Raytheon and NGA Transformation
Upcoming SlideShare
Loading in...5
×
 

Raytheon and NGA Transformation

on

  • 1,727 views

 

Statistics

Views

Total Views
1,727
Views on SlideShare
1,727
Embed Views
0

Actions

Likes
0
Downloads
27
Comments
0

0 Embeds 0

No embeds

Accessibility

Categories

Upload Details

Uploaded via as Microsoft PowerPoint

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment
  • OSINT DATA – SHOW RAPID INCR IN SIZE, SCOPE, AND DANGER OF CYBER OPS SEE EVOLUTION - INDIVIDUAL SCAMMERS PERFORMING INCONVENIENT ACTS (PART OF THE COST OF DOING BUSINESS) => TO TERRORIST GROUPS, ORGANIZED CRIMINAL ORGS AND NATION STATES USING CYBER-OPS AS AN EFFECTIVE AND COSTLY MECHANISM TO ROB BILLIONS FORM INDUSTRY, AND THREATEN NATION STATES AND CRITICAL INFRASTRUCTURE. NOTE - IN 2004, REVENUES FOR CYBER CRIME EXCEEDED DRUG TRAFFICKING. ANOTHER INDICATOR - USE OF BOTNETS (NETWORKS OF PIRATED COMPUTERS FOR SCAMMING, TERRORISM OR ATTACK. [I.E. ESTONIA]). GROWN TO MILLIONS OF COMPUTERS UNKNOWINGLY USED. ONE OF THE MOST INFAMOUS OF THESE IS THE STORM BOTNET . LEASES OUT ITS CAPABILITIES, AND THEY NOW HAVE A COMPETITOR DHS REPORTS THAT THERE WERE 37,258 ATTACKS ON GOVERNMENT AND PRIVATE NETWORKS LAST YEAR, COMPARED WITH 4,095 IN 2005. THE ‘COOL HACKS’ OF 2007 INCLUDED THE FACE BOOK AND MY SPACE ACCOUNTS OF PRESIDENTIAL CANDIDATES, CAR NAV SYS (LOCATE & UNLOCK), & TRUCK FREIGHT TRACKING SYS (TRACK/STEAL CARGO). CURRENTLY, > 120 COUNTRIES ARE ESTABLISHING AN IO ATTACK CAPABILITY OSINT & HAVE CLASSIFIED KNOWLEDGE OF MORE PROBLEM - REQUIRES TECHNOLOGY, DEEP KNOWLEDGE OF THE THREAT, & TRADE CRAFT. NEED TO UNDERSTAND WHERE THIS THREAT IS EVOLVING SO WE ARE PREPARED FOR THE WORLD FIVE YEARS FROM NOW. [LATER CHARTS]
  • Information Operations (IO) encompasses all communications from sensors to networks to effectors - which include kinetic, non-kinetic and psyops along with Computer Network Operations, the focus of this discussion CNO includes offensive and defense elements, IO and IA. IO includes network or device access, attack, or exploitation for intelligence and operational purposes. IA assures that our own systems are not subject to access, corruption for forced network shut down. Examples of this would encompass both the protection and exploitation of flaws and malicious in-plants in software systems; flaws [or ‘malicious’ in-plants in microelectronics]; as well as spoofed biometrics; forged credentials, etc. What we are not including includes items in the grey boxes…Emissions from electronic systems; directed energy attacks on electronic systems; Kinetic attacks on information systems; We are also not including pure tangential services, such as physical security of facilities; personnel security of IT facilities; theft of computer storage; or Psyops [i.e. a disinformation campaigns]. Grow Raytheon into the most critical emerging defense market Integrate cyber capability into all Raytheon products and services (offensive and defensive) Brand Raytheon synonymous with information security; critical to sustained mission assurance Our Strategic Objectives in regards to the IO IA business are: Grow Raytheon into a critical emerging defense market - Build a world-class end to end IO/IA capability via Raytheon Information Security Solutions (ISS) [~$0.5B sales within 5 years w/ 33% CAGR] Establish IA as a discriminator/component in all RTN solutions - Develop and implement a “best in class” proactive solution that provides unimpeded and secure enterprise services. Better protect and secure Raytheon’s systems and information – deploying this capability for our own internal systems.
