Next in SIGNAL's webinar series, "Securing the Data Center: A DOD Architecture for Information Assurance" will take place on May 7, 2009 at 11:00 AM ET. Targeted attacks by hackers and insiders are aimed where they'll do the most damage and where the most valuable assets are located - the agency data center. Government agencies can increase protection and reduce operational costs when security issues are considered at the very beginning of data center planning. So it's ironic that data center security is often an afterthought.
Say the words “security clearance” in a conversation with defense contractors, and the vast majority has a tale to tell of long waits and missed opportunities. Those two words have people in Washington, D.C., talking too. For two years, the organizations in charge of the security clearance process have worked hard to improve it. But for many, the time for revamping the old is over, and the time for creating a new process has begun.
The requirement to protect information and the necessity to share information frequently conflict, but government and industry obligations to do both effectively, efficiently and simultaneously now are connecting these two near opposites. A partnership of companies, both large and small, is combining resources and skills to enable the government to provide information to those who need it while denying access to those who do not.
Advances in computer network security are empowering network-dependent organizations to address the sobering fact that a majority of threats to proprietary information today originate within the pool of authorized users. A new off-the-shelf software application that monitors the flow of data through a network enables organizations to counter internal threats to sensitive information by identifying the source of a violation. The U.S. Defense Department is exploring the software as a way to address its security concerns.
Software designers are applying artificial intelligence principles to new computer security systems. These tools and protocols create the potential for agile software capable of quickly identifying and responding to new threats.
The company that created the secure sockets layer to manage network message transmission security, and today opens the Internet to tens of millions of people around the world, is now collaborating with the U.S. Defense Department to secure cyberspace communications and transactions.
The greatest threat to U.S. security may come from internal software or hardware trapdoors lying dormant in the nation's critical infrastructure. The digital equivalent of Cold War moles, these hidden threats would serve as access points for criminals, terrorists or hostile governments to extort money, impel foreign policy appeasement or ultimately launch crippling information attacks on the United States.
The mechanical principles that protect personal belongings inside a high school locker may hold the key to guarding digital assets. Creators of a miniature combination lock, which consists of six gears that together are the size of a shirt button, believe the device guarantees that systems can be shielded from invasions with a one-in-a-million chance that an intruder can break the code.
Researchers at Sandia National Laboratories are developing an architecture to eliminate threats to thin-client computer networks. These networks rely on applications servers to drive desktop workstations. Coupling security elements that will evolve from their work with commercial technology, the scientists hope to create a computing environment that offers increased flexibility and accessibility for network users without compromising security.
Researchers are developing a programming language that enables different computer intrusion detection and response applications to communicate with each other, offering users a more complete defense against cyberattacks. The goal of the common intrusion detection framework is to allow interoperability among the variety of security components that reside on a single network.
Researchers at the Department of Energy's Sandia National Laboratories have developed a new encryption device that promises the security and bandwidth accommodation necessary to scramble various types of data at speeds unmatched by many other encryption technologies.
Future military cyberspace security may require next-generation network management and intrusion detection systems that combine both short-term sensor information and long-term knowledge databases to provide decision-support systems and cyberspace command and control. Sophisticated computer hardware and software would identify a myriad of objects against a noise-saturated environment. Cyberspace command and control systems would track the objects, calculate the velocity, estimate the projected threats, and furnish other critical decision-support functions.
Uncertainty surrounding a patchwork of commercial information security products hurriedly placed in use on U.S. Defense Department computers and networks is reshaping policy. Successful test and evaluation of these products in specified laboratories will soon become a prerequisite for procurement by military services and defense agencies.
As evaluation policy emerges, the National Security Agency (NSA) is embarking separately on a major long-term program to modernize the inventory of high-grade cryptographic devices. The new cryptography will exploit technology to keep pace with modern communications as bandwidth applications change.
The adoption of networked systems and the prevalence of Internet use have created the potential for unauthorized access to critical data. U.S. Defense Department officials believe that uncontrolled Internet connections pose a significant and unacceptable threat to all of their information systems and operations. Ensuring secure transmissions and the authenticity of data while allowing users to connect from remote locations requires high levels of security.
To protect information systems from security breeches, organizations increasingly are embracing a comprehensive strategy that relies on both technology and enforced policies. Meanwhile, the legal system has been hard pressed to keep pace with information system protection issues, leaving many questions unanswered about how far businesses may go to protect their systems.
The convergence of telephone and Internet protocol networks holds great promise, according to industry experts, leading vendors and the press. However, an increasingly converged network also increases the risk factor associated with securing voice and other real-time communication streams. These risks are not limited to Internet-protocol-based networks; traditional time division multiplexing networks also are vulnerable.
The communications sanctity inherent in secure telephone units is migrating into the cellular arena with a new generation of handheld devices no larger than conventional commercial mobile telephones. These telephones are designed to provide high-level government and military secure cellular communications while also being able to serve the commercial arena.
The spread of information and networking technology into virtually all corners of the globe is spawning new opportunities for criminals and terrorists to wreak havoc through the Internet. The dichotomy of system complexity and ease of individual use has created a target-rich environment across the entire realm of cyberspace.
Protecting the average business computer from a barrage of malicious network intrusions is high on the priority list of many of today's World Wide Web-based organizations. In a move to step up research in network security technology, the U.S. Navy is contracting out a three-year effort to pursue security systems development.
Threats to government and private sector computer systems continue to evolve in new and unexpected ways. These challenges come from a variety of groups such as hackers, terrorists and, increasingly, radical political and social activists.