Joint Cross Domain EXchange (JCDX): Integrating Multilevel .

2y ago
68 Views
2 Downloads
403.89 KB
18 Pages
Last View : 3m ago
Last Download : 2m ago
Upload by : Cannon Runnels
Transcription

Joint Cross Domain eXchange (JCDX):Integrating Multilevel Command and Control into a Service OrientedArchitecture to Provide Cross Domain CapabilityAn Accredited Approachto Cross Domain Information SharingPresented By:Christopher J RaneySSC San Diego

Multi-Level Secure (MLS)UNCLASSIFIED MLS labels every file at the appropriate security level Labeled files are only accessible to users with the propersecurity clearance The labeled files arecompared to the user’scredentials and properaccess is only given totheir appropriate levelCMW:Compartmented Mode Workstation. Thecore operating system of an MLS system.UNCLASSIFIED

Multiple Security Levels (MSL)ChallengesUNCLASSIFIED Multiple Security Levels (MSL) A conglomeration of single-level workstations/servers used to provideinformation for analysis. Information is passed between the two systems utilizing security guards,which strips off valuable intelligence data from remarks lines. With an MLS solution such asJCDX, only a single system requiresmanagement. MSL environmentsrequire at a minimum, a separatesystem per security level.MSL should not be confused with MLS:Multiple Security Levels are limited to separateapplication displays and downgrading ofinformation can result in loss of valuable data.UNCLASSIFIED

What is JCDX today?UNCLASSIFIED A certified, operational, multi-level secure (MLS), PL4, allsource data management, display, fusion processing andnear real-time dissemination capable system JCDX labels incoming data (tracks / messages / otherproducts) from multiple sources / classification levels,manages that data (correlation, manipulation) and transmitsdata out to multiple sources at multiple classification levelsExternal Data InputsManual SSIFIEDMultilevelLabeledDatabases&ProcessingLegacy LegacySerialInterfacesInterfacesNetwork ANetwork BNetwork C

Cross Domain Solution ArchitecturesUNCLASSIFIEDGeneric ArchitecturesTodayHIGHDataJCDX pre SOAHigh-Side NetworkHigh COP“Other”DataGENSYNCHNetwork GuardSYNCHRONIZATION TOOLLOWDataDataSanitizerMLS rrelationLow-Side Network“Other”DataSingleCOP“Other” NetworkLOWLOWCOPLOWDataTrue MLS workstations“Other”DataMultiple Security Levels (MSL)Multi-Level Security (MLS)No guard; security is inherent within the systemUNCLASSIFIED

JCDX Architecture with SOA ExtensionsUNCLASSIFIEDNo guard; security is inherent within the systemJCDX MLSServerCDSServicesClients on different WANS:High SideWeb ServiceGatewayQuery message and intelproduct archiveProfile message and intelproduct archive for updatesPost data for collaborationbetween security domainsLow SideWeb ServiceGatewayReceive tracks for displayCOALITION WANsCoalitionNATOWeb ApplicationServerServerUNCLASSIFIEDPROS: Clients only access content releasable totheir domain (Mandatory Access Control) Data producers only need to “Post Once”for data to be available to all applicabledomains No unnecessary data loss fromsanitizers

SOA ArchitectureUNCLASSIFIEDFederatedSearchAppsWeb ProviderAdjudicationServerMLSStoreTrusted O/SServicesJCDXUNCLASSIFIED

JCDX Web ServicesUNCLASSIFIED Classification Policy Decision Service(cPDS)– provides other systems with methods forhandling labeled data such as labelcomparison Federated Search Provider– allows users and applications to search multilevel data stores from single level networksand provides a “read down” capability to alllower level domainsUNCLASSIFIED

cPDS clearance based authenticationUNCLASSIFIED Current NCES Security Services only implements rolebased access control First attempt to authorize the user via NCES RBAC, andthen attempt to authorize the user’s clearance via JCDXcPDSUNCLASSIFIED

Other cPDS methodsUNCLASSIFIED isValid: takes a classification and returns whether the classification is validgetRelationship: takes two arguments, a Subject Clearance and an ObjectClassification and returns the relationship. The relationship can be one ofthe following: Subject Strictly Dominates, Equal, Object Strictly Dominates,and IncomparablegetAggregateClassifcation: takes a list of classifications and produces aclassification that is the ‘sum’ of the arguments. (e.g.getAggregateClassification ‘SECRET REL GBR’ ‘SECRET’‘UNCLASSIFIED’ yields ‘SECRET’).getGroupClearance: takes a list of user clearances and produces a groupclearance. This group clearance is the highest classification that can beread by all of the users in the groupiSReleasableTo: takes a data classification and a list of clearances anddetermines whether the data can be released to all of the users whoseclearances were used as argumentscanReceive: The canReceive method takes a user clearance and a list ofdata classifications and determines whether the user can see all of the datawhose classifications were used as argumentsUNCLASSIFIED

Federated Search ProviderUNCLASSIFIED Allows searching of the JCDX MLS PL4data repository through a Web Service Authenticates the search request viaNCES and cPDS and then returnsmessages at the appropriate classification(including “read-down”)UNCLASSIFIED