  • The Raytheon Garland security team has hands-on experience with this list of products. While some of these products are core security products, our experience also extends to creating secure installation of non-security products.
  • FUNDAMENTAL ELT OF STRATEGY – BUILD CAPABILITIES RELEVANT IN FUTURE – KEEP AHEAD OF ADVERSARIES & COMPETITORS – OUT OF COMMODITY SECURITY PROD BUS. PROJECTED THREAT – EVOLVES TO HIGHLY COORDINATED NETS OPERATED BY NATION STATES, TERRORIST ORGS, ORG CRIME, INDUSTRIAL ESPIONAGE & HACKERS TARGET DEVICES CHANGE – LARGE ORGS TO TARGETED INDIVIDUALS & SPECIFIC DEVICES/APPS (E.G. LAPTOPS, CELL, VOIP, ETC) – APPLY TO BOTH OFFENSIVE TARGETING & IA SIDE IN BOTTOM WE SEE THE MARKET FOCUS AND THE ENVIRONMENT PRIORITIES OF CORP/GOV’T INFOSEC GROUP. BOTTOM RIGHT - SOLUTION PROVIDERS & INTERNAL IS GROUPS NEED TO FOCUS ACTIVE IO – PERSISTENT AGENTS, AGENT NETWORKS AND BOTS, ANONYMIZATION, DEVICE ACCESS, REVERSE ENGINEERING AND SOCIAL NETWORK ANALYSIS. IO COLLECTION AND EXPLOITATION – ‘NON TRADITIONAL’ DEVICES [I.E. A NEW SONY PLAY STATION], NETWORK ACCESS/COLLECTION/REDIRECTION, COVERT DELIVERY OR EXFIL. CYBER COUNTER INTEL – IMPLANTS AND REVERSE ENGINEERING ACTIVE ASSURANCE – INSIDER THREAT, BIOMETRIC VALIDATION, REAL TIME ID OF POLICY VIOLATIONS, SIT AWARENESS OF ATTACK OR PENETRATION POLICY AND ARCHITECTURE – ROLE-BASED ACCESS, HW AND FW VALIDATION, VULNERABILITY ANALYSIS. ADV INFO SEC CAPABILITIES - DEVICE PROTECTION, FORENSICS, OR CONTENT FILTERING. [DEVICE ACCESS& PROTECTION PARTICULARLY FOR PERSONAL, FINANCIAL AND MEDICAL INFO]
  • Raytheon Garland has executed security engineering tasks in all phases of a system. From the proposal effort through the operations and maintenance, our security engineering staff has the experience and skills to navigate through all security requirements for the life of the program.
  • FUNDAMENTAL ELT OF STRATEGY – BUILD CAPABILITIES RELEVANT IN FUTURE – KEEP AHEAD OF ADVERSARIES & COMPETITORS – OUT OF COMMODITY SECURITY PROD BUS. PROJECTED THREAT – EVOLVES TO HIGHLY COORDINATED NETS OPERATED BY NATION STATES, TERRORIST ORGS, ORG CRIME, INDUSTRIAL ESPIONAGE & HACKERS TARGET DEVICES CHANGE – LARGE ORGS TO TARGETED INDIVIDUALS & SPECIFIC DEVICES/APPS (E.G. LAPTOPS, CELL, VOIP, ETC) – APPLY TO BOTH OFFENSIVE TARGETING & IA SIDE IN BOTTOM WE SEE THE MARKET FOCUS AND THE ENVIRONMENT PRIORITIES OF CORP/GOV’T INFOSEC GROUP. BOTTOM RIGHT – WHERE (PROVIDERS & INTERNAL IS GROUPS) NEED TO FOCUS ACTIVE IO – PERSISTENT AGENTS, AGENT NETWORKS AND BOTS, ANONYMIZATION, DEVICE ACCESS, REVERSE ENGINEERING AND SOCIAL NETWORK ANALYSIS. IO COLLECTION AND EXPLOITATION – ‘NON TRADITIONAL’ DEVICES [I.E. A NEW SONY PLAY STATION], NETWORK ACCESS/COLLECTION/REDIRECTION, COVERT DELIVERY OR EXFIL. CYBER COUNTER INTEL – IMPLANTS AND REVERSE ENGINEERING ACTIVE ASSURANCE – INSIDER THREAT, BIOMETRIC VALIDATION, REAL TIME ID OF POLICY VIOLATIONS, SIT AWARENESS OF ATTACK OR PENETRATION POLICY AND ARCHITECTURE – ROLE-BASED ACCESS, HW AND FW VALIDATION, VULNERABILITY ANALYSIS. ADV INFO SEC CAPABILITIES - DEVICE PROTECTION, FORENSICS, OR CONTENT FILTERING. [DEVICE ACCESS& PROTECTION PARTICULARLY FOR PERSONAL, FINANCIAL AND MEDICAL INFO]
  • Now let me talk to you about three (3) markets we see for CHAIN First, for DOD, government agencies like DARPA. We recently won a $14 million contract from DARPA. This contract calls for us install a new “enterprise” network, which will replace a number of disparate DARPA networks. DARAP envisions a single, integrated network support the PM’s and their programs. This single Network will dramatically change the business practices at DARPA as well as the way that DARPA personnel communicate with one another. Today, they have to rely on sneaker net, manually pulling out their hard drives and sharing information. Our solution, automates that and allows sharing of information based on security clearances so that they have access to only the information they should access.
