Layer 7: Robust Net-Centric Services
 

Layer 7: Robust Net-Centric Services

on

  • 626 views

Introduction to Robust Net-Centric Services. These are services with a high degree of resilience even when faced with a comprehensive array of faults and/or challenges and inherently capable of ...

Introduction to Robust Net-Centric Services. These are services with a high degree of resilience even when faced with a comprehensive array of faults and/or challenges and inherently capable of reacting gracefully to both internal application changes as well as external environmental changes, all without impacting information exchange.

Statistics

Views

Total Views
626
Views on SlideShare
626
Embed Views
0

Actions

Likes
0
Downloads
2
Comments
0

0 Embeds 0

No embeds

Accessibility

Categories

Upload Details

Uploaded via as Adobe PDF

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

Layer 7: Robust Net-Centric Services Layer 7: Robust Net-Centric Services Presentation Transcript

  • Robust Net-Centric Services Adam Vincent, CTO Public Sector avincent@gov.layer7tech.com
  • Agenda  The Problem & Challenge with the Status Quo  Solution: Robust Net-Centric Services  Steps to Robustness  Example of Problem & Solution  Some Things To Ponder  Conclusions 2 Adam Vincent, CTO Public Sector | avincent@gov.layer7tech.com | www.layer7tech.com
  • Challenge with the Status Quo Life of an IT System Build Certify Accredit Deploy Re-Build Change Monitor  Challenging Factors of the Status quo - Availability and Robustness of the Network - Availability (and “Reachability”) of resources to execute a particular function - Information Assurance (Patching, Access Control, Confidentiality, and Integrity) - Dynamic Cyber Defense (Monitoring, Implementing Change) 3 Adam Vincent, CTO Public Sector | avincent@gov.layer7tech.com | www.layer7tech.com
  • Solution: Robust Net-Centric Services The Goal Reactive Proactive Predictive Adaptive  Robust Net-Centric Services are: net-centric services with a high degree of resilience even when faced with a comprehensive array of faults and/or challenges and inherently capable of reacting gracefully to both internal application changes as well as external environmental changes, all without impacting information exchange” Robust Net-Centric Services - December 2010 (Author Adam Vincent)  Capable of accessing its own particular situation, and taking intelligent action based on its own situational awareness without impacting the consumer or provider of the application resource  Capable of providing details about current operating situation to operators (mission or CND) and allow for administrative changed to be made without impacting the consumer or provider of the application resource 4 Adam Vincent, CTO Public Sector | avincent@gov.layer7tech.com | www.layer7tech.com
  • Requirements of Robust Net-Centric Services Disconnected, Intermittent, Low Messaging Monitoring Situational Awareness bandwidth (DIL) Location & Mission Physical Parameters Awareness Robustness Requirements Intelligent Routing SLA/QoS & Variable Enforcement Transports Control through Policy Enforcement Data Transformations Caching and Compression Security 5 Adam Vincent, CTO Public Sector | avincent@gov.layer7tech.com | www.layer7tech.com
  • Steps to Robustness Certification & Accreditation Monitoring Defense Mission Requirements Policy Monitoring Business Business Consumers Policy Enforcement Services Change becomes transparent to the Messaging & Shared Services User and the Service Network & Communications 6 Adam Vincent, CTO Public Sector | avincent@gov.layer7tech.com | www.layer7tech.com
  • Example – Increasing Complexity and Cost Business Requirements Business Requirements Transport & Networking Requirements Users Transport & Networking Requirements Service Security Security Requirements New Security Requirements New Security Requirements Requirements Deploying the Service on another Network Deploying the Service on another Network Business Requirements Business Transport & Requirements New Networking Requirements Transport & Networking Users Service Requirements New Security Security Requirements Requirements Security Requirements New Security Requirements 7 Adam Vincent, CTO Public Sector | avincent@gov.layer7tech.com | www.layer7tech.com
  • Decoupling Requirements from Services New Security Requirements Security Requirements Transport & Networking Requirements Policy Business Business Requirements Requirements Users Policy Enforcement (Layer 7) Service Policy Business Migration Business Requirements Requirements Users Policy Enforcement (Layer 7) Service 8 Adam Vincent, CTO Public Sector | avincent@gov.layer7tech.com | www.layer7tech.com
  • Some Things To Ponder  Policy - WS-Policy – Policy Framework for building domain specific policy vocabularies and allowing them to be used in an integrated fashion for run-time enforcement - Recognized by NIST, and others as way ahead - XACML – Policy language for access control, specifically Authorization - An ingredient in decoupling policy - Yes, but the answer to robustness it is not  Policy Management - Needs to be interoperable across multiple product’s (enforcement points) - Needs to have integrated capabilities for testing, and certification - Needs to incorporate lifecycle - Mission owners, operators, and cyber defenders need to manage without stepping on each others toes. Testers, and Certifiers need to be in the loop as well.  Monitoring - Monitoring of Policy Enforcement is critical but needs to be provided to both mission operators, and cyber defenders in different ways across various network deployments.  Testing - “Run-time testing” when a new policy is added? 9 Adam Vincent, CTO Public Sector | avincent@gov.layer7tech.com | www.layer7tech.com
  • Conclusions Thank you! We can get there! Email me if you want to receive the “Robust Net-Centric Services” paper when it is available. 10 Adam Vincent, CTO Public Sector | avincent@gov.layer7tech.com | www.layer7tech.com