third generation security 3gs n.
Download
Skip this Video
Loading SlideShow in 5 Seconds..
Third Generation Security (3GS) PowerPoint Presentation
Download Presentation
Third Generation Security (3GS)

Loading in 2 Seconds...

play fullscreen
1 / 12

Third Generation Security (3GS) - PowerPoint PPT Presentation


  • 170 Views
  • Uploaded on

Third Generation Security (3GS). 13 February 2001 Jaynarayan H. Lala Defense Advanced Research Projects Agency Advanced Technology Office (ATO). Program Structure Drivers. Imperative: Focus technology development to operational systems-driven needs and vulnerabilities Conclusions:

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about 'Third Generation Security (3GS)' - annot


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
third generation security 3gs

Third Generation Security (3GS)

13 February 2001

Jaynarayan H. Lala

Defense Advanced Research Projects Agency

Advanced Technology Office (ATO)

program structure drivers
Program Structure Drivers
  • Imperative: Focus technology development to operational systems-driven needs and vulnerabilities
  • Conclusions:
    • Threat: Current and growing threat to DoD ranging from ankle biters to nation-states
      • Increasingly sophisticated attacks
      • Reduced attacker knowledge needed
    • Importance: Problem is urgent, of national importance, and DARPA-hard
    • DARPA role is to perform the critical defensive research necessary to change the current asymmetric threat situation to potential balance and eventually to strategic advantage
      • Provide revolutionary technology -> Tech base programs
      • Near term: Early operational experimentation to transition technology and get field experience
      • Longer term: Comprehensive systems-level approach with strategic thinking -> Systems program
networked computer systems vulnerabilities
Networked Computer Systems’ Vulnerabilities
  • Mobile / Malicious Code
  • Attack Multiplier/ Dist. Denial of Service Attacks
  • Misuse & Insider Threats
  • Mobile Environments (e.g., wireless transmissions, non-IP attacks)
operational needs
Operational Needs
  • Enterprise-wide information assurance status
    • Operational impact of failures/attacks
    • Automated network defense and management
  • Correlation, traceback and attribution
  • Enterprise-wide course of action determination and prioritized responses
  • Secure coalition networks
  • Operate through attacks
  • Graceful degradation
  • Dynamic operating point selection (performance, functionality, security) – response to INFOCON and indications and warnings
threat classes
Threat: Classes

Nation-states,

Terrorists,

Multinationals

Information terrorism

Economic intelligence

Disciplined strategiccyber attack

Military spying

Selling secrets

Civil disobedience

Serious hackers

Embarrassing organizations

Discrediting products

Harassment

Collecting trophies

Stealing credit cards

Script kiddies

Copy-cat attacks

Curiosity

Thrill-seeking

threat characteristics
Threat : Characteristics

High

High

High

High

INNOVATION

COORDINATION

PLANNING

STEALTH

Low

Low

Low

Low

Nation-states,

Terrorists,

Multinationals

Information terrorism

Economic intelligence

Disciplined strategiccyber attack

Military spying

Selling secrets

Civil disobedience

Serious hackers

Embarrassing organizations

Discrediting products

Harassment

Collecting trophies

Stealing credit cards

Script kiddies

Copy-cat attacks

Curiosity

Thrill-seeking

information assurance three generations of security technologies
Information AssuranceThree Generations of Security Technologies

Access Control & Physical Security

Cryptography

Multiple Levels of Security

Trusted Computing Base

Intrusions will Occur

2nd Generation

(Detect Intrusions, Limit Damage)

PKI

VPNs

Intrusion Detection Systems

Firewalls

Boundary Controllers

Some Attacks will Succeed

Performance

3rd Generation

(Operate Through Attacks)

Functionality

Security

Big Board View of Attacks

Real-Time Situation Awareness

& Response

Graceful Degradation

Hardened Core

Intrusion Tolerance

1st Generation

(Prevent Intrusions)

slide8

Components of Third Generation Security

(3GS)

  • Technology Base
    • - Organically Assured & Survivable Information System (OASIS)
    • - Cyber Panel
    • - Survivable Wired & Wireless Infrastructure for Military Operations (SWWIM)
    • Dynamic Coalitions
    • Fault Tolerant Networks (FTN)
    • Composable High Assurance Trusted Systems (CHATS)
  • Experimentation
    • - Operational Experimentation
  • Survivable GIG Systems
    • Strawman Architecture Study
    • System Concept Study
    • - Risk Reduction
    • - Design, Implementation
    • Field Assessment

Early Experimentation

Cyber Panel

OASIS

Survivable GIG System

SWWIM

DC/FTN/CHATS

Early Experimentation

program managers
Program Managers
  • Dr. Jaynarayan Lala – jlala@darpa.mil, 703-696-7441
    • Organically Assured Survivable Information Systems, Survivable Global Information Grid System
  • Dr. Douglas Maughan – dmaughan@darpa.mil, 703-696-2373
    • Dynamic Coalitions, Fault Tolerant Networks, Composable High Assurance Trustworthy Systems
  • Ms Catherine McCollum – cmccollum@darpa.mil, 703-696-2353
    • Cyber Panel, Coalition Partners in Experimentaion
  • Mr. Brian Witten – bwitten@darpa.mil, 703-696-2323
    • Survivable Wired and Wireless Infrastructure for Military Operations, Partners in Experimentation

www.darpa.mil

oasis
OASIS

request

responses

control

Intrusion Tolerant Architecture

Objectives

  • Construct intrusion-tolerant architectures from potentially vulnerable components
  • Characterize cost-benefits of intrusion tolerance mechanisms
  • Develop assessment and validation methodologies to evaluate intrusion tolerance mechanisms

Servers

COTS

Ballot

Acceptance

Proxy

Servers

Monitors

Monitors

P

B

A

S

1

1

1

1

Users/Clients

Protected

P

B

A

S

2

2

2

2

P

B

A

S

u

v

m

n

Audit

Adaptive

Control

Reconfiguration

Technical Approach

Schedule

1/99

1/00

1/01

1/02

1/03

  • Real-Time Execution Monitors: In-line reference monitors, wrappers, sandboxing, binary insertion in legacy code, proof carrying code, secure mobile protocols
  • Error Detection & Tolerance Triggers: Time and Value Domain Checks, Comparison and Voting, Rear Guards
  • Error Compensation, Response and Recovery: Hardware and Software Redundancy, Rollback and Roll-Forward Recovery
  • Intrusion Tolerant Architectures: Design Diversity, Randomness, Uncertainty, Agility
  • Assessment & Validation: Peer Review Teams, Red Team, Assurance Case (Fault Tree, Hazard Analysis, Formal Proofs, Analytical Models, Empirical Evidence)

Phase I

Real-time Execution

Monitors,

Error Detection

Developing

Technology

Drops

Phase II

Error Compensation,

Response, Recovery

survivable gig systems program
Survivable GIG Systems Program

3/03

Prior

Tech

Base

12/02

Revamped Tech Based Projects

Final Validation

6/02

1/01

10/00

3/01

5/02

3/01

1/01

6/03

5/02

3/02

2/04

8/02

Downselect

2/04

1/05

Survivable System

Objectives

Cyber

Panel

  • Develop a survivable GIG system, from applications down to communications infrastructure, that can
    • operate through a wide class of cyber attacks
    • gracefully degrade system functionality in the face of attacks
    • dynamically reconfigure to optimize performance, functionality and survivability
  • Develop a Cyber Panel to monitor GIG system health and attack state, and respond to attacks
  • Demonstrate seamless operation of GIG systems and Cyber Panel, including Cyber Panel-set system operating points

Navigation

Tactical

Imagery

Messaging

COP

Intel

...

Intel BCSTs

PC LAN

Links

Comms

Organic

HUB

SIPRNET

COTS

Local LAN

DMS

Other Systems

...

Schedule

Systems Approach

  • Follow a requirements-driven systems engineering approach
  • Build on IA&S technology foundation and prior research
    • Develop a strawman survivable GIG architecture for an exemplar C4ISR system, its communications links, and a theater-wide cyber panel that showcases the latest research products and commercial information system survivability technology .
  • Design, implement and exercise the integrated Survivable GIG system and Cyber Panel in an operational environment, demonstrating capabilities afforded by emerging technologies and serving as a pathfinder to make other DoD systems survivable.
schedule
Schedule

3/03

Prior

Tech

Base

12/02

Revamped Tech Based Projects

Final Validation

6/02

1/01

10/00

3/01

5/02

3/01

1/01

6/03

5/02

3/02

2/04

8/02

Downselect

2/04

1/05