Computer Network Defence Situational Awareness – Information Requirements

PDF

Authors
  1. Lefebvre, J.H.
  2. Grégoire, M.
  3. Beaudoin, L.
  4. Froh, M.
Corporate Authors
Defence R&D Canada - Ottawa, Ottawa ONT (CAN)
Abstract
Military Forces are employing Network-Centric Operations as a force multiplier, which comes with increased vulnerability to attacks given the growing complexity of Information Technology (IT). Computer Network Defence (CND) focuses on managing the vulnerabilities and risk inherent in all computer networks. Current research in the field of CND Situational Awareness (SA) is focusing on a bottom-up approach of how to define meaning out of the abundance of sensor information. This paper focuses on defining the information requirements for CND SA from a topdown approach by analysing the larger mission questions asked by a Network Command coupled with existing work in SA. This paper asserts that Force Commands must define their Operational Capability Requirements in terms of distributed IT Services qualified in terms of confidentiality, integrity, and availability. Likewise, CND SA must provide feedback to the Command concerning defensive posture, risk, and impact using statements of potential and real reductions in these IT Services. The analysis shows that research into CND SA lacks a clear semantics for describing network missions, and an effective tool for modelling IT Services and network resources. Once these missing pieces are defined, then the existing CND SA research on managing low-level network events becomes meaningful.

Il y a un résumé en français ici.

Keywords
computer network defense;network situational awareness;computer security;network risk management;information warfare;network security model
Report Number
DRDC-OTTAWA-TM-2005-254 — Technical Memorandum
Date of publication
01 Dec 2005
Number of Pages
40
DSTKIM No
CA029033
CANDIS No
527239
Format(s):
CD ROM

Permanent link

Document 1 of 1

Date modified: