ultimate goal is to protect the SIPRNET, as it is a SECRET-High US only network with connectivity to the National Information Infrastructure. However, information on the SIPRNET must be securely shared with members of the CTF.
  • A Foreign Disclosure Officer on the SIPRNET decides what information gets shared with the CTF.
  • The CTF is classified CTF-SECRET, and the Nation LAN is assumed to be UNCLASSIFIED.
usmacom learning objectives
USMACOM Learning Objectives
  • Demonstrate an understanding of the INFOSEC functions of a DAA.
  • Discuss threats and vulnerabilities.
  • Perform a risk assessment.
  • Explain the DAA’s role in information warfare through the use of Information Security tactics, techniques, and procedures.
usmacom learning objectives19
USMACOM Learning Objectives
  • Describe ways in which connecting to the National Information Infrastructure can create risks to your systems.
  • Discuss the importance of training to the separation of duties required of the DAA.
  • Explain DAA responsibility for preventing unauthorized disclosure of information.
  • Extrapolate risk management concepts to multiple scenarios.
  • Make decisions based on reasoned judgment.
high level requirement
High-Level Requirement






low level requirements
Low-Level Requirements
  • Must develop a one-time accreditable security architecture that uses high-assurance guarding technology to facilitate information exchange across security domains.
  • USMACOM must be able to add a new member (now and in the future) to any tier without going through the accreditation process for each nation.
  • For each CTF user, she has a colleague back in her home country’s Nation LAN that she must communicate with.
  • There should be at least one system administrator per security domain and this person is responsible for performing all security-related administration of the security domain LAN, e.g., patch management, CERT notification, anti-virus maintenance, and training.
case study assumptions
Case Study Assumptions
  • The CTF resides in US spaces and is US-owned and administered. The composition of coalition partners will be dynamic throughout operations and all data is releasable to all individuals who have authorized access to the CTF LAN.
  • The CTF LAN will be a high attribution/high consequence network--must use a multi-tiered architecture with each tier having different domain names for email purposes.
  • Clients in non-US-controlled spaces will not be allowed to access CTF LAN resources directly.
case study assumptions23
Case Study Assumptions
  • Connectivity will be severely restricted—by data attachment type (“dot-pdf”, “dot-rtf”, “dot-txt”, HTML, and “dot-gif”) and data flow direction.
  • Unauthorized access to SIPRNET resources or data must be the result of intentional malicious action by an authorized CTF user located in controlled US spaces or by a malicious user in one of the Nation-LANs.
  • An in-country user should not be able to spoof a CTF user’s email address.
what are daa big ideas
What are “DAA” Big Ideas?
  • Accreditation and the role of the DAA
  • Tier membership/trust level
  • Attachment Types
    • Threats and Vulnerabilities
  • Risk Assessment
accreditation and the role of the daa
Accreditation and the Role of the DAA
  • The Designated Approval Authority (DAA) is the person that assumes all risk for operating a system in a specified configuration in a specified location for a specified period of time.
    • System architecture, system security measures, system operations policy, system security management plan, and provisions for system operator and end user training.
    • The student should play the role of the DAA and establish guidelines for the security posture of any system and/or architecture that she is required to approve.
tier membership trust level
Tier membership/Trust level
  • Trust level and Tier membership have attribution implications.
    • The student should be able to explain attribution and how it manifests itself in multiple contexts, since attribution and Trust level/Tier membership are tightly coupled.
    • Student will also have to decide what file types are going to be exchanged between the CTF-LAN and the SIPRNET and in what direction.
attachment type


Guard Type/Services





Attachment Type
risk assessment
Risk Assessment
  • As a culminating exercise the instructor should have one set of students act as the DAA and another set act as Risk Analysts (RA) making their accreditation case to the DAA.
  • The RAs should be able to either make a compelling case for the DAA to accredit or make a compelling case for not accrediting—all based on risk evidence.
  • This risk evidence should be built around trust level, level of attribution, consequence, data flow, and data type.
scaffolding questions
Scaffolding Questions
  • Is there still high attribution if a Tier 0 user sends malicious email to the SIPRNET with a malicious code attachment? Why?
  • How could a Tier 2 user compromise Tier 1?
  • Why is the Tier 1 LAN a lower risk than the Tier 2 environment?
  • Can a user in Tier 2 spoof an email address?
scaffolding questions cont d
Scaffolding Questions (cont’d)
  • What are some of the system administration challenges associated with the design?
  • How do you set up a CERT function in a coalition environment? Who enforces it?
  • Suppose USMACOM levied a new requirement: move all Tier 1 users down to Tier 2 to facilitate collaboration (e.g., chat, VoIP). Currently there are no Guarding Technologies that allow secure chat or secure VoIP.
    • Specifically, user A1 cannot chat with user A2 even though they are from the same nation. What would you do and why?
how do we blur the boundaries with ia training standards
How do we Blur the Boundaries with IA Training Standards?

As information security becomes increasingly important, it can no longer be left to the realm of training.

  • Standards need to be “de-govied”—less government-focused and include academic and industry foci.
  • The standards need to focus more on Information Assurance than INFOSEC as the former defines thinking and behavior and the latter just behavior.
  • The standards should be incorporate more layer 2 (comprehension), 4 (analysis), 5 (synthesis), and 6 (evaluation), because without these critical layers, the case for academic excellence in Information Assurance is tenuous at best!
changes coming down the road
Changes Coming Down the Road
  • More Information Assurance focused vice INFOSEC
  • More User-Friendly
  • More input from Academia and Private Industry
  • Contract to upgrade 4011 to be let in May/June
  • 4012 fully coordinated with CNSS community and in for DIRNSA signature.
  • DISA to create 4012 CBT.
  • 4012 renamed Senior Systems Manager
    • Focused on advances in technology

Aaron J. Ferguson, Ph.D., CISSP

National Security Agency Visiting Professor

Dept. of Electrical Engineering & Computer Science

United States Military Academy




If you like this briefing, please send an email to:

If you did not like this briefing, please send an email to: