Deborah L. Farroha

Cyber security components for pervasive Enterprise Security Management and the virtualization aspects

This research addresses Enterprise Security Management (ESM) as the enabling component of building reliable, secure and interoperable enterprise components that allows users of various needs and trusts to access required information. The ESM functions are broken down into constituent parts and analyzed in terms of components and architecture. To make this research relevant to a wider audience and to include the latest approaches, we examine virtualization and cloud computing to understand the affects of these enterprise building methodologies on the security of multi-level security information residing within the enterprise either locally or through a Cross Domain system.

Challenges and alternatives in building a Secure Information Sharing Environment through a community-driven Cross Domain infrastructure

The challenges of building a Secure Information Sharing Environment are based on increased need to share data across agencies and security domains. The need has grown to also include sharing secure data with allied and coalition forces while protecting specific key parts of the information due to legal and ethical issues. There is an increasing need to automate the process where data is sanitized and shared in a seamless manner to empower our warfighters and commercial entities to increase the security and enhance services to the community. The obstacle is that information is generally stored flat files in multiple security domains and there are laws that prohibits sharing the whole data, but allows access to the majority of items. The task of architecting systems that enables Cross Domain (CD) capabilities is a significant undertaking that requires an understanding of data systems, technologies, governance, and cultures. The UCDMO is charged with analyzing the DoD/IC community needs, the current technologies and the future technologies that are at various phases of development to facilitate Assured Information Sharing (AIS) goals. The long term goal is to build a SOA based Enterprise that enables the community to use the diverse resources across various domains to deliver the information to the intended destination.

A Framework for Managing Mission Needs, Compliance, and Trust in the DevOps Environment

The expanding pace of business competitiveness and increasing demand velocity for developing and deploying updated Operational and Security capabilities has created an environment where development and operations needed to work even closer together. The need was further enhanced due to the fact that all capabilities are being developed in a shared platform with no formal requirement processes, and no analysis of the overall enterprise capabilities and architecture. On the surface, the process lacks the usual discipline that most engineers are used to, but operationally it has the potential of bringing capabilities to operations at a quicker rate. The goal of providing continuously updated services should make sure that the overall enterprise performance and security posture are not compromised while the quick turnaround capability deployment is achieved. The proposed framework focuses on ensuring the continuity of strategic posturing while allowing maximum flexibility to tactical enhancements to meet emerging demands.

Enabling net-centricity through cross domain information sharing

This paper presents the approach to accommodate the secure information sharing initiative via the development of the community enterprise architectures. The effort was initiated by the DoD CIO and the DNI CIO where they jointly established the Unified Cross Domain Office (UCDMO) to develop a roadmap for the community and facilitate the development of a Cross Domain vision that includes all the stakeholders and their stated mission. The UCDMO took the lead in working with the different commands and agencies to collect the needs and summarize them into 31 main needs. The most important capabilities that have the highest impact to the community were then determined. Ultimately, the overall mission needs led the UCDMO to determine the need to develop a Secure Information Sharing Environment that can accommodate real-time information access and transfer between different agencies. It was concluded that an enterprise architecture that is based on SOA principles is best suited to achieve this mission.

Agile development for system of systems: Cyber security integration into information repositories architecture

In order to meet the mission needs of today and keep up with the pace of technological advances, adapting the Enterprise Systems Engineering (ESE) process in a time constrained mission-centric environment is critical to leverage the efficient delivery of new capabilities in a Net Centric environment. Agility (contemporary) versus rigidity (traditional) are approaches that have their trade-offs but to meet the demands and needs of our war-fighters, we must have an ESE process that allows us to deliver quality capabilities to the tactical edge. Governance plays a significant role and testing services needs to be addressed different from the traditional T&E of stovepiped systems. The traditional approach of building systems to deliver a specific function is being changed to an approach of architecting services. ESE utilizes defined processes that use managerial and technical tools to analyze problems and provide structure to the overall process of planning, procuring, designing, implementing and testing an enterprise system. Adding agility and assurance to the traditional and ESE is the process by which we build quality into complex systems while delivering functionality and security of contents in a manageable timeframe and stay flexible to meet emerging requirements. This study is based on architecting the GIG which is the ultimate complex system. Utilizing the DoDs framework to facilitate information sharing; which starts with data discovery and access, we analyzed several concepts to achieve agility and higher level of security in Information Sharing Systems. The concept of the GIG also ensures that systems are not only robust but also incorporate the flexibility needed to satisfy needs that evolve during the systems life.

