Title: GIG Information Assurance Architecture Protecting National Security Enterprises
1GIG Information Assurance Architecture
Protecting National Security Enterprises
- Craig Harber
- Enterprise IA Architecture Systems Engineering
Office - Information Assurance Directorate
- National Security Agency
2Net-Centricity Breaks Down Barriers to
Information Sharing, Collaboration, and Mission
Synchronization
- Benefits of an assured
- Net-Centric Environment
- Access by authorized users to information and
services anytime, anywhere - Secure collaboration among U.S., Allies,
Coalition partners - Highly available networked enterprise to support
prioritized mission operations, even while under
cyber attack - Warfighter confidence in ability to synchronize
and execute mission operations
Source NCE JFC version 1, dated 7 April 2005
net-centric
Autonomous
De-conflicted
Coordinated
Interdependent
The user community must be able to trust the
integrity and availability of the GIG information
and infrastructure
3DoDs Net-centric Global Information Grid
Fundamental transformation in information /
content management, communications, and
information assurance
DoD operations critically dependent upon a
resilient and trusted GIG
4Protecting the GIG Net-Centric Enterprise
- GIG will be a high priority target and will be
constantly threatened from a variety of
adversaries - Greater interdependence and interconnectivity of
systems will open new avenues of attack, insider
threat and misuse - IA is both an enabler of new and enhanced
net-centric capabilities and the set of
capabilities that counter the increased threats - IA must evolve from system-high perimeter
protection to an Enterprise IA protection model - High water mark approach insufficient in
environments where the users have varying levels
of trust and their systems have varying levels of
IA capabilities and trust. - NSA tasked by OSD/NII to develop the IA
architecture, protection strategy, system
requirements and guidance to achieve an assured
GIG enterprise
IA is a critical element of DoDs net-centric
vision
5The National Security Community Shares a Common
Set of IA Challenges
- The Intelligence Reform and Terrorism Prevention
Act of 2004 identifies similar net-centric
needs - means for sharing among all appropriate
Federal, State, local, and the private sector - direct and continuous online electronic access
to information - information access management controls access
to data rather than just systems and networks,
without sacrificing security - facilitates sharing of information at and
across all levels of security - services for locating people and information
- strong mechanisms to enhance accountability and
facilitate oversight, including audits,
authentication, and access controls. - take into account the varying missions and
security requirements of agencies participating
in the ISE
GIG IA broadly applicable to the National
Security Community
REF Intelligence Reform And Terrorism Prevention
Act Of 2004 , PL 108-458, SEC 1016 (Information
Sharing), Dec. 17, 2004
6IA Protection Strategy Evolution
Transactional Enterprise IA Protection
Model Required level of Information Protection
Specified for each Transaction
Static Perimeter Protection Model Common level
of Information Protection provided by System
High Environment
Source NCE JFC version 1, dated 7 April 2005
- Common User Trust Level (Clearances) across
sys-high environment
- User Trust Level sufficient across
Transaction/COI varies for enterprise
- Privilege assigned to user/device based on
operational role and can be changed
- Privilege gained by access to environment and
rudimentary roles
Future
Today
- Information authority determines required level
of protection (QoP) for the most sensitive
information in the sys-high environment high
water mark determines IT/IA/Comms Standards for
all information
- Information authority determines required level
of end-to-end protection (QoP) required to access
information translates to a set of
IT/IA/Comms Standard that must be met for the
Transaction to occur
- Manual Review to Release Information Classified
at Less than Sys-high - Manual Analysis and Procedures determine allowed
interconnects
- Automated mechanisms allow information to be
Shared (Released) when users/devices have
proper privilege and Transaction can meet QoP
requirements
7Key Elements of the Enterprise IA Strategy
(End-State)
- Transactional Information Protection
- Granular end-to-end security controls to enable
protected information exchange within the
variable trust net-centric environment - Digital-Policy Enabled Enterprise
- Dynamic response to changing mission needs,
attacks, and systems degradations through highly
automated and coordinated distribution and
enforcement of digital policies - Defense Against an Adversary From Within
- Persistently monitor, track, search for, and
respond to insider activity and misuse within the
enterprise - Integrated Security Management
- Dynamic and automated net-centric security
management seamlessly integrated with operations
management - Enhanced Integrity and Trust of Net-Centric
Systems - Robust information assurance embedded within
enterprise components and maintained over their
life-cycle
IA Component of the GIG Integrated Architecture
Version 1.1
8GIG IA Architecture Process
- Analysis of IA for a net-centric environment from
many different perspectives - Architecture Strategy
- Risk Assessment
- Capabilities Needs
- Technology Gaps
- Standards and Policy Gaps
- Transition Strategy
- Not a compliance document but will influence
existing DoD processes - requirement, resource
acquisition - JFC, JIC, JOC,
- JCIDS GIG IA ICD, CDDs, CPDs
- Net-centric Implementation Document (NCID)
- NCOW-RM
- NR-KPPs
- PB07, POM 08,
- Initial IA strategy based on best approach to
achieve GIG vision - Unconstrained Environment
9Key GIG IA Relationships
IA Architecture Integration
Global Information Grid
LandWarNet Army
Net-Centric Operational Capabilities
FORCEnet Navy
ConstellationNet Air Force
Arch
Strategy, Guidance System Requirements
Arch
NC IA Strategy
JCIDS
6 IA Op Need Areas
GIG IA Portfolio Management (GIAP)
GIG IA ICD
Arch
ESE
ESE
ESE
ESE
NCIDS
Arch
IA Standards
ESE
Arch
10GIG IA ICD Defines the Operational Capabilities
Required to Protect the GIG
Defend the GIG
Assured Information Sharing
Confidentiality
Monitors, analyzes, detects, responds to
unauthorized activity, as well as unintentional,
non-malicious user errors within DOD information
systems and networks
Integrity/Non-Repudiation
Highly Available Enterprise
DTG
Assured Mission Management
Source Extraction from GIG IA ICD
11A Balanced Mix of IA Operational Capabilities
Enables Mission Assurance..