  • Opportunity to highlight specific CHAIN capabilities in response to what the customer said during the previous slide.
  • In an MSL Architecture the systems are operating at a single classification level and the users are cleared for their specific level. This MSL architecture has as Top Secret, Secret , and Unclassified enclaves sharing data via controlled interfaces (I.e., trusted guards). For some users their maximum clearance is Secret and others their maximum clearance is Top Secret. A trusted bi-directional guard is used to release information classified as Secret from the TS network to a network consisting of only Secret users and systems. Low-to-High (one way guards) are used to pass information from the Unclassified network to both the Secret and TS networks. The single level systems must implement mechanisms to provide assurance that the system's security policy is strictly enforced.
  • Here an MLS Architecture which is composed of four interconnected enclaves. The MLS Enclave which is enforcing MAC policy and explicitly labeling all data objects. Users on the MLS enclave workstations are cleared to the highest level of data classification and can open multiple “ labeled ” windows to access and manipulate data at the various data classification levels. Users in the TS, Secret, or Other enclaves are cleared to only those data classification levels respectively. Based on the domain security policy these users could open “ labeled ” windows of data elements that their access authorization dominates. Multilevel Web and mail services are made available via MLS servers. To amplify the definition, an MLS system might process both Secret and Top Secret collateral data and have some users whose maximum clearance is Secret and others whose maximum clearance is Top Secret. Another MLS system might have all its users cleared at the Top Secret level, but have the ability to release information classified as Secret to a network consisting of only Secret users and systems. Still another system might process both Secret and Unclassified information and have some users with no clearance. In each of these instances, the system must implement mechanisms to provide assurance that the system's security policy is strictly enforced. In these examples, the policy allows access to the data by only those users who are appropriately cleared and authorized (e.g., having formal access approval) and who have an official need to know for the data.
  • Raytheon Garland’s security engineering team is comprised mostly of engineering brought on to work security engineering for the MIND program with started in May of 1999. The MIND program was one of the first large programs to enter into development under DCID 6/3. The MIND was also one of the first large program to work architectural issues with the DICAST. Our experience in working with the DICAST has been gained over the last 2.5 years. This experience is invaluable in helping other programs navigate getting their architectures approved by the DICAST.
  • MIND Integration of legacy infrastructure, at different security levels, into new architecture Multi-level security management (Radiant Mercury) Security Engineering led Certification & Accreditation (C&A) compliance with DCID 6/3 PL4 (working w/NRO accreditors and DICAST mission partner). Developed Audit Log Evaluation and Reduction Tool (ALERT) to provide DCID 6/3 compliant audit reports

Raytheon and NGA Transformation Raytheon and NGA Transformation Presentation Transcript

  • Raytheon Information Security Presentation to TAMU Kent Stout [email_address] Shelli Richard [email_address] April 16, 2009
  • Agenda
    • Welcome and Introductions
    • Information Security Overview
    • Current Threat Vectors
    • The IA/IO Landscape
    • Question and Answer
  • Driving Goal of Security Engineering
    • Create the best architecture that:
    Meets functional requirements within cost and schedule constraints This is a never-ending balancing act! Provides sufficient security control to mitigate risks to an acceptable level for accreditation
    • Requirements
    • Process
    • Policy
    • Analysis
    • Architecture
    • Integration and Test
    • Training
    • Operations & Maintenance
    • C&A
    Information Security as a Discipline Information Security Engineering combines key engineering disciplines to span the information security spectrum.
    • Requirements
    • Process
    • Policy
    • Analysis
    • Architecture
    • Integration and Test
    • Training
    • Operations & Maintenance
    • C&A
    • Network Security
    • System Administration
    • Operating Systems
    • Process
    • Installation & Configuration
    • Integration and Test
    • Operations &
    • Maintenance
    • Requirements
    • Process
    • Analysis
    • Design
    • Development
    • Implementation
    • Integration and Test
    • Operations &
    • Maintenance
    Full Life-Cycle Coverage Certified Information Security Engineers Subject Matter Experts Certification and Accreditation Expertise Continuous Learning and Development Information Security Engineering Systems Engineering Network/System Administration Software Engineering
  • Raytheon InfoSec Competencies
    • Systems Engineering
      • Enterprise Architecture Engineering
      • Security Systems Engineering
      • Network Systems Engineering
      • Secure Component Engineering
      • Continuity of Operations Engineering
    • Systems Integration / COTS Integration
    • DCID-6/3 Certification & Accreditation
      • DIACAP, NISCAP, FISMA, DODIIS, NIST, 8500.xx
      • Risk Management / Assessment
    • LAN/WAN/Internet Secure Information Sharing
    • Identity and Digital Rights Management
    • Public Key Infrastructure (PKI), Virtual Private Networks (VPN’s), Encryption
    • Secure Voice & Conferencing (VoIP)
    • Database/Data Warehouse Security
    • Anti-Tamper TEMPEST & HEMP Engineering
    • Integrated Red/Black Networking
    • Vulnerability Assessment/Penetration Testing
    • Data Forensics, Data Integrity
    • Operations, Sustainment, Training & Maintenance (NOC, SOC, CIRT)
    Raytheon Strives to Provide Robust Solutions to the Evolving Information Assurance Challenges
  • Cyber Threats are on the Rise MI5 sends letter to British companies warning systems are under attack Data Breach Reports Up 69 Percent in 2008 Pentagon hacked Inspectors Disclose Security Breach at Nuclear Lab Critical infrastructure central to cyber threat
  • Threat Vectors for Critical Infrastructure Cybercrime Surpasses Drug Trafficking Revenue Cyber Terrorists Criminal Enterprises Nation States Scammers Criminals
    • Money Mules
    • Credit Card Number Theft
    • Software and Video Pirates
    • Web Blackmail
      • e.g., Tomasz Grygoruk
    • Intellectual Property
    • Phishing
    • Spam
    • Identity Theft
    • Ransomware
    • Keyloggers
    • Supply Chain Exploitation
    • Vendor spyware
    • Trade Secret Mining
    • Illegitimate Front Companies
    • China - PLA “Net Force”
    • Russia
    • France
    • Israel
    • Ukraine
    • India / Pakistan
    • Jihadists
    • Al-Qaeda
    • Nationalists
    • Arab Electronic Jihad Team
    • Lashkar-e-Taiba
    • Hate Groups
    THREATS TARGETS individuals criminal syndicates national organizations Individuals Organizations Businesses Government Infrastructure Email 5% SPAM 95% SPAM Google Users McCain & Lieberman Websites Car Navigation Systems 100 Largest US Utilities 95% increase penetration attempts DHS DOJ US Electric Grid Davis-Besse Nuclear Plant Truck Freight Tracking Shell Oil Military Germany NATO TJ Maxx TSA Oak Ridge Labs Univ. of Pennsylvania Voting Machines $10K Cost per data breach 101 st Airborne 4 th Infantry US Marines penetration attempts MySpace FaceBook Pentagon NIPRNet Rolls Royce $386K London Stock Exch. 23,000 / year 100,000/sec Univ. of Mich. Cisco Geeks.com Vodaphone Cellular NASDAQ $105B
    • Targets are both Federal and Commercial
    • In 2004 revenues produced through cybercrime surpassed those produced through drug trafficking at $105 Billion/year
    • Between 2003 and 2007 the estimated average commercial cost related to a data breach went from $10 K to $386 K
    • Between 2003 and 2007 the 100 largest US utilities saw an increase of 95% in penetration attempts
    • Between 2002 and 2007 military installations went from an estimated 23,000 penetration attempts per year to more than 100,000 attempts per second
    • Attack sophistication, rewards, and motivations are all expanding
    2001 2007 2005 2003
  • Critical Need
    • More devices, more connectivity and more software
    • Software is becoming more complex
      • This complexity provides a wealth of IO-related opportunities
      • Strategic and tactical advantage go to those who can understand then control the execution of software and software systems
    • Providing IO capability to the US Government is a high growth niche
      • In lock step with the growth in information technology
    • Raytheon is positioned at the tip of the spear
    Yesterday’s Attackers Today’s Terrorists Weapons of the Future?