An investigative analysis into security in the clouds and the impact of virtualization on the security architecture

The new trend to increasing efficiency in Information Systems (IS) investments is to migrate data processing and storage to external service-centers and vendors that provide a commodity computing platforms that are called Cloud Computing. The approach advocates minimizing the local capabilities to utilize thin clients while providing data manipulation and/or storage services by the service provider over time-shared resources. The concept is not new, however the implementation approach presents a strategic shift in the way organizations provision and manage their IT resources. The systems that process and fuse such data would have to be capable of classifying the resulting information and clearing the computing resources prior to allowing new application to be executed. Processing various levels of sensitive information and fusing results might require the development of a multi-level security system that can send the output to a protected network and systems in order not to have data spill or contaminated resources. The paper discusses these security requirements and potential impact on the cloud architecture. Additionally, the paper discusses the unexpected advantages of the cloud framework providing a sophisticated environment for information sharing and data mining. Finally, the paper introduces emerging issues that need to be addressed including providence, data tagging, and governance.

A novel approach to implementing digital policy management as an enabler for a dynamic secure information sharing in a cloud environment

The traditional way of approaching the management and enforcement of information systems Policy in enterprise environments is to manually translate laws and regulations into a form that can be interpreted and enforced by enterprise devices. In other words we create system commands for routers, bridges, and firewalls to force data transfers and system access to comply with the current policies and approved rules in order to control access and protect private, sensitive, and classified information. As operational needs and threat levels change, the rules are modified to accommodate the required response. It then falls on System Administrators to manually change the configuration of the devices they manage to adapt their operations accordingly. As our user communities continue to rely more heavily on mission information, and the enterprise systems and networks that provide it, our enterprise needs to progress to more automated techniques that enable authorized managers to dynamically update and manage policies in digital formats. Automated management of access rules that control privileges for accessing secure information and enterprise resources, enabled by Digital Policy and other Enterprise Security Management (ESM) capabilities provides the means for system administrators to dynamically respond to changing user needs, threat postures and other environmental factors. With the increased popularity of virtual environments and advent of cloud enterprise services, IA management concepts need to be reexamined. Traditional ESM solutions may be subjected to new classes of threats as physical control of the assets that implement those services are relinquished to virtual environments. Additional operational factors such as invoking critical processing, controlling access to information during processing, ensuring adequate protection of transactions within virtual environments and executing ESM provisions are also affected. The paper describes the relationships among relevant ESM enterprise services as they impact the ability to share and protect enterprise information. Central to this is the ability to adopt and manage digital policies within the enterprise environment. It describes the management functions that have to be supported, and the challenges that have to be addressed to ensure an effective implementation. Since the adoption of cloud services is becoming an important consideration for the evolution of enterprise architectures, the paper also explores the implications of shifting from traditional to virtual enterprise environments.

IA consideration of Assured Services in a transformational network centric environment

This paper will examine IA issues for the Global Information Grid (GIG) Assured Services (AS) requirements as they relate to the converged services for the warfighting community. Director of Central Intelligence Directive 6/3 (DCID 6/3) Protecting sensitive compartmented information within information systems plays an important role in defining protection levels of systems and ties directly to getting the right information in the right place at the right time to the warfighter. The assured services requirements stem from the need to utilize scarce resources within the GIG at critical times in the most effective way in support of national security, the intelligence community and the war-fighter. Information assurance (IA) enables all information and data to be available end-to-end to support any mission without delay in accordance to the sensitivity of the task. Together, AS and IA ensure data availability integrity, authentication, confidentiality, and non-repudiation. We will start with deriving the AS requirements based on DoD publically published artifacts, then provide our analysis of the IA concerns. This becomes increasingly important as more of the services are converged to IP based services. The security aspects need to consider both boundary protection and content encryption to ensure that multilevel security is accommodated and external intruders are deterred.

An agile enabler framework: Architecting services in the clouds

The new operational environment is exemplified by continuously shifting mission requirements that challenges our Information Systems to dynamically add functionality, increase throughput and overcome threats to deliver new capabilities, quicker, with less cost, and more accuracy. It is essential that we engineer a flexible design and follow an agile development process to keep up with these rapid changes. Security considerations should continue to be architected in the initial system capability and implemented in an agile environment to ensure security of the environment, protection of contents, control resources and authentication of users are accomplished in the new Information Technology systems. Todays systems are being tasked to ingest process and analyze dramatically different, high volume data sets than they were originally designed to handle while they have to interact with multiple new systems that were unaccounted for at design time. Agile development of modular systems based on commercial standards has proven to be the best way to achieve these dynamic requirements and continuously meet the ever-changing security threats and providing the required service levels.

Development of an integrated security framework to enable the control and security of a heterogeneous enterprise

This paper presents an analytical investigation of the security characteristics that enable the enterprise to protect and defend itself from internal and external threats. The goal here is to develop an overarching framework that is geared towards incrementally building capabilities into the existing infrastructure through the development of security related services. The protection of data, infrastructure and user identities is at the heart of the framework where broader protection categories are further broken down into services that can be deployed individually and interact with each other to provide better services to the enterprise.