S.ICZ
description
Transcript of S.ICZ
S.ICZ
Frantisek [email protected]
The enforcement of NATO INFOSEC requirements
into the policy and architecture of CISs
CATE 2003Brno, 28.-30. April 2003
2
1. The objectives
To sum up the breaches that have caused that some Czech government CISs have not reached the required functionality and failed their certification process.
General INFOSEC requirements of:- Czech Act No 148/1998, and- revised NATO Security Policy.
Possible „Target CIS INFOSEC architecture“ and migration steps.
3
2. The limitations of this presentation
The content of this article is unclassified and limited by quite weak access of a civil firm (even with industrial security clearance) to the whole suite of NATO Security Policy documents.
4
3. NATO INFOSEC Policy within the national conditions
sets out the policy and minimum standards for the protection of NATO classified information, supporting system services, and resources;
addresses:- the activities in system life cycle,- security principles,- INFOSEC responsibilities, and- system interconnection requirements.
5
continuation
NATO INFOSEC policy is: mandatory whenever the NATO CIS or its
node is deployed within national conditions,
recommended and very useful in many other cases within national CISs.
NATO INFOSEC policy and the documents on INFOSEC Architecture contributes to compatibility and interoperability.
6
continuation
NATO INFOSEC policy is applicable to MoD, MFA and other organizations, whose CISs should be connected to a CIS of the European Union.
The Security Arrangements: All NATO classified information that is released
to WEU is for official use only. It will be disseminated to individuals in WEU on a Need-To-Know basis;
WEU security regulations are based on NATO regulations;
NATO Unclassified information is only for official use and should be appropriately protected.
7
4. Current state of CISs within the CZ gov. organizations Some government organizations currently
have a large deployed base of problem-oriented CISs: designed to different standards and
are not interoperable, information protection at its specific
classification level, use of different confidentiality algorithms.
The need to develop an integrated CIS of the entire organization has arisen.
8
5. Problems of integration
Diversity of CISs leads to difficulty in systems integration:
Broad diversity of technology; Multiplicity of databases, mail and other
common services; High project investment needs and their
low efficiency; High operation and maintenance;
requirements, lack of IT specialists; High requirements on communication
infrastructure;
9
continuation
… difficulty in systems integration: Failure to meet user requirements on the
operability and information availability from a single workstation;
Failure to meet security requirements necessary for issue of “Approval to Operate” classified information (the certificate);
Inability to fulfil security requirements simultaneously in all sites leads to operation limited to unclassified information;
“Approval to Operate” limited at one or several sites also causes failure to meet operational requirements.
10
LANVLAN
Workstation
Workstation
Workstation
Policy A:Classification: RestrictedMode of operation: DedicatedStandards: X, local net
LANVLAN
Policy B:Classification: RestrictedMode of operation: System HighStandards: Y, local net
LANVLAN
Policy C:Classification: UnclassifiedMode of operation: NoneStandards: Z, distributed
Policy DStandalone WS
User
Higher classification level ???Internet ???
Multiple managements, policies and standards
Complicated communication infrastructure and security
Private WANAccessRouter
The user access fails from one computer
11
6. Way to integrate …
The analysis and design of the INFOSEC Architecture of the Target CIS Core Services; Functional Applications.
Projection of a Migration Plan Definition of the Community Security
Requirement Statement (CSRS); Migration of CISs into the common
network of the future “Target CIS“; Smooth migration IT to common
standards.
12
LAN / VLANs / Domains
Standards: X Standards: Y Standards: Z
User
Policy:Classification: Restricted
Mode of operation: System High
IP-Crypto WANAccessRouter
Centralized management, CSRS based policies, multiple standards
Common communication infrastructure and environment
The CISs integrated within the frame of CSRS
13
The IT integrated within the common standards
Policy:Classification: RestrictedMode of operation: System High
User
Core Services
SERVICES
Appl1
Appl2
Appl3
IP-Crypto
WANAccessRouter
Centralized management, unified policy or CSRS based policies
Common standards, core services, communication infrastructure and environment
14
7. Policy, classification level, and security mode of operation
Requirements: Operational requirements; Classified information of different levels.
Limitations Commercial Off-The-Shelf (COTS) IT; Security environment (physical, personnel); Security mode of operation; Need-to-know and other security principles.
15
The CISs integrated within the frame of CSRS
CONFIDENTIALCIS
DMZ
SECRETCIS
Mission Remote WSs
SECRETCIS
SECRETCIS
Government Organization Other Government OrganizationNATO / EU organization
RestrictedCIS
RestrictedCIS
One way Flow?
RestrictedCIS
PublicINTERNET
Private Intranetwith domain for
Unclassified
One way Flow?
One way Flow?Public Domain
DMZDMZ
DMZDMZ
DMZ
PrivateUnclassified
SecurityAgreement
SecurityAgreement
SecurityAgreement
16
9. ConclusionsCZ CISs that handle classified information: have to invoke minimum security
requirement of Czech Act No 148/1998; should follow NATO Security Policy
Directives and NATO INFOSEC Architecture to implement the detailed: security principles and minimum standards, life cycle requirements, risk evaluation and vulnerability reports, risk management procedures, security operational procedures, etc.