Information Sys Security Program

Abstract

Information Systems Security Program (ISSP) ensures the protection of Navy and joint cyberspace systems from exploitation and attack. Cyberspace systems include wired and wireless telecommunications systems, Information Technology (IT) systems, and the content processed, stored, or transmitted therein. ISSP includes protection of the Navy's National Security Systems and Information (NSSI). ISSP is the Navy's implementation of statutory and regulatory requirements specified in Federal Information Security Management Act of 2002 (FISMA, 44 U.S.C. section 3541), the Computer Security Act of 1987 (Public Law 100-235), Privacy Act of 1974 (5 U.S.C. section 552a, Public Law No. 93-579), National Security Act of 1947 (Public Law 235), Comprehensive National Cyber security Initiative (CNCI) National Security Presidential Directive 54/Homeland Security Presidential Directive 23 (NSPD-54/ HSPD-23), National Security Directive 42, Presidential Decision Directive 63, Executive Order 13526, Appendix III of Office of Management and Budget (OMB) Circular A-130 Revised, Committee for National Security Systems (CNSS) Policy 22, Chairman Joint Chiefs of Staff Instructions 6510.01F and 6510.02D, and Department of Defense (DoD) Directives 8500.01E, O-8530.01, and 8570.01. ISSP activities address the risk management of cyberspace defined in "The National Military Strategy for Cyberspace Operations", Chairman of the Joint Chiefs of Staff, Dec 2006, and of defensive Information Operations (IO) defined in Joint Publication 3-13; including the capabilities to protect, detect, restore, and respond. ISSP supports the entire Naval cyberspace domain from the mobile forward-deployed subscriber, through the ashore supporting critical information infrastructure, and the interconnection with other cyberspace domains. The interconnectivity of naval and joint networks, connections to allied and coalition partners, connections to the public information infrastructure, and their use in naval and joint war fighting means that Navy cyberspace is a higher value and more vulnerable target. Navy cyber systems face advanced attacks involving malicious changes to critical information, changes to the functionality of critical systems, denial of service (including jamming), and the destruction of systems and networks. Since many Naval cyber systems are based on commercially available technologies, an adversary often has access to the technologies they want to exploit. Rapid changes in the underlying commercial and government cyber infrastructures makes cyber security an increasingly complex and dynamic problem. ISSP provides the Navy's war fighter the essential information trust characteristics of availability, confidentiality, integrity, authentication, and non-repudiation. Information Assurance (IA), a key supporting cyber security activity, must evolve quickly to meet the rapidly evolving threats and vulnerabilities. Implementing ISSP requires rapid acquisition approaches to stay ahead of nation-states, terrorists, and criminal organization adversaries, among others. The ISSP program provides the Navy with the following cyber security elements: (1) defense of NSSI; (2) assured separation of information levels and user communities, including allied, coalition, non-Governmental, Defense Industrial Base, and other public partners; (3) technologies supporting the Navy's Computer Network Defense Service Providers (CNDSP) operations; (4) assurance use of the Navy's telecommunications infrastructure and the wireless spectrum; (5) assurance of joint user cyberspace domains, using a defense-in-depth architecture; (6) assurance of the critical computing base and information store; and, (7) supporting assurance technologies, including a Public Key Infrastructure (PKI). The ISSP program must be rapid, predictive, adaptive, and tightly coupled to cyberspace technology. Through modeling and simulation of Department of Defense (DoD) and commercial cyberspace systems evolution, the ISSP program provides architectures, products, and services based on mission impacts, information criticality, threats, vulnerabilities, and required defensive countermeasure capabilities. All ISSP RDT&E efforts comply with the National Technology Transfer and Advancement Act of 1995 (Public Law 104-113) as implemented through Office of Management and Budget (OMB) Circular A-119 of February 10, 1998, DoD Instruction 4120.24, Defense Standardization Program (DSP), and DoD Instruction 4120.3-M, Defense Standardization Program Policies and Procedures. The predominant commercial standards bodies in ISSP-related matters include International Organization for Standardization, American National Standards Institute, Institute of Electrical and Electronics Engineers, Internet Engineering Task Force, World Wide Web Consortium, and National Institute of Standards and Technologies. The joint interoperability required in today's telecommunications systems makes standards compliance a must and the ISSP RDT&E program complies with the joint technical architecture. The FORCEnet architecture and standards documents reflect this emphasis on interoperable standards. The connection of FORCEnet with the DoD Global Information Grid (GIG) requires all ISSP RDT&E activities to adopt a minimum standard of "best commercial IA practices." The ISSP program examines commercial technologies to determine their fit within