  • What is a Security Engineer?
    • The perfect security engineer is part
      • Network Engineer
        • Routers, Switches, Firewalls, Intrusion Detection Systems
      • Operating Systems guru
        • Linux, Unix, Trusted OSes, Windows
      • Systems Engineer
        • Architecture, Requirements, Documentation
      • Software developer
      • Protocol expert
        • HTTP, SSL, SSH, FTP, SMTP, SNMP, NTP, LDAP
      • Applications guru
        • Web, LDAP, Database, Custom Apps, XML
      • Integration and Test Engineer
        • Integrate custom and COTS products
      • Good team builders with excellent written and verbal communication skills
    Is that too much to ask for?
  • Post-Graduate Security Education Experience Continued Education is Vital 3-5 years 0-2 years 6-9 years 10+ years SANS Security Essentials (Technical) Vendor Bootcamps, Technical Training CISSP Certification ISSEP Certification SANS Level 2 Specialization Track(s) Security Conference Attendance Security Conference (Speaker) Additional Certifications (Customer-driven) Internal Corporate Certifications
  • Information Operations / Information Assurance (IO/IA) Defined INFORMATION OPERATIONS Kinetic Psyops Computer Network Operations Non-Kinetic (DEW) Offense (IO) Defense (IA) Access Attack Defend Exploit
    • Passive
    • Active
    • Deny
    • Decept
    • Destroy
    • Deter
    • Detract
    • Passive
    • Active
    • Analysis
    • Triggering
    • KM/KD
    Current Suppliers & Customers
    • Suppliers
    • Small niche providers (none with turn-key solutions)
    • Customers
    • DoD
    • Intelligence Community
    • DARPA
    • DHS
  • Assessment Methodology
    • Information Gathering
      • Interview System Owners
      • Determine high value targets
      • Study and Identify Gaps in Policies/Procedures
      • Conduct Network Mapping Scans
      • Create Network Layout Diagram
    • Vulnerability Analysis (VA)
      • Conduct VA Scans
      • Analyze Patch Management Effectiveness
    • Define Secondary Targets
      • Determine risk posed
    • Penetration Attack (if requested by customer)
    • Results Analysis
      • Analyze all data gathered
    • Final Analysis Documentation
      • Document findings, recommendations
  • Assessment Methodology (Cont.)
    • Risk Recommendations
      • Accept Risk, Transfer or Remediate
      • Remediate the Risk (Prioritized)
        • Could generate new requirements to correct
        • findings
        • Starts the development cycle
        • Remediation approaches
          • System Mechanisms
          • Security COTS Products
          • Custom Software Development
          • IDS/IPS
          • Enterprise Security Monitoring
          • Cross-Domain Solutions
        • Non-traditional approaches
          • Software Vulnerability Analysis
          • Reverse Engineering
    • Risk Mitigated According to Plan
    • Risk Reduction Effectively Realized
    • Commercial Hardware
      • Network equipment – Cisco, Summit, Juniper, Allied Telesyn
      • Operating Systems – Linux, UNIX, Windows, Trusted OSes
      • SAN switches, Console Servers, etc.
    • Hardening default installation
      • Disabling unused services or features, Ingress/Egress Filtering, Logon Banner, etc.
      • Formal guidance (e.g., DISA, NSA, CERT, SANS, CIS, NIST)
      • Required capabilities defined by
          • Mission purpose - Development, Production, Testing, Failover Spare
          • Enterprise Infrastructure – Time synchronization (i.e. NTP), centralized logging/monitoring (i.e. Syslog, SNMP), remote maintenance (i.e. SSH), centralized authentication (i.e. TACACS+)
          • Type of equipment - Controlled Interfaces, Core Servers, End User workstations
      • Automated tools – repeatable results
        • Custom scripts
        • Solaris Security Toolkit, DISA SRR/Gold, Titan, Bastille, YASSP
    Remediation via System Mechanisms Remediation begins at the Equipment level.
  • Firewalls/ ACLs Trusted OS LDAP Servers Oracle Db PKI Certificate Authority Secure Shell (SSH) DNS Install & Hardening Load Balancers Trusted Guard Cisco Routers Web Servers Vulnerability Testing COTS Products often offer cost-effective solutions Remediation via COTS Product Integration
  • Remediation via COTS Product Integration
    • Cisco Routers and Switches
    • Load Balancers
      • F5 Big IP
    • Web Servers
      • Netscape
      • Apache
    • Directory (LDAP) Servers
      • Netscape
    • PKI Certificate Authority
      • Netscape
    • Intrusion Detection Systems (IDS)
      • Network IDS – SourceFire, SNORT, ISS RealSecure, NFR
      • Host IDS – ISS RealSecure, custom log alerts
      • Decoy systems – Symantec ManTrap
      • File Integrity – Tripwire
    • Firewalls
      • Gauntlet
      • CyberGuard
      • Cisco PIX
    • Oracle Databases
      • Including Oracle Label Security (OLS)
    • Cross Domain firewall
    • Secure Shell (SSH) for administration and system control scripts
    • Washington University FTP
    • DNS installation and hardening
    • CORBA
      • Orbix
    • Frequently, customer requirements for security exceed commercial product capabilities
    • Information Security often requires developing custom software solutions securely
    Remediation via Developed Software Software Development enables bridging the gaps in integrating COTS applications based on customers’ needs.
    • Initial design and deployment decisions
      • Bandwidth – segregate network, multiple sensors
      • Encrypted traffic – limited visibility, decrypt prior to sensor
      • Outside perimeter – Noise, Shows growing threats
      • Inside perimeter – Focuses on compromises
