1 / 18

NATO Information Assurance

NATO Information Assurance. 5 June 2009. AFCEA TechNet Europe 2009. A NATO view of the application of Information Assurance Techniques. Outline. NC3 Organization NCSA NATO Information Assurance Identity Management. NC3 Organization. NC3 Organisation. SACEUR. NATO C3 Board

Patman
Download Presentation

NATO Information Assurance

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. NATO Information Assurance 5 June 2009 AFCEA TechNet Europe 2009 A NATO view of the application of Information Assurance Techniques

  2. Outline • NC3 Organization • NCSA • NATO Information Assurance • Identity Management

  3. NC3 Organization NC3 Organisation SACEUR NATO C3 Board (NC3 Board) NC3 Reps NATO C3 Agency (NC3A) NATO CIS SERVICES AGENCY (NCSA)

  4. NCSA Mission To ensure the provision of secure end-to-end information exchange services and information processing services required for NATO Consultation, Command and Control, using fielded Communications and Information Systems in the most cost effective manner.

  5. Current NCSA Structure Izmir Sector Mons Sector Ramstein Sector NorfolkSector BrunssumSector Madrid Sector Naples Sector Heidelberg Sector Lisbon Sector Northwood Sector 1 NATO Signal Bn Maastricht 2 NATO Signal Bn Naples NCSA HQ MONS NCISS Latina Total PE: ~ 3300 Deployable

  6. NCSA Areas of Responsibility IC NO CA EN LG LH UK NL. PL GE BE CZ. • Norfolk Sector • Mons Sector • Brunssum Sector (includes CLD-B) • Naples Sector (includes CLD-N) • Northwood Sector • Madrid Sector • Lisbon Sector • Izmir Sector • Heidelberg Sector and Ramstein Sector without assigned AOR Lux. SZ US HU FR RO SI IT BU SP PO TU GR EUFOR KFOR ISAF IRAQ

  7. INFOSEC -> IA • NATO definition • NNEC enabler • Risk management • Strong authentication

  8. SMI Services • Identity management • Credential management • Attribute management • Privilege management • Digital policy mangement

  9. SMI Services • IA configuration management • Crypto key management • IA metadata management • IA audit managment

  10. NATO Identity Management • EAPC(AC/322-SC/5-WG/5)WP(2009)0001 NATO Identity Management (NIdM) • AC/322-D(2005)0044 INFOSEC Technical And Implementation Guidance On Identification and Authentication • AC/322-D(2004)0024REV2 NATO Public Key Infrastructure (NPKI) Certificate Policy (CertP) Rev2

  11. NATO Identity Management • Passwords • Tokens • Biometrics

  12. NPKI • Information sharing • Effects-based approach • Improved decision making • Physical access control

  13. NPKI Today • Office Communication Suite (OCS) • NATO Restricted (NR) network • NEKMS

  14. NATO Information Assurance • Email Content Checking • Mail guards • OS/applications security settings • Forensic capability • Security event management • IDS • Firewalls • Anti-virus software

  15. IA Threats • Spam • Malware • Web defacements • User indiscretions • Targeted attacks • Classified information leakage • Vulnerabilities exposed by poor maintenance • System privilege abuse

  16. IA Future • Increased capacity • Smarter tools • Centralized management • Consolidated IA picture • Faster reaction

  17. Conclusion • Speed up • Cooperate closely • Do not forget the human factor • Flexibility and mobility

  18. Questions?

More Related