Information Sys Security Program

Abstract

Information Systems Security Program (ISSP) ensures the protection of Navy and joint telecommunications and information systems from exploitation and attack. ISSP is the Navy's implementation of statutory and regulatory requirements specified in Presidential Decision Directive 63, the Computer Security Act of 1987 (Public Law 100-235), Appendix III of Office of Management and Budget (OMB) Circular A-130, and Department of Defense Directive 8500.1. ISSP activities address the triad of defensive information operations defined in Joint Publication 3-13; protection, detection, and reaction. Focused on FORCEnet supporting the mobile forward-deployed subscriber, the Navy's implementation of network-centric warfare places demands upon the ISSP as the number of users dramatically increases and the criticality of their use escalates. Today, the ISSP protects an expanding core service critical to the effective performance of the Navy's mission, supported by Mission Assurance Category 1 systems and crypto modernization requirements with Chairman Joint Chiefs of Staff Instruction 6510. The interconnectivity of naval networks, connections to the public information infrastructure, and their use in naval and joint war fighting means that FORCEnet is an easier attacked and higher value target. The types of possible attacks continue to grow. In addition to the traditional attacks that involve the theft or eavesdropping of information, Navy information and telecommunications systems face advanced attacks involving malicious changes to critical information, changes to the functioning of critical systems, denial of service (jamming), and the destruction of systems and networks. Since many naval information systems are based on commercially available technologies, an adversary often has access to the very technologies they want to exploit. The rapid change in the underlying commercial and government information infrastructures makes the security an increasingly complex and dynamic problem. ISSP provides the Navy's war fighter the essential information trust characteristics of availability, confidentiality, integrity, authentication, privacy, and non-repudiation. Information Assurance (IA) technology mix and deployment strategies must evolve quickly to meet the rapidly evolving threats and vulnerabilities. The ISSP Research Development Test & Evaluation (RDT&E) program provides the Navy with these essential IA elements: (1) assure separation of information levels and user communities, including coalition partners; (2) assurance of the telecommunications infrastructure; (3) assurance of joint user enclaves, using a defense-in-depth architecture; (4) assurance of the computing base and information store; and, (5) supporting assurance technologies, including a Public Key Infrastructure (PKI). ISSP RDT&E program is predictive, adaptive, and coupled to technology by modeling Department of Defense (DoD) and commercial information and telecommunications systems evolution (rather than being one-time developments). The program develops frameworks, architectures, and products based on mission threats, information criticality, exploitation risks, risk management, and integrated joint information system efforts. All ISSP RDT&E efforts comply with the National Technology Transfer and Advancement Act of 1995 (Public Law 104-113) as implemented through OMB Circular A-119 of February 10, 1998, DoD Instruction 4120.24, Defense Standardization Program (DSP), and DoD Instruction 4120.3-M, Defense Standardization Program Policies and Procedures. The predominant commercial standards bodies in ISSP-related matters include International Organization for Standardization, American National Standards Institute, Institute of Electrical and Electronics Engineers, Internet Engineering Task Force, World Wide Web Consortium, and National Institute of Standards and Technologies. The joint interoperability required in today's telecommunications systems makes standards compliance a must and the ISSP RDT&E program complies with the joint technical architecture. The FORCEnet architecture and standards documents reflect this emphasis on interoperable standards. The interconnection of FORCEnet into the DoD Global Information Grid (GIG) requires all ISSP RDT&E activities to adopt a minimum standard of "best commercial IA practice." The ISSP RDT&E program examines commercial technologies to determine their fit within Navy architectures, provides feedback to vendors about what the Navy requires, and participates in the standards bodies themselves. When necessary to protect mission critical systems specified in the Clinger/Cohen Act, ISSP RDT&E develops or tailors commercial and government technologies, standards, and processes to meet Navy-unique requirements; prototypes systems or portions of systems and examines their utility in operational Navy settings; and, provides IA expertise and engineering to Navy and joint information system developments. All ISSP technology development efforts solve specific Navy and joint IA problems using techniques that speed transition to procurement as soon as ready. Maritime Operations Center (MOC) will respond to new technologies and advanced hardware and software tools to support the development and deployment towards automated autonomous computer network operations (CNO) network operations (NETOPS). JUSTIFICATION FOR BUDGET ACTIVITY: This program is funded under OPERATIONAL SYSTEMS DEVELOPMENT because it encompasses engineering and manufacturing development for upgrade and integration of existing, operational systems. This includes cryptographic systems required to protect information defined in Title 40 United States Code (USC) Chapter 25 Sec 1452, and the ISSP cryptographic RDT&E program is the implementation of requirements in Executive Orders 12333 and 12958 and National Security Decision Directive 145. Major focus areas in FY12: Computer Network Defense (CND) - Continue to ensure that security of Navy networks will meet the mandates and initiatives of DoD for securing the GIG by continued development of system management capabilities to enforce proactive afloat/shore fleet level security policies across the Navy computer network. Continue the development and testing of security situational awareness technologies for knowledge-empowered CND operations for both afloat/shore installations. Continue to develop capabilities into Common Computing Environment (CCE) and Afloat Core Services (ACS) and provide technical guidance to ensure CND requirements are met by Consolidated Afloat Network Enterprise Service (CANES). Continue the development of patch management and host based security agent tools that promote the integration of CND capabilities (monitoring, detecting, analyzing, and responding). Cryptographic (Crypto)/Crypto Modernization (CM) - Continue the Link-22 Modernized Link Level Communications Security (COMSEC) (MLLC), Very High Frequency (VHF)/Ultra High Frequency (UHF) Wideband Tactical Secure Voice Cryptologic Equipment (VINSON)/Advanced Narrowband Digital Voice Terminal (ANDVT) Cryptographic Modernization (VACM), and Link-16 CM development efforts, and start the Suite B Navy Implementation, Portable Radio Program (PRP), Demand Assigned Multiple Access (DAMA), Secure Voice Over Internet Protocol (SVoIP) and Navy Crypto Future Requirements development efforts. Develop a crypto modernization plan for transmission security (TRANSEC) with National Security Agency (NSA) and other services. Electronic Key Management System (EKMS)/Key Management Infrastructure (KMI). Continue EKMS to KMI transition planning. Continue transition strategy and define requirements for incorporation of other KMI roles into Navy architecture. Provide support to KMI Capability Increment 3 kickoff and program implementation. Continue supporting KMI transition working group meetings, developing white papers and support documentation for KMI. Provide requirements definition support of the next generation fill device. Public Key Infrastructure (PKI) - Continue to develop Secret Internet Protocol Router Network (SIPRNet) PKI solutions, including the SIPR Validation Authority (SVA), and SIPR Hardware Token. MOC - Assess the cyberspace network operations information dominance roadmap and as is architecture. Investigate government and industry automated autonomous information environment network operations (NETOPS) common operational picture (COP) set of tools for applicability to provide the Maritime Operations Center the ability to maintain Command and Control (C2) of secure Communications Systems (CS) through the ability to analyze and determine optimal method of conducting C2 cyberspace NETOPS. Develop the cyberspace NETOPS to be architecture.

