Upload
robert-burns
View
35
Download
2
Tags:
Embed Size (px)
DESCRIPTION
NATO Consultation, Command & Control Board INFOSEC Subcommittee “Protection of Information” SC/4 Perspectives 4 May 2005. Mr. Mark S. Loepker Colonel Enrico Bologna SC/4 Co-Chairmen. NATO UNCLASSIFIED. NOS. Policy. Protecting Information. INFOSEC Subcommittee SC/4. Multiple Bodies. - PowerPoint PPT Presentation
Citation preview
NATO UNCLASSIFIED
NATO Consultation, Command & Control BoardINFOSEC Subcommittee
“Protection of Information”SC/4 Perspectives
4 May 2005
Mr. Mark S. LoepkerColonel Enrico Bologna
SC/4 Co-Chairmen
NATO UNCLASSIFIED 2
NATO
C3Staff/IB
ProtectingInformation
ProtectingInformation
INFOSEC
Subcommittee
SC/4
NOS
MultipleBodies
NATO UNCLASSIFIED 3
NATO
C3Staff/IB Overview
• INFOSEC Subcommittee - SC/4
• Role of SC/4
• Achievements & Activities
• Areas of Interest
NATO UNCLASSIFIED 4
NATO
C3Staff/IB Mission Statement
The primary mission of the INFOSEC SC is to support the NATO C3 Board (NC3B) in achieving the fundamental security objectives of confidentiality, integrity and availability in relation to NATO information stored, processed or transmitted in C3 systems and, as appropriate, in relation to the supporting C3 systems infrastructure. The INFOSEC SC also supports the Military Committee (MC) and the NATO Security Committee (NSC) by responding on urgent matters of an operational or a security policy nature.
NATO UNCLASSIFIED 5
NATO
C3Staff/IB SC/4 Composition
• 26 Member National Representatives • Strategic Commands & Agencies:
– Supreme Headquarters Allied Powers Europe (SHAPE) / ACO – Supreme Allied Command Transformation (SACT)– NATO Office of Security (NOS)– NATO CIS Support Agency (NCSA)– NATO C3 Agency (NC3A)– NATO ACCS Management Agency (NACMA)– SECAN, DACAN, EUSEC, EUDAC
• Secretariat: – Co-Chairmen (Staff and Nationally Elected)– Secretary
NATO UNCLASSIFIED 6
NATO
C3Staff/IB
SECANMilitary Committee Communications and Information Systems Security and Evaluation Agency - US Staffed and Operated
EUSECMilitary Committee European Communications Security and Evaluation Agency - UK Staffed and Operated
DACANMilitary Committee Distribution and Accounting AgencyUS Staffed and Operated
EUDACMilitary Committee European Distribution and Accounting AgencyUK Staffed and Operated
The Agencies
NATO UNCLASSIFIED 7
NATO
C3Staff/IB
NAC
NATO SECURITY COMMITTEE
NATO C3 BOARDMILITARY
COMMITTEE
SC/8Naviga-
tion
PROVIDES INFOSEC TECHNICAL AND IMPLEMENTATION DIRECTIVES AND GUIDANCE
SC/4INFOSEC
SC/2Inter-
operability
SC/3Frequency
Management
SC/5Information
Systems
SC/6Communications
Network
SC/7Identi-fication
WG/1ADP SECURITY
SC/1Joint Requirements
and Concepts
Relationships
NATO UNCLASSIFIED 8
NATO
C3Staff/IB Relationships
RequirementsSACT
SHAPE / ACOSC/4
INFOSEC
NATO C3 BOARDMILITARY
COMMITTEE
SECAN
DACAN
EUSEC
EUDAC
NC3A
NCSA
NACMA
Provides technical support, as needed
NATO UNCLASSIFIED 9
NATO
C3Staff/IB
Ad Hoc Working Groups
INFOSEC SCAC/322 (SC/4)
INFOSEC SCAC/322 (SC/4)
INTERCONNECTION OFNETWORKS(ICN)AHWG/4
Chairman: Mr. Jim OBALSec: Cdr. Bernd FÜSER
INTERCONNECTION OFNETWORKS(ICN)AHWG/4
Chairman: Mr. Jim OBALSec: Cdr. Bernd FÜSER
SCIP AHWG/6Chairman: Antony MARTIN
Sec: Maj. Fred JORDAN
SCIP AHWG/6Chairman: Antony MARTIN
Sec: Maj. Fred JORDAN
COMMON CRITERIAAHWG/10
Chairman: Mr. David MARTINSec: LTC Mike RICHARDSON
COMMON CRITERIAAHWG/10
Chairman: Mr. David MARTINSec: LTC Mike RICHARDSON
NATO/NON-NATO CO-OPERATION AHWG/11
Chairman: Cdr. Bernd FÜSER
NATO/NON-NATO CO-OPERATION AHWG/11
Chairman: Cdr. Bernd FÜSER
Staff co-ChairmanCol. Enrico BOLOGNA
National co-ChairmanMr. Mark Loepker
INFOSEC ARCHITECTURES
AHWG/13Chairman: CDR Wolfgang KÖHLER
Sec: Maj. Giordano EUSEPI
INFOSEC ARCHITECTURES
AHWG/13Chairman: CDR Wolfgang KÖHLER
Sec: Maj. Giordano EUSEPI
CRYPTOGRAPHICDOCUMENTATION
AHWG/14Chairman: Mrs. Debby WALLNER
Sec: Maj. Giordano EUSEPI
CRYPTOGRAPHICDOCUMENTATION
AHWG/14Chairman: Mrs. Debby WALLNER
Sec: Maj. Giordano EUSEPI
TECHNICAL INFOSECDOCUMENTATION
AHWG/15Chairman: Mr. Kjell W. BERGAN
Sec: LTC Mike Richardson
TECHNICAL INFOSECDOCUMENTATION
AHWG/15Chairman: Mr. Kjell W. BERGAN
Sec: LTC Mike Richardson
ISDN AHWG/3Dormant
Chairman: VACANT
