IT Security in the Armed Forces: News and Discussion

Locked
George J

IT Security in the Armed Forces: News and Discussion

Post by George J »

With the recent banning of flash drives by the IA and the dismissal of senior IN officers both related to flash drives, it bring up important facets of data security. We are well aware that the forces are gearing towards going network centric and there is a high level of "computerization" and use of IT from the mundane (stores) to the magnificant (mission planning).

There is no turning back on the use of IT but then solutions need to found the portablity and nature of portability for sensitive data. Do you ban this altogether? Does that automatically island the system, does islanding the system restrict it usage in a "network centric" environment?

This thread is the gather information and discuss viable solutions to the problem. Whats the current state of the art in industrial/private sector environment? What do R&D facilites use to protect their data? Can systems and hardware be modified for use in the Indian context.

At the very least are they policies and products that prevent/restrict the use of portable storage devices in other settings? Like can a sys.admin or network security person be kept informed about who is downloading to an attached device? Can you restrice access to USB type devices by username/title?

Army Ban Link

Navy admits lapses; 3 under close arrest
ravula
BRFite -Trainee
Posts: 5
Joined: 19 Apr 2003 11:31

Post by ravula »

Link to Intel

Security
Security is at the forefront of many applications, and several Intel Flash products are now equipped with two 64-bit OTP protection registers. These one-time programmable registers can be used to increase system security. Intel factories program a unique, unchangeable 64-bit number into the OTP, and the other 64-bit register can be programmed by the customer as desired. Once programmed, the customer segment can be locked to prevent further reprogramming. The OTP information can be used for manufacturing tractability and/or a small-encrypted security key for system authentication.
Tilak
BRFite
Posts: 733
Joined: 31 Jul 2005 20:19
Location: Old Lal Masjid @BRFATA (*Renovation*)

Post by Tilak »

NSA: How They Spy
Declan McCullagh and Anne Broache have put together a fascinating pair of stories for News.com that outline what the NSA's domestic spying program might look like. Part one surveyed telecom companies, to find out which ones cooperated with the spooks. Part two sketches out how the NSA might be able to listen in. A few excerpts are below. But do yourself a favor and read the whole thing.

99 percent of the world's long-distance communications travel through [undersea] fiber links... It's easiest to tap those underwater cables when they make landfall instead of trying to do it underwater, analysts say.

"The easiest thing to do would be to somehow get an agreement with a provider and just simply co-exist in a building, one of the main fiber stations, (peering) points or whatever. In other words, work out something with either a long-haul provider or with an employee." ...


Phill Shade, a network engineer for WildPackets who is the company's director of international support services, says such interception would be easy, at least for the NSA. WildPackets sells network analysis software.

An eavesdropper could just "take something off the shelf and use it to make copies of traffic and just save the copies," Shade said. "Our software captures packets; the data recorder stores terabytes of information. We use it for forensic analysis and troubleshooting networks. When you call back and say, 'I was hacked Tuesday night at 11:30,' we look back and see what was going on Tuesday night."

Making sense of that massive volume of data is not exactly trivial. While it may be easy to perform keyword searches and identify flagged names and phone numbers, detailed analysis typically takes human intervention. "For the near future, at least, our ability to gather info through various surreptitious and open means is going to be a lot better than our ability to analyze it," said Richard Hunter, vice president of executive programs at Gartner Group...

Because of the way that the Internet backbone and the telecommunication network are structured, NSA operatives likely would not have to leave the country to install taps. The vast majority of Internet traffic is routed through switches on American soil, which can be directly monitored with (or without) the cooperation of backbone providers...

In 2005, an estimated 94 percent of that "inter-regional" traffic passed through U.S. switches, Mauldin said. Many other communications links run around in the U.K., a country that has a history of sharing communications intelligence with U.S. spy agencies. :eek:

That's a boon to the NSA, which reportedly carries out its surveillance activities in a "wholesale" way. That means it potentially scoops up millions of phone calls and e-mail messages and feeds the data to its supercomputers--considered some of the most powerful and plentiful in the world--to comb for red flags and people on a so-called watch list.

Undersea fibers in use today tend to run in the single to hundreds of gigabits-per-second range, according to a map prepared by TeleGeography Research, which amounts to a manageable amount of traffic that could be forwarded to a surveillance station through a second fiber-optic cable and archived for future analysis.
Dileep
BRF Oldie
Posts: 5882
Joined: 04 Apr 2005 08:17
Location: Dera Mahab Ali धरा महाबलिस्याः درا مهاب الي

Post by Dileep »

Can you restrice access to USB type devices by username/title
Very first thing to do is to ban Windoze. There is no point in wearing a fishnet and compaining of cold. And yes, Linux can access control USB or any device for that matter. If the driver doesn't support it, you can rewrite it before lunch.

And why do you need USB? Remove all communication ports except the ethernet connection. Any data transfer should happen over the network. Why does anyone need local data transfer at all?

And how do you protect from hackers. simple, do not connect your critical network to the Internet. Low sensitivity office workstations should use a proxy. For high sensitivity locations, provide a cybercafe in the building.

Network centric does not mean you hook up your op room network to the web. Hell, you shouldn't even get a broadband line to that building :twisted:
George J

Post by George J »

I am pretty certain that the IN has gone for Windooze in a big way. You need local data transfer for documents and presentations etc. Thats why ppl carry flash drives and how folks managed to d/l stuff.

The very fact that they found out WHO was d/l WHAT stuff and then caught them means that someone is paying attentions somewhere...its the preventions part that needs to be addressed. Thats why account based access. This means only someone high up can d/l stuff and this person should made fully aware of what this priviledge entails.

I work on a daily basis with terrabytes of patient identifiable data and trust me its been drilled into our heads (the select few who have this privilege) what that means and what one slip up would mean to our careers and existance.. Its really that zimble.
Dileep
BRF Oldie
Posts: 5882
Joined: 04 Apr 2005 08:17
Location: Dera Mahab Ali धरा महाबलिस्याः درا مهاب الي

Post by Dileep »

You need local data transfer for documents and presentations etc. Thats why ppl carry flash drives and how folks managed to d/l stuff.
Sure. You can allow that to people with certain level, and that too with a record being kept. It is not difficult to implement those. Even tax firms do that, and any two bit database software company can write that before lunch.

But hey, we are the land of burocrazy and procedures! Why can't we institute a procedure where you request the IT guy (in triplicate) for a flash drive with certain file copied?

See, the real security problem is NOT people copying files to flash drives. The problem is people themselves being compromised. You need to have a multi layer security strategy to thwart that. IT just opens more doors and make it easier for people to do mischief that's all. Earlier people had to take a photo or AQK to copy something, now you can copy to flash. Isn't it easier to thwart a flash drive than a micro camera?

And finally, net centric warfare has nothing to do with it either. Net centric does not mean you hook up your "Pichaththi" missile launch station to the web and access it over the web from a PC at a command station.
Locked