NATO Information Assurance - PowerPoint PPT Presentation

About This Presentation
Title:

NATO Information Assurance

Description:

NCISS Latina. Brunssum. Sector. Norfolk. Sector. Mons ... System privilege abuse. 16. IA Future. Increased capacity. Smarter tools. Centralized management ... – PowerPoint PPT presentation

Number of Views:94
Avg rating:3.0/5.0
Slides: 19
Provided by: ccc80
Category:

less

Transcript and Presenter's Notes

Title: NATO Information Assurance


1
NATO Information Assurance
5 June 2009
AFCEA TechNet Europe 2009
  • A NATO view of the application of Information
    Assurance Techniques

2
Outline
  • NC3 Organization
  • NCSA
  • NATO Information Assurance
  • Identity Management

3
NC3 Organization
4
NCSA Mission
To ensure the provision of secure end-to-end
information exchange services and information
processing services required for NATO
Consultation, Command and Control, using fielded
Communications and Information Systems in the
most cost effective manner.
5
Current NCSA Structure
NCSA HQ MONS
NCISS Latina
Total PE 3300
Deployable
6
NCSA Areas of Responsibility
7
INFOSEC -gt IA
  • NATO definition
  • NNEC enabler
  • Risk management
  • Strong authentication

8
SMI Services
  • Identity management
  • Credential management
  • Attribute management
  • Privilege management
  • Digital policy mangement

9
SMI Services
  • IA configuration management
  • Crypto key management
  • IA metadata management
  • IA audit managment

10
NATO Identity Management
  • EAPC(AC/322-SC/5-WG/5)WP(2009)0001
  • NATO Identity Management (NIdM)
  • AC/322-D(2005)0044
  • INFOSEC Technical And Implementation Guidance On
    Identification and Authentication
  • AC/322-D(2004)0024REV2
  • NATO Public Key Infrastructure (NPKI)
    Certificate Policy (CertP) Rev2

11
NATO Identity Management
  • Passwords
  • Tokens
  • Biometrics

12
NPKI
  • Information sharing
  • Effects-based approach
  • Improved decision making
  • Physical access control

13
NPKI Today
  • Office Communication Suite (OCS)
  • NATO Restricted (NR) network
  • NEKMS

14
NATO Information Assurance
  • Email Content Checking
  • Mail guards
  • OS/applications security settings
  • Forensic capability
  • Security event management
  • IDS
  • Firewalls
  • Anti-virus software

15
IA Threats
  • Spam
  • Malware
  • Web defacements
  • User indiscretions
  • Targeted attacks
  • Classified information leakage
  • Vulnerabilities exposed by poor maintenance
  • System privilege abuse

16
IA Future
  • Increased capacity
  • Smarter tools
  • Centralized management
  • Consolidated IA picture
  • Faster reaction

17
Conclusion
  • Speed up
  • Cooperate closely
  • Do not forget the human factor
  • Flexibility and mobility

18
  • Questions?
Write a Comment
User Comments (0)
About PowerShow.com