Navy architectures, provides feedback to vendors about what the Navy requires, and participates in the standards bodies themselves. When necessary to protect mission critical systems specified in the Clinger/Cohen Act, ISSP RDT&E develops or tailors commercial and government technologies, standards, and processes to meet Navy-unique requirements; prototypes systems or portions of systems and examines their utility in operational Navy settings; and, provides Information Assurance (IA) expertise and engineering to Navy and joint information system developments. All ISSP technology development efforts endeavor to solve specific Navy and joint IA problems using techniques that speed transition to procurement as soon as possible. Maritime Operations Center (MOC) will respond to new technologies and advanced hardware and software tools to support the development and deployment towards automated autonomous Computer Network Operations (CNO) Network Operations (NetOps). Justification for Budget Activity: This program is funded under Operational Systems Development because it encompasses engineering and manufacturing development for the upgrade and integration of existing, operational systems. This includes cryptographic systems required to protect information defined in Title 40 United States Code (USC) Chapter 25 Sec 1452, and implements requirements in Executive Orders 12333 and 12958 and National Security Decision Directive 145. Major focus areas in FY13: Computer Network Defense (CND) - Continue to ensure that security of Navy networks meet the mandates and initiatives of DoD for securing the Global Information Grid (GIG). Continue to develop, integrate, and test defense-in-depth and situational awareness technologies for knowledge-empowered CND operations for afloat and ashore platforms. Continue to develop new capabilities into the Navy's Command and Control (C2) architecture via (Maritime Tactical Command and Control (MTC2)) and provide technical guidance to ensure CND requirements are met by Consolidated Afloat Network Enterprise Service (CANES). Continue the development and integration of DoD defined tools and capabilities including automation of reporting, monitoring, analysis and response as well as providing modernized patch management and host based security agent tools. For Maritime Operation Center (MOC) efforts in FY13, CND will leverage the Ozone Widget framework and the US Cyber Command Cyber Pilot architecture to deliver visualization and analysis tools in support of a NetOps COP at the C10F MOC. CND: Maritime Operations Center (MOC) - Assess the cyberspace network operations information dominance roadmap and as is architecture. Research government and industry automated autonomous information environment NetOps Common Operational Picture (COP) set of tools to provide the MOC the ability to maintain Command and Control (C2) of secure Communications Systems (CS) and conduct C2 Cyberspace NetOps. Integrate Cyberspace NetOps in the "to be" Navy C2 architecture. Cryptographic (Crypto)/Crypto Modernization - Continue the Link-22 Modernized Link Level Communications Security (COMSEC) (MLLC), Very High Frequency (VHF)/Ultra High Frequency (UHF) Wideband Tactical Secure Voice Cryptologic Equipment (VINSON)/Advanced Narrowband Digital Voice Terminal (ANDVT) Cryptographic Modernization (VACM), and Link-16 CM development efforts, and start the Suite B Navy implementation, Crypto Priority (Red) List, Key Management Infrastructure (KMI) Awareness for devices (e.g., iApp development), and Navy Crypto Future Requirements development efforts. Continue development of a crypto modernization plan for transmission security (TRANSEC) with National Security Agency (NSA) and other services. Key Management Infrastructure (KMI) - Continue KMI transition planning, strategy and requirements definition for incorporation of other KMI roles into Navy architecture. Begin capability, engineering development and verification testing support to KMI Capability Increment (CI)-2 Spiral 2 Spin 2. Continue supporting KMI transition working group meetings, Working Integrated Product Teams (WIPTs), Joint Working Groups (JWG), and developing white papers and supporting documentation for KMI. Provide requirements definition support of the next generation fill device and KMI CI-3. Investigate alternative KMI architecture implementations for submarine and other communities within the Navy. Provide engineering and analysis to a centralized configuration management and Crypto unit inventory tracking tool which will improve Electronic Key Management System (EKMS) and Crypto product management. Provide engineering and analysis to the intermediary Application (iApp) which will enhance KMI secure communications. Public Key Infrastructure (PKI) - Continue to develop Secret Internet Protocol Router Network (SIPRNet) PKI solutions, including the SIPRNet Validation Authority and Hardware Token. Research and test Defense Information Systems Agency (DISA) Online Certificate Status Protocol (OCSP) enhancements for certificate authentication in the Navy afloat and ashore environments. Ensure compatibility and interoperability of PKI with Computer Network Defense (CND) systems architecture. Ensure Navy compliance with new PKI related cryptographic algorithms and new certificates on the Common Access Card (CAC). Research and develop tools to support certificates for Non-Person Entity (NPE) devices.