      • Mechanism
        • Mirroring on switches – Cheaper, possible load failures
        • Taps – More expensive, configuration more difficult and involved
    • Customize to context of environment (i.e. tuning)
      • Minimizes false positives
      • Configure appropriate notifications and/or response
      • Detect violations of policy
      • Devise scheme to efficiently update signatures
    • Monitoring and investigation into alerts
      • Escalation Procedures / Remediation Actions
    IDS/IPS solutions offer significant contributions to overall situational awarenes but can be very complex in nature and customization. Remediation via Intrusion Detection/Prevention Systems
    • Overarching security monitoring layer
    • Consolidates information from variety of security equipment
      • Integrate existing sensors
        • Syslog
        • Log files
        • SNMP Traps
        • Smart agents
      • Normalize information gathered
      • Filter noise
      • Aggregate/correlate events/threats/alerts
      • Policy violations
      • Heuristic Analysis
      • Reports/visualization
    • COTS packages
      • CA eTrust, ArcSight, e-Security, Symantec, Intellitactics, netForensics, etc.
    • GOTS
      • Audit Log Evaluation and Reduction Tool (ALERT), custom scripts, etc
    Enterprise Security Monitoring combines the technical solutions for risk mitigation and risk management. Remediation via Enterprise Security Monitoring
    • High Assurance Guard functionality that can validate data at entry/exit points in the system
      • Raytheon High-Speed Guard
      • Lockheed Martin Radiant Mercury
      • Northrop Grumman Information Support Server Environment (ISSE)
    • Oracle Label Security (OLS) for row level database control
      • Oracle Data Vault cross domain product is built upon OLS
    Cross-domain solutions are as unique as our customer set. Remediation via Cross Domain Solutions
  • Cross-Domain Sharing Approaches
    • Architectures Currently In Vogue
      • Multiple Single-Level (MSL)
      • Multi-Level Security (MLS)
      • Multiple Independent Levels of Security (MILS)
    • Multiple Single-Level
      • Systems confined to multiple single-level domains
      • Systems remain relatively ‘dumb’ about security levels
      • Security controls enforced at the boundaries by Controlled Interfaces, a type of Cross Domain Solution (CDS)
    • Multi-Level Security
      • The entire system inherently understands and enforces security requirements
      • Typically requires Trusted Operating Systems
        • i.e., SELinux, Solaris 10 Trusted Extensions, HP NetTop, etc
      • Very complicated, extremely limited vendor support
    • Multiple Independent Levels of Security
      • Layered Architecture (Separation Kernel, middleware, applications)
      • Implements an Information Flow/Data Isolation Security Policy
    MSL is still only practical solution for most applications
  • Non-Traditional Approach
    • ACTIVE ASSURANCE
    • Active Protection
    • Role-Based Access Control
    • Predictive Active Assurance
    • INFORMATION SECURITY
    • Device Protection
    • Biometrics
    • Forensics
    • ACTIVE I/O
    • Persistent Agents
    • Social Network Analysis
    • Infrastructure Indep. Comms
    • CYBER CI
    • Agent Networks (BOTS)
    • Implants
    • Reverse Engineering
    • POLICY & ARCH
    • Role Based Access
    • Vulnerability Analysis
    • Identity Management
    • COLLECT & EXPLOIT
    • Virtual Networks
    • COLLECT & EXPLOIT
    • Non-traditional Devices
    • Network Access/Redirect
    • Covert Delivery & Agents
    • POLICY & ARCH
    • H/W Validation
    • F/W Validation
    • S/W Validation
    Technology Services and Support Offensive Defensive
  • The Problem with Software The unintentional functionality in information systems can be leveraged in unique ways to provide creative, bold and aggressive advantage Intended Behavior Actual Behavior Missing functionality (Bugs) Intended functionality Unintended functionality (Bugs?)
  • Vulnerability Research
    • Discovering and exploiting flaws in software is the key to success in information operations
    • Open source development has dramatically increased accessibility and collaboration
    • A zero-day vulnerability is one that:
      • Vendor has no knowledge so no patch exists
      • Target has no knowledge so he can’t protect himself
      • Others in the community have no knowledge so lifespan is prolonged
    Active Vulnerability Research is key to discovery prior to adversary exploitation
  • Reverse Engineering
    • The DoD is aggressively pursuing the development of software protection and anti-tamper technologies
      • The government requires assessment of these emergent technologies
      • Requires an ability to reverse engineer heavily armored software
    • Forensic reverse engineering analysis of malicious code on a Quick Reaction Capability (QRC) turnaround is often desirable
      • Analysis to determine what the code has potentially compromised
      • Analysis to determine what the code is capable of doing
      • Determine attribution
    • Reverse engineering analysis is required as the first step in any binary modification exercise
      • The government often requires covert functionality to be implemented in commercially available devices
  • Questions and Answers
    • What questions can we answer for you?
    • What have we forgotten to cover?
  • Backup
  • Full Life Cycle Coverage
    • Lead system architecture definition
    • Conduct trade studies
    • Develop SOW/SOR for security requirements and implications
    • Specify network security architecture
