afspc certification and accreditation tf titransformation july 2012 v2.pdf · certification and...
Post on 30-Aug-2018
230 Views
Preview:
TRANSCRIPT
AFSPCCertification and
Accreditation T f tiTransformation
19 July 2012
Douglas Rausch, Col, USAFChief, Cyber Surety Division
UNCLASSIFIEDUNCLASSIFIED
A Changing Environment
• GPS I (1978 – 1985)• GPS II (1989 – ?)• GPS III (2014 - ?)
215 Feb 11UNCLASSIFIED 215 Feb 11UNCLASSIFIED
UNCLASSIFIEDUNCLASSIFIED
Another Changing Environment
• 1970s: Phone phreaks• 1983: 414 Gang, breaks into ~60 computers, Los Alamos Labg, p ,• 1988: Morris Worm• 1989: Five west German computer users arrested on espionage
charges for breaking into US systems and selling info to KGBcharges for breaking into US systems and selling info to KGB• 1995: Kevin Mitnick arrested• 1996: GAO report - hackers attempted to break into DoD
computers more than 250 000 times - 65% success ratecomputers more than 250,000 times - 65% success rate• 2007: Estonia suffers massive DoS• 2009: Conficker
2010 O ti A St t• 2010: Operation Aurora, Stuxnet• 2011…: wikileaks, Anonymous, Flame
315 Feb 11UNCLASSIFIED 315 Feb 11UNCLASSIFIED
UNCLASSIFIED
And Another Changing Environment
Today: Reactive & Inefficient ProcessesToday: Reactive & Inefficient Processes
ee Tomorrow: Proactive & Operational ProcessesTomorrow: Proactive & Operational Processes
Drive
DriveProcess mapping &
li
C&A Transformation
Documented, repeatable, agile, mission focused C&A Yo
u Yo
u Th
ere
Ther
e
Current State Future State
Tomorrow: Proactive & Operational ProcessesTomorrow: Proactive & Operational Processes
Undocumented, unrepeatable e Change
e Change
Risk assessments derived from
Unmeasured performance
strategy alignment
Metrics implementation
g ,process
Won
’t G
et
Won
’t G
et YY processes
Risk management
Metrics across processes and Stake‐holders
Repeatable, threat i t d i k A
ir Force A
ir Force
Risk assessments derived from controls versus threats
ou
ou H
ere
WH
ere
W
Governance difficult to locate and navigate
framework, ACA implementation
Governance overhaul
oriented risk management framework
Cross‐functional consolidated governance
e Wide
e Wide
Multiple customer portals SharePoint development
hat G
ot
hat G
ot Y
oYo
Lack of tools, automation and standardized workflow
t
Tools and technology research Implementation of standard tools,
technology and TTP for C&A
Consolidated customer portals, online resources and standard workflow management
415 Feb 11UNCLASSIFIED
Wh
Wh management technology and TTP for C&A
Training and TTP success reliant on industry standards
Standardize TTP for AF & Space application Consistent application of controls
to reduce risk – operationally focused for ease of use
UNCLASSIFIED
Organization and AuthoritiesDoD Chief Information
OfficerOSD/CIO
Space DAA/CIOUSSTRATCOM/CC
AF DAA/CIOSAF/A6
AF & Space DAAAFSPC/CC
Space SIAOUSSTRATCOM
AF SIAOSAF/A6
AF & Space DAA (Signatory)
HQ AFSPC/A6
Space CAHQ AFSPC/A6S
AF CAAFNIC
AF CARAFNIC
Space CARHQ AFSPC/A6SS
515 Feb 11UNCLASSIFIED
UNCLASSIFIED
Future Changes to C&A Policy
National Institute of Standards and Technology IA Risk Management Framework
The Committee on National Security Systems
National Information Assurance Policy for Space Systems Used to Support National Security Missions
615 Feb 11UNCLASSIFIED
UNCLASSIFIED
Risk Management FrameworkAFSPC Certifying Authority (CA) Risk Determination
Inputs:Inputs to the CAInputs:
• SIP• POA&M
A hit t /B d
Evaluate Likelihood
Present Risk
• Architecture/Boundary• Independent Validation
ReportsEvaluate Determine ImpactRisk Rating
Outputs:• Likelihood 5x5• Impact 5x5
715 Feb 11UNCLASSIFIED 2
• Overall risk rating
UNCLASSIFIED
Risk vs. Compliance Based Approach
Evolving AFSPC methodology based on NIST Risk Management Framework and best in class approaches
Traditional Compliance Traditional Compliance Based Assessment Based Assessment
Future State Risk Based Future State Risk Based AssessmentAssessment
Control BaseCounters generic threats
Team approach to select IA controls during system development - considering
Mission & Threat FocusMission & Threat Focus
threat environment
Risk ToleranceEarly senior leaderBased on generic
mission setsEarly senior leader approval of security prioritiesOps Constraint AwareOps Constraint Aware
