1 / 21

Coalition Network Defence Common Operational Picture

Coalition Network Defence Common Operational Picture. Brno, The Czech Republic 2 – 4 May 200 7. Josef Kaderka University of Defence, Brno The Czech Republic Josef.Kaderka@unob.cz. Agenda. Terms Computer networks role under coalition conditions Some related activities and projects

Download Presentation

Coalition Network Defence Common Operational Picture

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Coalition Network DefenceCommon Operational Picture Brno, The Czech Republic2 – 4May 2007 Josef Kaderka University of Defence, Brno The Czech Republic Josef.Kaderka@unob.cz

  2. Agenda • Terms • Computer networks role under coalition conditions • Some related activities and projects • Today and close future • Conclusion Only non-classified sources were usedandnon-classified information is published

  3. NATO Network Enabled Capability • Information superiority as a matter of successful future coalition operation • Widely accepted idea • … • Everybody talks/works on it • Not only pros, but also cons • Technically, there are similar issues like in business - but we deal with lifes

  4. Common Operational Picture and Situational Awareness • Common Operational Picture (COP) A single identical display of relevant information shared by more than one command. A common operational picture facilitates collaborative planning and assists all echelons to achieve situational awareness. • US Joint Force Common Glossary • Free Dictionary • Wikipedia • Situational Awareness (SA) as a COP result

  5. Computer networks • Vital importance • Coalition interconnecting aspects • Sensitive information sharing • IT asymmetry (USA, …, the rest) • De facto partial infrastructure sharing • Firewalls, IDSs, Safeguard etc. • Computer networks as a battlefield • Need to be defended - on the coalition level

  6. Cyberbattle specifics/possibilities • No line of contact • No safe distance as a security guarantee • No relation with unit geographical deployment • Correct recognitionof real attack (false positive/negative) • Extremely rapid attack expansion even from the depth • Massive concurrent and selective attack against discovered vulnerabilities • All this in the coalition environment !

  7. Forces and Networks • Operational Capability Requirements equal to the IT services • „Force“ commander should • Understand the new threats • Consider proactive measures, ... • „Network“ Commander should • Understand the force commander intention, ... • Many new specific duties • Both should share the same approach

  8. Some related activities and projects • NATO Multilateral Interoperability Program (MIP) • The Technical Cooperation Program (TTCP) • Aus, Ca, NZ, UK, US, (five eyes nations ) • Combined Enterprise Regional Information Exchange System (CENTRIXS) • Coalition Secure Management and Operations System (COSMOS) • FGAN/FKIE * • Ge • NATO RTO IST ET *) Forschungsgesellschaft für Angewandte NaturwissenschaftenForschungsinstitut für Kommunikation, Informationsverarbeitung und Ergonomie

  9. MIP • Objective to share • Situational Awareness • Plans and Orders • NBC alerts and critical messages • Common Interface Specification • Message Exchange Mechanisms (AdapP-3) • Data Exchange automatic push • Land Command and Control Information Exchange Data Model • Nations’ interface on a secure LAN

  10. CENTRIXS • US-led, multinational information sharing networks • Core collaboration services • E-mail with and without attachments • Web-browser-based data access • File sharing • Secure VoIP • Next extensions • COP (Tactical), CIP (Intelligence) • Near-real-time data access etc.

  11. COSMOS • Preliminary steps • High tactical and operational level coalition information sharing among coalition partners known to each other • Advantage of a well defined and internationally agreed to „information language se“ designed for C2 interoperability • Enforce the discrete dissemination (Protected Sharing) of released information „need to know“ based • Focused toward a single Secret High Releasable to coalition network

  12. FGAN/FKIE • Graph clustering-based anomaly detector • Modified star connected IDS network with central Meta-IDS server • Modifications to hierarchical IDS • Information sanitization while exiting local domain • Data reduction & predefined correlation rules to manage data flow • MITE - MANET Intrusion Detection for Tactical Environments

  13. NATO RTO IST ET 041 • 2005 – 2006 (Ca, Cz, UK, US) • Coalition Network Defence Common Operational Picture (CNet-D COP) (formerly Coalition Information Assurance – CIA – COP) • Technical and political approaches to the problem of developing and demonstrating a coordinated IA posture • Collecting, displaying, fusing, and securely sharing network security-related status data, ..

  14. Today and close future of theCNet-D COP • Models needed (secure information sharing) • Conceptual, Data • Joint C3 Information Exchange Data Model (JC3IEDM) already exists • Advanced national research in Canada • Standardization (in coalition environment) • Computer attack early warning • Attack correlations among partners, ... • IETF Intrusion Detection Message Exchange Format (IDMEF) draft, ...

  15. Example of CNet-D Security Architecture Model (DRDC Ottawa)

  16. Possible CNet-D COP architecture (DRDC Ottawa)

  17. What to discuss/do • Security architecture • Single/common view of coalition networks security status • ... • Impact Assessment [tools] • ... • Practical realization, testing ...

  18. Some ET 041 results • The Research Task Group (RTG) proposal agreed • Sent to appropriate body • Items to solve specification • Basic documents prepared • Technical Activity Proposal • Programme of Work (PoW)

  19. Future RTG Work Items • Plan overall activities of the RTG • Agreeing on an underlying set of definitions tobe used for CNet-D SA (Situational Awareness) • Agreeing on the conceptual model for CNet-D SA • Defining a detailed data model and data specifications • Promote the data model and necessary definitions, etc.

  20. Thank you

More Related