1 Susan Alexander Chief Technology Officer for Information and Identity Assurance Office of the Assistant Secretary of Defense, Networks and Information.

Slides:

Advertisements

Similar presentations

What is Infrastructure Optimisation and Why should you care?

Advertisements

1/17/20141 Leveraging Cloudbursting To Drive Down IT Costs Eric Burgener Senior Vice President, Product Marketing March 9, 2010.

A Flexible Cloud-Computing Platform Focus on solving business problems

Towards Remote Policy Enforcement for Runtime Protection of Mobile Code Using Trusted Computing Xinwen Zhang Francesco Parisi-Presicce Ravi Sandhu

Cyber Defence Data Exchange and Collaboration Infrastructure (CDXI)

Sunrise ® Integrated OmniChannel Cloud Solutions Integrated OmniChannel Cloud Solutions.

Device Evolution Greg Pelton Chief Technology Officer

AIM Operational Concept

Microsoft A Vision for Health. Consumerism/ Choice A Challenging World Public Health Healthcare spend increasing as % of GDP spend Increasing social cost.

Future Command and Control The Interoperability Imperative 29 Oct 07 Maj Gen Bill Rajczak USJFCOM J8A.

Navy’s Operational Authority for Naval Networks, Information Operations, and FORCEnet 2004 Strike, Land Attack & Air Defense Annual Symposium Vice Admiral.

Internet of Things Security Architecture

CSE 5392By Dr. Donggang Liu1 CSE 5392 Sensor Network Security Course Introduction.

Keeping the War Fighter Informed

Australia and Cyber Warfare by Ian Dudgeon A presentation to the AIIA Queensland Branch 14 June 2011.

5/17/ SUPPORT THE WARFIGHTER DoD CIO 1 (U) FOUO DoD Transformation for Data and Information Sharing Version 1.0 DoD Net-Centric Data Strategy (DS)

UNCLASSIFIED 1 Joint Net-Centric Operations Strawman Joint Net-Centric Operations: The ability to exploit all human and technical elements of the joint.

Connecting People With Information DoD Net-Centric Services Strategy Frank Petroski October 31, 2006.

A Combat Support Agency. Vision & Mission ServicesAgenciesCOCOMS NATO & Coalitions 2 Industry.

NATO Network Enabled Capabilities

Script Kiddies; CybercrimeCyber-espionage; Cyber-warfare CybercriminalsState sponsored actions; Unlimited resources Attacks on fortune 500All sectors.

Securing Content in the Department of Defense’s

Key Action II - Objectives Support the development and adoption of novel IST solutions for eCommerce & eWork aimed at enhancing: Support the development.

A Combat Support Agency Defense Information Systems Agency UNCLASSIFIED Program Executive Office GIG Enterprise Services (PEO-GES) 101 Briefing As of October.

Securing Legacy Software SoBeNet User group meeting 25/06/2004.

Data Sharing and Standards Division 4 th December 2006 Collaboration in Practice Introduction - Robert Forman Prime Systems Integrator Role - Atos Origin.

Storage Security and Management: Security Framework

1 NATO HQ C 3 Staff The NATO HQ need for the Web: How policy requirements are affected by the need to take web development into account Georges D’hollander.

Defense Needs for Future Information Assurance Standards John James “Know the enemy, know yourself; your victory will never be endangered.

Preparing your Fabric & Apps for Windows Server 2003 End of Support Jeff Woolsey Principal Program Manager.

About Chris Welch Synergy – Global Reach. Local Service. - Cell Online - USA | South.

Enterprise User Enabling Warfighter Capability

I n t e g r i t y - S e r v i c e - E x c e l l e n c e Headquarters U.S. Air Force 1 Lt Gen Bill Lord, SAF/CIO A6 Chief of Warfighting Integration and.

1 NEW GENERATION SECURE COMPUTING BASE. 2 INTRODUCTION  Next Generation Secure Computing Base,formerly known as Palladium.  The aim for palladium is.

Improving Integration of Learning and Management Systems Paul Shoesmith Director of Technical Strategy Becta.

Department of Defense Information Age Vision Linton Wells II ASD(NII)/DoD CIO-Acting United States DoD North American Day 2005.

出處 :2010 2nd International Conference on Signal Processing Systems (ICSPS) 作者 :Zhidong Shen 、 Qiang Tong 演講者 : 碩研資管一甲吳俊逸.

NT SECURITY Introduction Security features of an operating system revolve around the principles of “Availability,” “Integrity,” and Confidentiality. For.

Federal Cybersecurity Research Agenda June 2010 Dawn Meyerriecks

The DoD Information Enterprise Strategic Plan and Roadmap (SP&R)

Enabling Secure Always-On Connectivity [Name] Microsoft Corporation.

