1 / 15

Securing Emerging Mobile Technology

Securing Emerging Mobile Technology. John G. Levine Ph.D. d/Chief Architecture Group. 13 SEP 2012. 1. Unambiguous demand signal from customers. 2. Secure Anywhere, Anytime Access to Enterprise Infrastructure. 3. Current Mobility Environment. User Threat. Mobile Landscape.

fergus
Download Presentation

Securing Emerging Mobile Technology

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Securing Emerging Mobile Technology John G. Levine Ph.D. d/Chief Architecture Group 13 SEP 2012 1

  2. Unambiguous demand signal from customers 2

  3. Secure Anywhere, Anytime Access to Enterprise Infrastructure 3

  4. Current Mobility Environment User Threat Mobile Landscape • Unaware of potential threats • Susceptible to social engineering • Bypassing "inconvenient“ security • Insider threat, leaks and sabotage • Ease of use is valued over security • Vulnerabilities are widespread • Attacks are cheap and easy • Apps available at low or no cost • Minimal technical experience required MobileLandscape Users Infrastructure Infrastructure Threat • Multiple points of interception • Communication and Data Centers / Towers • Towers, Wireless and Wireline • Over the Air updates • Rogue base stations 4

  5. Pathway to Security • Security must be integrated into components – systems approach • User interfaces must be intuitive and familiar • Policy needs to stay on top of technology curve • Solutions should: • Support commercial functionality • Be cost effective • Align with commercial product lifecycles UserExperience Security 5

  6. Mobility Enterprise Strategy PSTNGateways Internet AccessGateways The Cloud Seamless Transition 3G | 4G Wi-Fi 6

  7. External Dependencies • Carrier data coverage • QoS in carrier networks * • Data circuits in carrier networks * 4G / LTE is expected to improve some of the user experience as carriers upgrade 7

  8. MOBILITY GOALS Commercial development focused to meet security requirements out of the box Establish Partnerships and work with Industry Forecast and prepare for next generation security technologies Policy enforcement & enterprise security Establish a Mobile Enterprise Capability Interoperability via gateways Anywhere, Anytime, Access to Unclass, Secret, Top Secret & SCI infrastructure Minimum security capabilities Publish and updateCapability Packages Vendor agnostic architectures Residual risk assessments 8

  9. Capability Delivery Process Technology Gaps Implement Operational Capability System Bugs • Requirements Guidance to Industry • Capability Package Test & Evaluate Develop Concept Design Security Architecture Identify Need Prototype Pilot 9

  10. Mobility Pilots Architecture • Two layers of encryption (VoIP and VPN) • Gateway connection to Enterprise Infrastructure • Backend services secured in a SCIF • Delivers secure voice and data capability • Dependant on carrier QoS • Hardened handsets Milestones • Unclassified Pilot Kickoff (30 Sep 2011) • Classified Pilot Kickoff (Dec 2011) • Web based Data Pilot (May 2012) 10 UNCLASSIFIED//FOR OFFICIAL USE ONLY

  11. Mobility Capability Package Pilots are used to help create CPs Development and release is an iterative process between IAD experts, interested vendors, and external partners Customers CSfC IAD SME Package Release Community Vendors Integrators Partners Mobility Capability Packages Late 2012 Early 2013 Late 2012 • Mobility • Capability Package • Evolution • (dates reflect target for publication to NSA.gov) 11

  12. Key Achievements to Date • Established Mobility Innovation Center (MIC) to drive/prove technology • Delivered TOP SECRET voice and data pilot (FISHBOWL) • Delivered NSA Campus laptop pilot (WIFIGHTER) • Demonstrated tablet architecture • First Mobility Capabilities Package on web at NSA.gov 12

  13. Looking Ahead • Improve user experience • Prototype and pilot data services to other devices • Continue to perform vulnerability analysis of emerging technologies • Prototype and pilot Evolved Packet Core (EPC) capabilities • Continue to mature Mobility Capability Packages • Continue to work with Industry • Incorporate lessons learned into future demonstrations 13

  14. Conclusion Securing mobility requires a new way of thinking: • Use commercial standards, platforms and applications when possible • “Composable” and layered solutions/services to achieve desired security • Integrated and hardened commercial infrastructure • Keep pace with emerging technologies • Strong partnerships between government and industry • Work early and often with Industry toget it right from the start! 14

  15. Forward. Thinking.

More Related