815 Feb 11UNCLASSIFIED 6
Results in greater focus on critical security items, elimination of items Results in greater focus on critical security items, elimination of items within risk tolerancewithin risk tolerance, and , and control control reductionreduction
UNCLASSIFIED
CNSS Space WG
• Revising CNSSP No. 12, National IA Policy for Space Systems Used to Support National Security Missionsy pp y• Changes needed due to:
• National Space Policy increasing reliance on commercial launch and payload hosting
• Greater interconnectivity with/reliance on non-space systems • Increased threats to space systems resulting from above
• Aligns policy to current CNSS and NIST issuances, also directs:• TRANSEC and COMSEC in integrated systems
engineeringSupply chain risk management• Supply chain risk management
• Need to secure all telemetry, command uplinks• Integration with Computer Network Defense
capabilities
915 Feb 11UNCLASSIFIED 6
capabilities• Info security for all applicable space systems
(gov’t, cmcl, foreign, R&D)
UNCLASSIFIED
CNSS WG Next Steps…
• CNSSP No. 12 out for review by CNSS Committee• Identified challenges beyond current scope of CNSS Space WG thatIdentified challenges beyond current scope of CNSS Space WG that
should be addressed in future actions including: • Expand policy to incorporate evolving cyber security practices (e.g.,
greater interconnectivity with commercial space assets)greater interconnectivity with commercial space assets)• Detailed Risk Management Framework implementation guidance for
space systems; how to effectively manage risk looking at full range of options available to system owners/operators/usersp y p
• Extend policy to further secure space systems U.S. relies upon but doesn’t build, own, and/or launch
• Complete Space Overlay coordination, publish as annex to CNSSIComplete Space Overlay coordination, publish as annex to CNSSI 1253
CNSS Space Working Group will continue to be venue for
1015 Feb 11UNCLASSIFIED 9
AFSPC to guide space system Information Assurance Policy
UNCLASSIFIED
Agent of the Certifying Authority
• Licensed, qualified agents to validate IA control compliance for the Certification Authority (CA)
• Provides independent assessment of IA posture• Performs hands-on validation and recommends mitigations
• Requirements: • Team lead with DoD 8570.01-M IAM Level III certification
• Minimum of 8 years high-level (enterprise preferred) IT experiencey g ( p p ) p• Minimum of 5 years of senior level IA experience
• Technical team to perform assessments
• Benefits:• Standardized and repeatable risk assessments
Decreases certification time frame
1115 Feb 11UNCLASSIFIED
• Decreases certification time frame• Technical staff on-site bridge the gap between programs and CA
UNCLASSIFIED
Example 1 - CHIRP
Commercially Hosted Infrared Payload (CHIRP)• Supports infrared sensor system development• Multi-national manufacture checkout launchMulti-national manufacture, checkout, launch• Required rapid C&A of SV to meet schedule• CHIRP assessed as a MAC III, Classified System
• IAW current DoDI 8500.2, 105 total IA controls could apply• Expended 145-180 staff hours negotiating N/A controls• 33 compliant, 2 non-compliant, 70 (i.e., 67%) not applicable
• Under upcoming revision to DoDI 8500.2 same MAC III/Classified could require 500 controls vice the 105 initially indicated for CHIRP
• Greater number of controls provides higher granularity to apply only IA controls needed for risk exposure but does require greater work at outset to ensure proper selection
• Space Overlay and NIST IA controls for space systems developed by AFSPC and others• Augment general IT controls with those specific to space system environment/threatAugment general IT controls with those specific to space system environment/threat• Trims about 21% of controls/enhancements providing finer tuned IA requirements with
less staff effort
Space Overlay is common starting point – adjusted security controls baseline.
1215 Feb 11UNCLASSIFIED 8
Space Overlay is common starting point adjusted security controls baseline. Pre-negotiated tailoring/supplementing helps developers, assessors, and AOs
minimize the effort to select a system-specific baseline.