    • Determine appropriate security certification methods and processes
    Concept Definition Development Integration Operations
    • Define certifiable security architecture
    • Perform trade studies on security products
    • Evaluate interactions of security products with other system components
    • Develop custom tools where industry products are not available or do not meet requirements
    • Prepare security certification plans
    • Install/configure/support security products
    • Evaluate security architecture
    • Implement security controls
    • Development of operational procedures
    • Lead Certification and Accreditation
    • Periodic vulnerability analysis of security architecture
    • Install/config/support of security products
    • Continual research of emerging security threats and deterrents
    • Maintenance and obsolescence management of core security products
    Our Information Security credentials span the entire life cycle spectrum.
  • IO Threat Environment HISTORICAL CURRENT PROJECTED ACTOR Hackers Nation States Networks Physical Access Controls Forced Password Changes Firewalls, Encryption Virus Scanners Wired Communications TARGET MARKET Account Management Pushed Updates Remote Administration SPAM Filtering Open Website Access INFOSEC Focused Nation States Hackers Industrial Espionage Funded Terrorists Companies, Online Businesses (Switches, Routers, Firewalls) Identity Management Single Sign-On DCID 6/3 Compliance Active Content Filtering Session Encryption Wired/Wireless Communications Policy Adherence Data at Rest Encryption Remote Access Solutions Situational Awareness / Monitoring Access Points ITAR Compliance / Architecture Nation States Organized Crime Industrial Hackers Individuals, User Devices, Mobile & Wireless Applications (Laptops, Cell, VOIP, PDAs)
    • ACTIVE ASSURANCE
    • Active Protection
    • Role-Based Access Control
    • Predictive Active Assurance
    • INFORMATION SECURITY
    • Device Protection
    • Biometrics
    • Forensics
    Coordinated Networks
    • ACTIVE I/O
    • Persistent Agents
    • Social Network Analysis
    • Infrastructure Indep. Comms
    • CYBER CI
    • Agent Networks (BOTS)
    • Implants
    • Reverse Engineering
    • POLICY & ARCH
    • Role Based Access
    • Vulnerability Analysis
    • Identity Management
    • COLLECT & EXPLOIT
    • Virtual Networks
    • COLLECT & EXPLOIT
    • Non-traditional Devices
    • Network Access/Redirect
    • Covert Delivery & Agents
    • POLICY & ARCH
    • H/W Validation
    • F/W Validation
    • S/W Validation
  • DARPA contract (CHAIN deployment)
    • $14 million DARPA base year contract
      • 4 option years
    • Build the DARPA Secure Enterprise Network (DSEN)
      • Migrate legacy networks and data to the DSEN
      • Manage legacy assets prior to DSEN transition
      • Provide technology refresh and upgrades
      • Support business re-engineering for DSEN migration
    • Address the “DARPA HARD” paradigm
      • Provide a low risk solution using an advanced technology approach
      • Integrate proven innovative solutions using “defense-in-depth” with COTS components
    Advanced DoD Technology – Protecting Critical Research Proprietary Programs:
  • CHAIN PL3+ Network Capabilities
    • Key Features
    • PKI authentication
    • E-Mail
    • File sharing
    • Video transmission
    • Voice conferencing
    • White Boarding
    • Chat (instant messaging)
    • Provides secure knowledge management at all stages:
        • Creation, processing, storage, retrieval, and transmission
    • COTS operating system, COTS hardware
    Fully Integrated, Compartmentalized, Collaborative System
  • Raytheon High-Speed Guard
    • Key Features
      • High data rates eliminate bottlenecks
        • 900Mb/sec on 1Gbit network
      • DCID 6/3 Accreditation
        • 140+ instances
        • NGA, Proprietary
      • Flexible Data Validation Rules – allows O&M admins to maintain system
      • Supports file or message transfers
      • Supports socket or file-based transfers
      • Selectable Features include -
        • Digital Signature Validation
        • Virus scanning
        • Reliable Human Review Manager
    • Guards are key components in securing Cross Domain solutions necessary for data sharing between security level
  • Multiple Security Levels (MSL) Example
    • MSL – Multiple Security Levels
      • Fully segregated classification levels with specific interconnection points
      • Trusted “Controlled Interface” device at interconnection points
      • Implicit enforcement of Mandatory Access Control (MAC) policy
    MLS DB Secret Data “ Unclass” Data TS Enclave Secret Enclave Unclass Enclave Secret Data “ Other” Data TS Data Trusted Guard Trusted Bi-directional Guard Trusted Guard MLS DB Trusted Server
  • Multiple Level Security (MLS) Example
    • MLS – Multi-Level Security
      • Requires certified trusted computing base to enforce security policy and properly label all subjects and objects
      • Simultaneously permits controlled limited access by users with different security clearances and needs to know
      • Explicit enforcement of Mandatory Access Control (MAC) policy over all resources
    MLS Enclave MLS DB Trusted Server MLS DB TS/SCI Data Secret Data “ Other” Data MLS Servers MLS Enclave TS Enclave S Enclave Other Enclave
  • Multiple Independent Levels of Security (MILS)
    • MILS is about:
    • High Assurance (Evaluatable Systems Design)
    • Safety (It does what it is supposed to do)
    • Security (It does nothing else)
    • Real Time (It meets its deadlines)
    • Embedded (F/A-22, JTRS, I/O Chips…)
    • Standards-based (Highly Independent)
    • COTS (Multiple Vendors )