Document Details

Document Type

R2 Budgetary Justification

Publication Date

Oct 01, 2012

Source ID

0303140N_7_1319_PB_2012

Change Summary Explanation

Schedule: EKMS TKL production FA Test slipped from 2Q 2010 to 4Q 2011 due to contract delays and NSA testing requirements. No RDT&E funding impact. EKMS TKL production FRP decision slipped from 3Q 2010 to 2Q 2012 due to contract delays and NSA strategy requiring First Article (FA) test to be completed first. No RDT&E funding impact. Crypto - Link -22 MLLC prototype contract award slipped from 1Q 2011 to 2Q 2011 due to delays in source selection process. No risk to FY11 effort. Crypto - VACM MS C slipped from 4Q 2012 to 1Q 2013 due to delay in US Air Force source selection. Crypto - KW-46M production integration test moved from 4Q 2010 to 2Q 2011 due to delay in NSA providing certified Test key for testing. No RDT&E funding impact. CND Inc 2 CPD slipped from 3Q 2010 to 4Q 2010 due to delay of mission area determination. No RDT&E funding impact. CND Inc 2 DT Assist/OA slipped from 2Q 2011 to 3Q 2011 due to delay in Critical Design Renew (CDR)/Test Readiness Review (TRR) schedule and revised testing schedule from COMOPTEVFOR. No RDT&E funding impact. CND Inc 2 Production RFP and contract award milestones removed from schedule. Existing contract strategy was deeemed sufficient. Funding: ($-2.186M) from PB11 to PB12 in FY12 reduction reflects ramp down of CND, CMPO and KMI systems engineering efforts. Technical: N/A

Service Agency Name

Navy

Entities

Tags

Related Documents

• Child Project: Communications Security R&D
• Child Accomplishment: Computer Network Defense (CND)
• Child Accomplishment: Crypto/Crypto Modernization
• Child Accomplishment: Key Management Infrastructure (KMI)
• Child Accomplishment: Public Key Infrastructure (PKI)
• Child Accomplishment: Electronic Key Management System (EKMS)
• Child Accomplishment: Information Assurance (IA) Services (formerly IA Architecture)
• Child Accomplishment: Maritime Operations Center (MOC)
• Child Cost Item: 728bb5585adb94f93ba3126ac751b704
• Child Cost Item: c3c71ad72dcdcb9defb3ce09b5c5c2cb
• Child Cost Item: 6fbcdd16b6b3a29998cb358e5cf8d255
• Child Cost Item: 1c6a75a35c4941cb254cd6b839eb4d1b
• Child Cost Item: 192416dc9367c76ea12e0165ebf40e5e
• Child Cost Item: ca569651bc792537b6971a3219f97e03
• Child Cost Item: 6fa55d9753bf9f5fb9c41f233867c5ac
• Child Cost Item: 29a0358adb3ffbb9e77990d4cc2bca87
• Child Cost Item: e5c170d0c48aeef11287a69e42ca5cad
• Child Cost Item: 74d2bdfc8cc6abb0638f057e657ba929
• Child Cost Item: 79ff5ec2581b903a01e8300249354fe2
• Child Cost Item: 6cbc176e883874b4fa881b1caa12fef5
• Child Cost Item: e953a6319dcf40f5f9c8f0c41087152d
• Child Cost Item: cef43d456d895c1b04c000a795040ea2
• Child Cost Item: 5c52f6489b457265c06126cb90ab80c8
• Child Cost Item: ee9fff2760bff15420e57a156a56cb34
• Child Cost Item: 7cec7bb63fd65b800e8770d5f47c01dc
• Child Cost Item: 0e7d58175b9dac8700fcfad98f004361
• Child Cost Item: e5df3c9ecdb26f1cf3617dc7e6626f01
• Child Cost Item: 79a912d156fd3c0e715fe55de24ce195
• Child Cost Item: e1aeeb1cd7b96caac5f278ba15b9b7b1
• Child Cost Item: df531920e504a4f385c65271b30148a4
• Child Project: Information Assurance
• Child Accomplishment: Information Assurance
• Child Cost Item: 9d179e7208e192e0e2fd7e5ae9da8cc5
• Child Project: Congressional Adds
• Child Cost Item: 25aae1e77e764f98507fc7cb46a7d93d