© Intapp, Inc. 1 Cloud Strategies for Law Firms: Enabling Lawyer Productivity, Maintaining Firm Control.

Enterprise Cybersecurity Strategy

From Information Assurance to Trusted Systems – A Strategic Shift Patricia A. Muoio Chief, NSA Trusted Systems Research (formerly known as National Information.

Geneva, Switzerland, September 2014 ITU-T SG 17 Identity management (IdM) Progress Report Abbie Barbir Ph.D., ITU-T Study Group 17 Q10/17 (Identity.

University of Washington Collaboration: Identity and Access Management Lori Stevens University of Washington October 2007.

Latest Strategies for IT Security Margaret Myers Principal Director, Deputy CIO United States Department of Defense North American Day 2006.

Cyber in the Cloud & Network Enabling Offense and Defense Mark Odell April 28, 2015.

1 Innovation & Transformation: Enabling Information Superiority for the Warfighter Mr. Arthur R. Friedman OASD(NII)/DoD CIO 4 October 2006.

CNCI-SCRM STANDARDIZATION Discussion Globalization Task Force OASD-NII / DoD CIO Unclassified / FOUO.

Introducing the New iManage Dan Carmel, Chief Marketing Officer.

Mobile Security Solution Solution Overview Check Point Mobile Threat Prevention is an innovative approach to mobile security that detects and stops advanced.

Information Security, Theory and Practice.

Issues and Protections

Barracuda Web Security Flex

Program Executive Office GIG Enterprise Services (PEO-GES)

Software Assurance Security Issues

Company Overview & Strategy

Interoperability versus Cyber Security/Information Assurance?

Agenda Workforce Development Coaching Mentoring

Joint Staff J8, Deputy Director for C4

DoD Spectrum Strategies

AFCEA NOVA Warfighter Support Agencies IT Day

DISN Evolution Mr. Charles Osborn

What are the Resilience Mechanisms? Hugo Pereira Evoleo Technologies

Web Information Systems Engineering (WISE)

Security in SDR & cognitive radio

Chapter 4: Security Policies

In the attack index…what number is your Company?

Considerations for End-to-End Trust

Presentation transcript:

1 Susan Alexander Chief Technology Officer for Information and Identity Assurance Office of the Assistant Secretary of Defense, Networks and Information Integration/Chief Information Officer (OASD/NII) DOD/CIO Power to the edge– not the adversary IA for Net-centricity September 17, 2008 Power to the edge– not the adversary IA for Net-centricity September 17, 2008

2 Governing Principles of Net-centric warfare

3 So whats so different? Massively distributed enterprise of (mostly) non- replicated resources – integrity, availability Blurring of tactical and strategic, with every node a portal into the whole Notion that access will be based upon users need rather than originators permission – balancing confidentiality with availability Net-centric provisioning (including C2) for agility and flexibility Reliance upon remote and anonymous nodes - authenticity, integrity In a Nutshell: the need for Distributed Trust

4 GOALS: Evolve & Populate the NCE Protect & Defend the NCE Manage & Operate the NCE Net Centric Environment (NCE): Objective, Goals & Description Objective: All users, whether known or unanticipated, are able to easily discover, access, trust, and use the data/information that supports their mission objectives unconstrained by their location or time of day.

5 GIG as a combat system IA imperatives Aiming the gun: Information advantage for superior decision making Maximum accessibility of data for mission while denying knowledge to adversaries Seamless collaboration with mission partners Shoots where I point: Trustworthy and robust platform for executing intent Command and control never subverted Service is available Works under fire Attacks are prevented or deflected Can recover from successful attacks Operate through

6 Back-up Slides Some of the technology under the hood

7 Security to the Edge Construct Foundations Applications Enterprise Health Trusting the edge Security Mgmt Infrastructure AIS Mobility

8 Security management infrastructure Attribute management –Identity, location, role, trustworthiness –Sensing, authenticating –Humans, non-humans Privilege management –Resource access, command and control Policy management –Global rules of engagement, local policy –Dynamic risk calculation

9 Trusting the edge Self-protecting in a hostile environment –Hardware –Software Remotely interrogable integrity –Measurement –Attestation

10 Assured Information Sharing Must support arbitrary policy and object granularity Converges to one network Supports augmentation with guest infrastructures Guarantees integrity of information

11 Worldwide access anytime, anywhere One piece of gear Location-specific behavior Must not be overheard Must not become a target Mobility

12 Enterprise Health Availability is key to NCW Though often overlooked, so is integrity Adversary response vs. hygiene factors Might pay to integrate with SMI Huge problem– Good news is, everyone is working on it!