    MILS GOAL: To create a COTS and standards-based infrastructure to enable end-to-end, secure data fusion on the GIG
    • MILS Architecture
    • Layered architecture (separation kernel, middleware, applications)
    • Implements an Information Flow/Data Isolation Security Policy
    • Leverages off COTS vendor DO-178B RTOS and middleware products
    MILS Program Raytheon participates in the development of MILS through AFRL/IF sponsored SIRES and HAMES CRAD programs and participation in The Open Group Real-time Embedded Systems forum.
  • Training Experience Our training curriculum is world-class. 3-5 years 0-2 years 6-9 years 10+ years SANS Security Essentials (Technical) Vendor Bootcamps, Technical Training CISSP Certification ISSEP Certification SANS Level 2 Specialization Track(s) Security Conference Attendance Security Conference (Speaker) Additional Certifications (Customer-driven) Principles of Systems Engineering
  • Raytheon’s Information Systems Security Engineering Process Raytheon ISSE Process supplements internal development processes and defines how Information Security Engineering achieves successful Certification and Accreditation.
  • Raytheon IA Reference Architecture Approach
    • Raytheon Enterprise Architecture Process (REAP)
    • DODAF 6-step Process
    • Leverage existing work from NCOW-RM and GIG IA working group
  • Government Certification Experience
    • Experienced with DCID 6/3, DITSCAP/DIACAP, and NIST 800-37 C&A methodologies
      • Team includes highly-trained specialists in DCID 6/3 concepts and requirements, including Appendix E
      • Support for DITSCAP/DIACAP and NIST 800-37 increasing
    • Information Security “baked-in” from the beginning
      • Security architecture design
        • MLS architecture experience on multiple programs
        • High performance, cross-security level communication components
        • Multi-level and cross-level security experience on multiple programs
      • Implementation
        • Product configuration, installation, tuning, analysis, training
        • Vulnerability assessment
        • Custom software development
      • Security documentation development
        • System Security Plan / System Security Accreditation Agreement
        • Security CONOPS
        • Certification and Accreditation Test Plans and Procedures
        • Security Administration Procedures and Configuration Management
    Our track record for successfully certifying systems is 100%
  • Raytheon ISSE Past Performance
    • Freedom - Proprietary
      • Within the last 24 months, 22 Certification packages received Full Authorization to Operate
      • DCID 6/3 PL2, PL3 and PL4 systems
    • Mission Integration and Development
      • Integration of legacy infrastructure at different security levels into new architecture
      • DCID 6/3 PL 3 - Multi compartment SCI system
    • Information Assurance Services (IAS)-NGA
      • Provide overarching Information Assurance Services for all National Geospatial Intelligence Agency operational sites
    • Global Broadcast System (GBS)
      • DIACAP certification of entire system
    • US Patent Trade Office
      • NIST 800-37 certification of Raytheon components
    Raytheon Information Security delivers solutions for a variety of customers with success
  • Network Security Infrastructure
    • A Successful IT Security infrastructure
      • Is championed by management
      • Is user friendly, cost effective, dependable, manageable, and flexible
      • Involves collaboration with various Lines of Business, organizations, partners, vendors, customers, and users
      • Leverages and integrates best of breed commercial products
  • Network Security Landscape
    • Environment
      • IT systems are targeted by competitors, adversaries, crackers, and criminals, both externally and internally
        • We protect valuable assets (money and National Security Information)
      • Highly Government regulated
        • (GLB Act, Sarbanes-Oxley Act, Computer Security Act, Computer Fraud and Abuse Act, Federal Acquisition Regulations, Electronic Communications Privacy Act, DoD regulations, Executive Orders, etc.)
        • We implement compliant security solutions (ie. DCID 6/3, DITSCAP)
      • Heterogeneous interconnected system with various security levels
        • We implement global, WAN, LAN security solutions for diverse customers (national and foreign)
  • Network Security Landscape
    • Environment (continued)
      • Technically complex (switches, routers, firewalls, VPNs, Anti Virus, mainframe, midrange, client-server, widely distributed networks, etc. )
      • Must integrate both legacy systems and new technologies
      • Subject to Public and Government accountability and scrutiny
      • Risk Management is a primary business function
      • Reputation is paramount
      • Secure massive amounts of data (images, documents, transactions, logs and reports)
      • 7 x 24 x 365 Operations
        • We implement redundant and high availability network devices, firewalls, and security applications to protect our assets.
        • We support foreign and domestic global, national, and regional operations centers
  • Network Security Landscape
    • Implement secure Methodologies, concepts, principles
      • Least Privilege
      • Defense in Depth
      • DMZs and Security Zones
      • Layered Security
      • Compartmentalization
      • Separation
      • Default Deny
    • Use the same or similar “Best Practices”, standards, professional organizations
      • FIPS, NIST, GASSP, Common Criteria, BS/ISO 17799, SAS 70, COBIT
      • SEI, ISO, IETF, IEEE, NIST, ISC2, NIAP, SANS Institute, TruSecure, ISACA