You are here

Mission and Information Assurance through Cyber Atomics

Description:

TECHNOLOGY AREA(S): Info Systems 

OBJECTIVE: Develop a cyber assurance system that expands the reach of information management and control to the network, and processes operations in an atomic manner to secure operations from harm and manipulation. 

DESCRIPTION: DoD Cyber Situational Awareness (CSA) involves the knowledge and understanding of the resident cyber assets and operations taking place, with an emphasis on leveraging this knowledge to protect ongoing mission operations and defend critical assets. Unfortunately, the emergence of future forms of cyber attack, network manipulation, and other infrastructure flaws are inevitable. Currently, the state of practice for mission plans, operations, and post-process evaluations of mission decisions are rigorous and stringent because the level of control can mitigate the risk of non-critical, unplanned, or blacklisted operations from occurring. The reason this has not became common practice for cyber operations is because the same degree of understanding, control, and atomicity of operations is at a finer-grained and more complex Informational, software, and hardware level. Applying transaction-based operations for network and cyber control is a common sense next step for operational control. If network transactions are not performing actions in support of past, current, or future missions, then what are they doing on the network in the first place? In the operational world of mission processes and decisions it is rare or impossible to go off the cuff and simply trigger unplanned, unscoped, random, or unbounded missions or mission essential function (MEF) flows, however, in the cyber/software world, after accreditation, there is a lack of management and control for what can be run, and when. Mission operations have begun to expand into similar transactional levels of control and atomic execution by preventing certain operations without planning, support or resource assets, but cyber operational support is lacking the same breadth and reach of internal capabilities. Just as operational situations are ever evolving, but maintain adaptive command and control for plans, active execution support, and post-mission lessons learned, approaches that could increase the cyber control and mitigation of threats could result in robust technologies that prevent attacks, network clogging, and other manipulative or man-in-the-middle techniques that put operations at risk. Just as banking, TCP, and other critical infrastructures and communications standards enforce protocols guaranteeing delivery and proper transactional control, there are similar advantages to leveraging the approaches within the realm of cyber operations, processes, and transactional controls. Developing such capabilities requires addressing several challenges, including: -Mapping network operations to higher level approved processes and infrastructure support for approved, ongoing missions. -Expanding the reach of information management controls to a more find-grained comprehension of on-the-wire communications. -Metrics and atomic transactional controls that administer cyber assets and tasking in and end-to-end manner. The expected results of this effort include enhanced mission assurance, and strategies and approaches that successfully implement cyber command and control through a transaction-based, atomic, and white-listing paradigm for approved mission operations only. This minimizes the burden of software and network operations that consumer mission resources, and provide the foundation for enterprise-level management tools that gain both better control and awareness of past, present, and future operations. 

PHASE I: Design a prototype system that develops cyber command and control features spanning from mission and operational support down to individual network packets and communication streams, approving or disallowing communications dependent on their protocols, intent, and true operational value. The administration and cyber controls should be developed with the above objective in mind. 

PHASE II: Development of a prototype system that implements the Phase I design, expands across multiple networks and devices utilizing transactional, atomic controls, and demonstrates/validates the prototypes performance using representative mission and network data. 

PHASE III: The resulting system will support the protection of networks and cyber assets agnostic of their military or commercial applications. 

REFERENCES: 

1. Lehr, William (2013). Cyber Policy and Economic in an Internet Age. Springer Science and Business Media.

2. Singhai, Anoop (2207). Data Warehousing and Data Mining Techniques for Cyber Security.

3. Zimmerman, Carson (2014). Ten Strategies of a World-Class Cybersecurity Operations Center. MITRE Corporation.

 

KEYWORDS: Situational Awareness, Mission Awareness, Cyber Command And Control, Information Management, Atomic, Mission Assurance 

US Flag An Official Website of the United States Government