UNCLASSIFIED
Example 2 – Eastern/Western Range
1315 Feb 11UNCLASSIFIED
UNCLASSIFIED
Western Range
OpticsEnclaveMOPT ROTI
WeatherEnclave
DASS IWX LLPS MARS MIDV
Mobile Surv
EnclaveFMS
EnclaveMOPT ROTI DOAM
MARS MIDV WIND AMPS AWIP RTAM
MARSS AMPS2
Commhub (B7011) Svcs Enclave
CMTS CRTF DVRS GRCS LTTS
Command Destruct Enclave
CCT1, CCT3, CCT4, CCT4.2, CCT6,
CRMV RFMV RSMV TMV1
TMV2
VAFB Radar Enclave
FMS
VTRS Sensitive EnclavePDTS MOBL
Pillar Pt Class Enclave
PPQ6 PTRS PTRS2
CMTS, CRTF, DVRS, GRCS, LTTS, VREC, VSSR, WRVS CCTM, CCS (B7000 & WROCC),
CCPSV161, HAIR, VQ18
Pillar Pt SensitiveEnclavePOVS PDTS
VTRS Classified EnclaveVTRS VTRS2 PDTS, MOBLPPQ6, PTRS, PTRS2
WROCC Classified Enclave
CTPS, FDIO, FOA, INF (Class), LSVD RWRV
POVS, PDTS
WROCC Sensitive Enclave
RSTA, TEMS, INF (Sens), VRAC, OSS PTTC GPPM
B7000 Classified Enclave
ADS, COTS, DIPS, MDDS, MDPS, RSC, RSDS, RSTS, TAER, TIPS,
B7000 Sensitive Enclave
APCA, CCMS, CDGN, MFTC, OMSS UMSS BDMS
VTRS, VTRS2
Communications Infrastructure Classified Enclave
NCT, ECDL
LSVD, RWRV
Communications Infrastructure Sensitive Enclave
SMFO, SNDS, MICR
OSS, PTTC, GPPM CMSS, RDMS OMSS, UMSS, BDMS
1415 Feb 11UNCLASSIFIED
85 unsustainable boundaries reduced to 17 geographically/functionally based boundaries
UNCLASSIFIED
Eastern Range
Timing Enclave
Legacy, THAMS, TWSTT
OpticsSensitiveEnclave
DRED
SurvEnclaveGPN 30, SCDS, SSR-N, SSR-S
Wx Sensor Enclave4DLSS, DWR, NLDN, LPLWS
Optics ClassifiedEnclaveCINES, DOAMS,
MIGOR, ATOTS, OCT
WxProcess Enclave
ERDAS, MIDDS, WINDS
Wx Critical EnclaveAMPS, MSC
Comm Services Sens Enclave
Unclass Voice, Video
Cmnd Destruct Enclave
CCRS, Cape 1A, Cape 1B, JD CMD
Radar EnclaveSPARC, 0.134, 1.16, 19.14, 19.39,
28.14, FRVPS
Telemetry Enclave
CTPS, TMCRSP, DTA, Tel-4
Comm Services Class Enclave
DMNE, Secure Voice
JDMTA EnclaveTel-JDMTA
Down Range EnclaveTel-Ant, Tel-Asc, 12.15
MOC Processing Enclave
LAPS, FSDP, MDPP, FVTAM, NIPC, CDR
MOC Safety EnclaveDBS, DRSD, FOV-1, FADSS
Communications Infrastructure Classified EnclaveDT, COMSEC
Communications Infrastructure Sensitive Enclave
MICR, SATCOM, DT, NMS, UCS
CORE EnclaveNCT
1515 Feb 11UNCLASSIFIED
62 unsustainable boundaries reduced to 19 geographically/functionally based boundaries
UNCLASSIFIED
Summary
• Security and risk assessment methods must evolve with threats
• Information Assurance (IA) must meet to adapt• Near real time response• Support spiral development• Support spiral development
• Certification & Accreditation StrategiesT iti f DIACAP t RMF• Transition from DIACAP to RMF
• Leverage existing and future control selection flexibility• Partnerships must employ DIACAP team constructs
• Enterprise approaches• Move mitigations down through inheritance
1615 Feb 11UNCLASSIFIED
g g• Allow boundaries to cross programs, bases and services
QuestionsQuestions
top related