IA EMPHASIS
Confidentiality, access controls, misuse
detection Availability, Integrity,
Prioritization, Low Bandwidth, varying user
trust Integrity
- Each Mission Area has Different IA Emphasis (i.e.
varying QoP needs) - Varying levels of trust within and between
Mission Areas - Cross Mission Area Collaboration is Complex
- Graded IA standards not a one size fits all
strategy
Assured Information Sharing
Integrity / Non-Repudiation
Assured Mission Management
Defend the GIG
HAE
Highly Available Enterprise
CON
Confidentiality
with an appropriate level of IA Functionality
and Robustness to meet each missions diverse
needs
12Synchronization of GIG Operational Needs,
Capabilities, and System Functions
OPERATIONAL CONCEPTS
REQUIRED OPERATIONAL CAPABILITIES
SYSTEM SOLUTIONS
GIG IA Initial Capabilities Document
GIG IA Architecture v 1.1
NCOE Joint Integrating Concept
13Transition Strategy Increment 1 Development
Methodology
IA Operational Capabilities
Assured Information Sharing (1-4)
Integrity/ Non-Repud (5-6)
Highly Available Enterprise (7-9)
Confidentiality (10)
Defend The GIG (11-14)
Assured Mission Mgmt (15)
ICD Vision
ICD Vision
ICD Vision
ICD Vision
ICD Vision
ICD Vision
Increment 1
Increment 1
Increment 1
Increment 1
Increment 1
Increment 1
14Phased Transition With increasing Levels of
Functionality, Robustness, and Integration
15Increment 1 Information Sharing Environment and
Assumptions
- Traditional system-high Type 1 protection
mechanisms provide the primary protections for
information - Multiple system high environments seamlessly
interconnected to improve discovery,
collaboration and information sharing among DoD,
IC, DHS, and close allies - Improved, fine grained access control mechanisms
allow richer set of information to be safely
posted/accessed across the collection of system
high environments - Labeling of information at the service level
some at the object level - Leverages DoD-PKI and Service Oriented
Architecture technology - Dynamic COIs within and across organizational
boundaries enables controlled sharing within the
system high environment - Supports US only, releasable, bi-lateral, and COI
specific information - Privately held (organization specific) data will
evolve to COI-restricted data - Set of partners fairly well and fairly evenly
trusted allowing use of largely COTS technology
within system-high perimeter - Focus is on deploying capability aimed at
preventing inadvertent disclosure
16Increment 1 Federated Environment DoD Example
DoD Secret Environment
US
LandWarNet (Army)
ForceNet (Navy)
Ally or Non-DoD
Partner
SIPRNet Infrastructure
C2Constellation (Air Force)
DoD Agency Networks
17IA Enterprise Architecture and Systems
Engineering Key Deliverables
- IA Component of the GIG Integrated Architecture
- Increment 1
- Version 1.1 (Draft) April 2006
- Version 1.1 (Final) September 2006
- Increment 2
- Version 2.0 (IA Strategy Only Initial Draft)
July 2006 - Version 2.0 (Initial Draft) 6 months after
approval of the Version 2.0 IA Strategy - Enterprise IA System Engineering
Analysis/Recommendations - Increment 1
- Initial Draft (V.3) September 2006
- Final (V1.1) TBD dependent on available funding
- Net-Centric IA Strategy
- Initial Draft December 2005
- Final April 2006
Executive Summary, Version 1.1, and supporting
analysis documents are available on the DoD
Portal https//gesportal.dod.mil/sites/gigia
18Summary
- GIG will be a high priority target and will be
constantly threatened from a variety of
adversaries - Must be able to sustain operations during attacks
- GIG is most complex enterprise in the world.
Varying trust of users and systems and varying
sensitivity of information make for a significant
IA challenge - IA must evolve from system-high perimeter
protection to a dynamic, transactional
Enterprise IA protection model - Changing IA solution strategy
- Shift from IA point solutions to IA functionality
in every IT component - Integrated-in vs.
Bolted-on IA - Government National Security Community and
Industry must partner to raise the bar for IA - Industry likely to deliver much of the required
IA functionality however, IA robustness is not
sufficient without Government leadership and
standards - GIG IA Enterprise Protection Strategy broadly
applicable to the IC and DHS - Common IA strategy across the National Security
Community is required to achieve desired
information sharing, collaboration,
infrastructure availability and mission
effectiveness
19- Enterprise IA Architecture and Systems
Engineering Office - National Security Agency
- (410) 854-7069
- DoD Portal https//gesportal.dod.mil/sites/gigia