Document Details

Document Type

R2 Budgetary Justification

Publication Date

Oct 01, 2013

Source ID

0303140N_7_1319_PB_2013

Change Summary Explanation

TKL Contract Award slipped from 2QFY11 to 3QFY11, IOC slipped from 4QFY12 to 1QFY13 and FOC slipped 4QFY14 to 1QFY15 due to delay in contract negotiations. KMI CI-2 MS C slipped from 2QFY11 to 1QFY12 and IOC shifted from 2QFY12 to 3QFY12 due to NSA schedule changes; FOC slipped from 4QFY14 to 1QFY17 to align to Chief of Naval Operations (CNO) ship availability. KMI CI-2 OA2 slipped from 4QFY11 to 3QFY12, IOT&E slipped from 1QFY12 to 3QFY12 due to NSA test schedule delays. TKL production First Article (FA) test slipped from 4QFY11 to 1QFY12 due to contract award delays. TKL Full Rate Production (FRP) Decision slipped from 2QFY12 to 3QFY12 due to contract award delays. KMI CI-2 Spiral 1 LRIP contract award slipped from 1QFY12 to 2QFY12 due to NSA schedule changes. KMI CI-2 Spiral 1 FRP slipped from 2QFY12 to 1QFY13; Spiral 2 FRP slipped from 4QFY13 to 1QFY14 due to NSA schedule changes. EKMS Phase V Software (SW) delivery end date shifted from 2QFY14 back to 1QFY13 due to accelerated fielding plan. TKL deliveries slipped from 1QFY12 to 4QFY14 to 1QFY13 to 1QFY15 due to contract award delay. KMI CI-2 Spiral 2 delivery Start Date slipped from 1QFY13 to 3QFY13 due to NSA schedule changes. KG-3X Inc 2 FRP Decision slipped from 2QFY11 to 4QFY11 due to contract delays. FRP Decision is driven by USAF (as lead service). KG-45A FOC moved up from 2QFY13 to 1QFY13 due to battlegroup availability. KW-46M IOC slipped from 2QFY11 to 2QFY12 to meet Common Submarine Radio Room (CSRR) Increment 1 v3 IOC. VACM MS C slipped from 1QFY13 to 3QFY13 and IOC slipped from 1QFY14 to 3QFY14 due to delay in US Air Force source selection. Milestones are driven by USAF (as lead service). KW-46M integration test slipped from 1QFY12 to 2QFY12 due to availability of Naval Undersea Warfare Center (NUWC) test lab. KG-3X Inc 2 delivery moved up from 3QFY13 to 4QFY12 to meet the NSA cease key date. KW-46M Common Submarine Radio Room (CSRR) delivery changed from 3QFY11 to 2QFY12 and 4QFY15 to 2QFY18 to meet CSRR inc 1v3 IOC. AN/PYQ-20 (C) delivery moved up from 4QFY14 to 1QFY13 due to ship/ submarine availability. VACM FRP delivery Start Date slipped from 3QFY13 to 1QFY14 due to Contract Award delay. CND Inc 2 IOC slipped from 1QFY11 to 4QFY12 to match Capabilities Production Document (CPD) signed 13 AUG 2010. CND MOC Network Operations (NetOps) Common Operational Picture (COP) development efforts transitioned to CND beginning in FY12 to continue development of Cyber MOC capabilities and "to be" architecture. CND Inc 2 deliveries represent system refreshes/ updates and continue beyond FOC. PKI Inc 2, Spiral 3 IOC slipped from 2QFY13 to 3QFY13 due to NSA/DISA schedule delays. PKI Inc 2, Spiral 1 IOT&E slipped from 2QFY11 to 3QFY11 due to NSA/DISA schedule delays.