Applying JCDX Design Approach to AchieveEnterprise Wide CDS CapabilityUNCLASSIFIEDLEVEL 4 ClientServer - Trusted tterSearchEngineLEVEL 3 ClientMLSLabeledData FormatterTCPSearchEngineCoalition r* Architecture Simplified forIllustrative PurposesPrivilegedProcessLim e

Other Critical Pieces(Future Work)UNCLASSIFIED Trusted EditorTrust ServiceLabeling ServiceAccreditation / Policy ChangesUNCLASSIFIED

Trusted EditorUNCLASSIFIED Content producers need a method toproduce labeled content– Must be able to “trust” the label Unreasonable to expect all users to haveMLS clients– Microsoft Windows has a very low “trust” levelUNCLASSIFIED

Trust ServiceUNCLASSIFIED Transferring labeled data between two systemsmust involve a trusted interaction In non-SOA these trust relationships arestatically defined SOA needs an automated method to determinewhich services on the network are trusted Trust service could be queried to determine thelevel of trust that a given service/system hasUNCLASSIFIED

Labeling ServiceUNCLASSIFIED Must be able to transition unlabeledcontent in to labeled content Labeling service would provide aninterface to allow the submission ofcontent for labeling– assign a security label to the content basedon a pre-defined ruleset– then “sign” the associated label to allow otherservices to verify the given labelUNCLASSIFIED

SummaryUNCLASSIFIED JCDX has begun to bridge the gapbetween traditional MLS systems andSOA and has developed an architecturethat can be applied to other MLS systems JCDX Web Service Gateway’s can beused to extend MLS capabilities to singlelevel clients Extending MLS systems to a SOA enablescoalition operationsUNCLASSIFIED

Points of ContactUNCLASSIFIEDPEO C4IPMW160CDR Wayne Slocum619-524-7511Wayne.slocum@navy.milPEO C4IPMW160 APMMaureen Myer619-553-9748Penney.myer@navy.milPEO C4IPMW160 ChiefEngineerRobert Fish619-553-6406Robert.fish@navy.milJCDX ChiefEngineerPaul Kennedy619-553-9541Paul.kennedy@navy.milJCDX ChiefScientistChris J. Raney619-553-5282raneyc@spawar.navy.milPEO C4I FMSCase ManagerSteve FIED

UNCLASSIFIED UNCLASSIFIED Multi-Level Secure (MLS) MLS labels every file at the appropriate security level Labeled files are only accessible to users with the proper security clearance CMW: Compartmented Mode Workstation. The core operating system of an MLS system. The labeled files are compa

Related Documents:

Listing Exchange Exchange Exchange Exchange); Exchange Exchange listing Exchange Exchange listing. Exchange Exchange. Exchange ExchangeExchange Exchange .

Domain Cheat sheet Domain 1: Security and Risk Management Domain 2: Asset Security Domain 3: Security Architecture and Engineering Domain 4: Communication and Network Security Domain 5: Identity and Access Management (IAM) Domain 6: Security Assessment and Testing Domain 7: Security Operations Domain 8: Software Development Security About the exam:

An Active Directory domain contains all the data for the domain which is stored in the domain database (NTDS.dit) on all Domain Controllers in the domain. Compromise of one Domain Controller and/or the AD database file compromises the domain. The Active Directory forest is the security boundary, not the domain.

cross-domain applications, since a specific domain (e.g., weather forecasting) can be reemployed in another domain (tourism, health, transport, etc.) as depicted in the Figure 1. Figure 1. Reusing domain knowledge to build cross-domain ontology-based applications II. Interlinking domains We describe interoperability issues to interlink these .

Weasler Aftmkt. Weasler APC/Wesco Chainbelt G&G Neapco Rockwell Spicer Cross & Brg U-Joint U-Joint U-Joint U-Joint U-Joint U-Joint U-Joint U-Joint Kit Stock # Series Series Series Series Series Series Series Series 200-0100 1FR 200-0300 3DR 200-0600 6 L6W/6RW 6N

REFERENCE SECTION NORTH AMERICAN COMPONENTS John Deere John Deere Aftmkt. John Deere APC/Wesco Chainbelt G&G Neapco Rockwell Spicer Cross & Brg U-Joint U-Joint U-Joint U-Joint U-Joint U-Joint U-Joint U-Joint Kit Stock # Series Series Series Series Series Series Series Series PM200-0100 1FR PM200-0300 3DR

the create button. Click the edit icon next to the Exchange Gateway. In the Domain box, enter the FQDN or IP Address of your Exchange Server (i.e., exchange.company.com). In the outbound proxy box, enter: sip:exchange.company.com:5060;transport tcp but replace . exchange.company.com with the FQDN or IP Address of your Exchange Server. The example

Grade 2 Home Learning Packet The contents of this packet contains 10 days of activities in paper copy. Students should be completing this packet, along with completing lessons on their math/reading online programs daily. If we surpass the 10 days without school, students should continue using their online math and reading programs for 45 minutes per day per program unless otherwise specified .