ISDN AHWG/3Dormant
Chairman: VACANT
LTC Mike RichardsonSecretary:
CRYPTOGRAPHIC MODERNISATION AHWG/16
Chairman: LTC Robert LOGSDONSec: Col Enrico BOLOGNA
CRYPTOGRAPHIC MODERNISATION AHWG/16
Chairman: LTC Robert LOGSDONSec: Col Enrico BOLOGNA
NATO UNCLASSIFIED 10
NATO
C3Staff/IB Role of SC/4
• Develop Technical and Implementation Directives and Guidance Based on Security Policy
• Assist in Identification and Formulation of INFOSEC Requirements
• Promote Interoperability Between NATO and NATO Nations, Non-NATO Nations and International Organizations
NATO UNCLASSIFIED 11
NATO
C3Staff/IB Role of SC/4 (Continued)
• Recommend Improvements to Operations, Materials, and Facilities
• Contribute to the Identification of Vulnerabilities
• Provide a Forum for Exchange of Information and Ideas
NATO UNCLASSIFIED 12
NATO
C3Staff/IB Role of SC/4 (Continued)
• Maintain Technological Awareness of Developments That May Affect Security
• Advise the NATO Security Council on Implications for NATO Security Policy
• Monitor and Assess the INFOSEC Projects Within the NC3A
NATO UNCLASSIFIED 13
NATO
C3Staff/IB 2004 Achievements
• Requirement for, Selection, Approval and Implementation of, Security Tools
• Electronic Labelling of NATO Information
• Consistent Marking of NATO Information in C3 Systems
• Intrusion Detection • Support of PKI Cryptographic Aspects
NATO UNCLASSIFIED 14
NATO
C3Staff/IB 2004 Achievements (Continued)
• Education and Training Requirements for INFOSEC Personnel
• Criteria for NNN Structures, Rules and Procedures
• Strategy on Non-NATO Cryptographic Confidentiality Issues – Implementation Plan
• INFOSEC Course for NNN and IO• NATO Public Key Infrastructure Reference
Architecture
NATO UNCLASSIFIED 15
NATO
C3Staff/IB 2005 Planned Activities
• Cryptographic Security and Cryptographic Mechanisms
• Protecting NATO Information Over the Internet
• Network Centric Environment• Guidance on Common Criteria• Technical Characteristics for Primary
Rate Interface
NATO UNCLASSIFIED 16
NATO
C3Staff/IB2005 Planned Activities
(Continued)
• Secure Communications Interoperability Protocol
• Comprehensive Cryptographic Modernisation Roadmap
• INFOSEC Training and Awareness Programme
• Plenary Session in EAPC Format • INFOSEC Day with Industry
NATO UNCLASSIFIED 17
NATO
C3Staff/IB
NATO UNCLASSIFIED 18
NATO
C3Staff/IBINFOSEC Capability
Package
• Reference Architectures
• Strategic Commands Input
• Statement of Requirements
• Provides Nations Insight for INFOSEC Product Development
NATO UNCLASSIFIED 19
NATO
C3Staff/IBCrypto Selection and
Procurement
• CSP Task Force– IS, IMS, Nations, SC, Agencies– Agreed That Synchronisation Will Reduce
Procurement Delay
• NICE & NSIE Initial Review– Separate Serial Processes - Caused
Delays– Change to Integrated Parallel Approach
NATO UNCLASSIFIED 20
NATO
C3Staff/IBCyber Defence and
NCIRC
• Central Capability
• Incident Handling and Reporting
• Establish Links With National CIRCs
• NATO Computer Incident Response Capability (NCIRC) IOC Declared on 16 Dec 04
• IDS 17 Sites/2 Sensors Each by End 05
NATO UNCLASSIFIED 21
NATO
C3Staff/IBNATO Public Key
Infrastructure
• Governed by NATO PKI Management Authority (NPMA)
• Ensure Interoperability Across NATO, NATO Nations and its Partners
• Provides Identification, Authenticity and Integrity
• Provides Protection of NATO Information up to NATO Restricted
• Must have Public Key Enabled Applications
NATO UNCLASSIFIED 22
NATO
C3Staff/IBNATO Network Enabled
Capability (NNEC)
• Support to Political and Military
• Strategic Framework – Late 2005
• INFOSEC Aspects– Operational Requirements– Security Policy– Network Interconnections– Risk Management
NATO UNCLASSIFIED 23
NATO
C3Staff/IB Road Map
• NOS Developed– Support NSC and NC3B
• Web based collection of NATO Security Policies, Directives, and Guidance for the protection of NATO Information on Communication and Information Systems (CIS)
• In Final Development
NATO UNCLASSIFIED 24
NATO
C3Staff/IB Summary
• Protecting Information is Complex
• Policy, Directives, Guidance and Oversight Provide Common Agreed Methods for Protection
• Collaborative Process Between NATO Bodies and NATO Nations
• Requires Constance Vigilance