Service Agency Name

Navy

Entities

Tags

Related Documents

• Child Project: Communications Security R&D
• Child Accomplishment: Computer Network Defense (CND)
• Child Accomplishment: Crypto/Crypto Modernization
• Child Accomplishment: Key Management Infrastructure (KMI)
• Child Accomplishment: Public Key Infrastructure (PKI)
• Child Accomplishment: Electronic Key Management System (EKMS)
• Child Accomplishment: Information Assurance (IA) Services
• Child Accomplishment: Maritime Operations Center (MOC)
• Child Cost Item: 8dd3d4178a9c5cf3ba5952809070cb8e
• Child Cost Item: 1369ee1fc1e781e2ad1a75ca5375ca71
• Child Cost Item: 74648c3cb0628d59e28d0b6ad88acc02
• Child Cost Item: aaba9eb32c1a92d97fd0724bd6ad3819
• Child Cost Item: 3e1d392739ff9e77dbe1e815037e0f12
• Child Cost Item: b2dd3c7b045e6ac174af0fabfcf23a31
• Child Cost Item: cb609bb3328df0c3b639487c42d95140
• Child Cost Item: b0032ec8f2096c1f18edb788dbd081e8
• Child Cost Item: 5bf0c2f073d0f2f456c0ae03c7b2f530
• Child Cost Item: e1ec2f9bd0bc92e941c4db6e83560d37
• Child Cost Item: 836f0c904d8ab2f6f4cab942795a31e5
• Child Cost Item: 84874500b0a0b805e6ed8d68d4749ecf
• Child Cost Item: 8b11f6b63f562dcd52cdeb55d35c73f1
• Child Cost Item: 9b256a9610731bc206fe6803e6857d74
• Child Cost Item: 94daa5249e96358ff2d2cfc66ff599c7
• Child Cost Item: f0afb9f130cd17ccc2a677d8bae80ab7
• Child Cost Item: 62249c150cb80102df06180e78a21b7d
• Child Cost Item: 4c6a9067f2d9f9f799c7a414766ed16b
• Child Cost Item: 19c6251504f71518d210e516c5dd0311
• Child Cost Item: a00adbba272380363997758b4bb7a967
• Child Cost Item: 09c5ddc23fae283572e468094a0f73a6
• Child Cost Item: a955c4f80beb16c0427be949165c67d7
• Child Cost Item: b5b0800b17113bc29b1447b8cf550d3b
• Child Cost Item: 299350c260699c64e9ab50ee8009adf4
• Child Cost Item: a04a86df85c23a859aedbafb3eaf7ba8
• Child Cost Item: 939faf5d94034d564fb00aad3f2ed97e
• Child Cost Item: eed9d6657d6f73bc85b520423dff8773
• Child Cost Item: 94210f06995060d08b2b9b0c567f18f9
• Child Cost Item: 8fb2387cfde11f432b5cdccb57937e57
• Child Cost Item: bb677ff3ebf976e194f3103576ff3448
• Child Project: Information Assurance
• Child Accomplishment: Information Assurance
• Child Cost Item: c358eb9c4845b5a5dda9c43737cd1af0
• Child Project: Congressional Adds
• Child Cost Item: c12f670aa65292016b101e982d9322c9
• Child Cost Item: 9de3ba90b85f8bfd9332ad2603280e01
• Child Cost Item: 272d80833ec8314923815e1b460a1b72