BLUE

1
Broadband for a mobile planetTM
Government Roadmap Tom Clark Delta Wave
Communications, Inc.
2
BGAN and information assurance
3
Requirements in the government sector

• Information assurance implies that
• The content cannot be altered or intercepted by
  an uninvited parties.
• The confidentiality (identity and location of the
  end user) is protected
• Statistical analysis of the data transfers is
  prevented
• Security has to be deployed at two levels to
  cover these requirements
• At the Transport mechanism level (or Network
  level)
• A the Data exchange level (Ciphering the data
  content)

4
BGAN network Built-in protection (1)
IP Core Network
WWW Server
Internet
DP POP
Burum SAS
Customer HQ

• Air Interface
• Data and signaling ciphered in accordance with
  UMTS standards (TS33.102)
• Position report encrypted
• Temporary IDs used to maintain anonymity of the
  terminal user (SIM).
• Satellite control is US Type-1 Encrypted

5
BGAN network Built-in protection (2)
IP Core Network
WWW Server
Internet
DP POP
Burum SAS
Customer HQ

• Satellite Access Station
• Joint military/commercial Satellite Earth
  Stations in the Netherlands and Italy.
• Fully Redundant SAS sites
• Data communications network protected by
  firewalls

6
BGAN network Built-in protection (3)
IP Core Network
WWW Server
Internet
DP POP
Burum SAS
Customer HQ

• Typical DP PoP Interconnect
• Routed over leased lines or VPN over IP networks
• Redundancy - backup links VPN over public IP
  network or ISDN
• Firewall protected
• IPSec encryption applied between Inmarsat and DP
  POPs

7
BGAN network Built-in protection (4)
IP Core Network
WWW Server
Internet
DP POP
Burum SAS
Customer HQ

• Typical DP / Customer Interconnect
• VPN over IP networksIPSec encryption
• Firewall protected

8
BGAN network Built-in protection (5)
IP Core Network
DP POP
Burum SAS
Customer HQ

• Dedicated DP / Customer Interconnect
• Private dedicated links
• IP Sec encryption
• Firewall protected

9
Protecting the content over IP networks
IP Core Network
WWW Server
Internet
DP POP
Burum SAS
Customer HQ
10
Protecting the content over circuit-switched
Circuit Switched Core Network
STU
International PSTN/ISDN
Burum SAS
Customer HQ
STU
11
Focus on encryption devices

• 64Kb Circuit Switched Data - 3.1Khz Audio  
• STU-III Motorola/ATT/GE
• Sectera Wireline (FNBDT/PSTN) General Dynamics
• OmniXi L3
• STE (via STU interface) L3
• Circuit Switched Data - ISDN UDI/RDI 
• STE L3
• KIV-7 Mykotronics
• OmniXi L3
• Brent, Brent 2, Hannibal, Thamer
• Packet Switched Services  
• DC2K IP Encryptor Thales
• KG-175 Taclane Classic General Dynamics
• KG-235 Sectera INE General Dynamics
• KG-250 AltaSec ViaSat
• KG-240 Red Eagle L3

12
Interoperability results so far

• Successfully tested over BGAN

• Thales DC2K
• STU-IIB/III
• STE
• Viasat KG-250
• Taclane KG-175
• Sectera KG-235

13
Preliminary results(i)
Up to 100 improvement

• FTP transfer of 1MB file, using TT explorer 500
  and LINUX platform
• Throughput averaged over 10 file transfers
• Best Throughput observed over 10 file transfers

14
Conclusions

• Network Security (TRANSEC)
• BGAN uses all of the latest Commercial security
  measures to protect itself against service
  interception, eavesdropping or statistical
  analysis from third parties.
• Content Security (INFOSEC)
• Commercial and Government Grade encryption
  mechanisms have been proven to work over BGAN
  ensuring end-to-end confidentiality and
  integrity of the data content.

15
Position reporting in BGAN
16
BGAN - position reporting

• Why is User Terminal position reporting required?
• Regulatory
• May require that UT position is known when
  operating in certain jurisdictions
• Billing
• Allows for zone/country based tariffs
• Expedites call setup process
• BGAN UT contains built-in GPS receiver
• GPS position reported (encrypted) to network as
  part of registration process
• Special circumstances mean that important
  government customers may find this facility an
  obstacle to purchasing the service

17
Solution disable position reporting

• Considerations
• Minimum level of UT position reporting for
  network access is required spot beam ID
• GPS receiver required in UT in order to determine
  its location and provide optimised operation
• Solution
• Disablement through a SIM feature
• UT translates GPS position to a spot beam ID
  using internal map
• Only spot beam ID reported to network
• UT operates discretely within a spot beam (200 -
  600 km diameter)

18
Solution disable position reporting
Position Reporting Disabled
19
Secure voice over 32kbps streaming IP BGAN
Service
20
Secure voice in the government sector

• Key application for both Civil and Military
  Government agencies
• Core Secure Voice traffic is low but stable and
  expected to remain stable

• Secure Voice is an enabler for BGAN Sales in
  Government Sector.
• Cost and Functionalities scrutinised by
  Procurement decision makers in that sector

• Secure Voice over 3.1kHz Audio Channel (64kb/s)
  does not cater for all markets
• Need for Cost Effective Secure Voice Solutions
  over BGAN

21
Solutions Technical

• The 4kbps Voice service cannot be used for
  encrypted voice
• Secure Voice over IP is the way forwardThe BGAN
  32kbps Streaming Class (IP) service can be used
  as transport mechanism for Encrypted Voice.

22
Broadband for a mobile planetTM