A methodology for the structured security analysis of interconnections
conference paper
Effective and efficient cooperation within future military operations increasingly requires the sharing of information among coalition partners and other organisations, as envisioned by the NATO Network-Enabled Capabilities (NNEC) study. It is therefore necessary that military communication infrastructures can be interconnected to facilitate the information sharing. This information sharing requires a high level of assurance on the security of interconnections. However it is often difficult to identify the appropriate security requirements, due to the complexity as a result of the differences between the applicable security policies. The methodology aims to provide a structured approach to define the appropriate security requirements and enable the determination of a balanced set of security measures for an interconnection. By decomposing the interconnection on a conceptual level into smaller parts, compartments can be defined that address a subset of the entire complexity. Between all these compartments as well as the own and other domain Security Policy Enforcement Points (SPEPs) can be defined. The division into compartments is based on the classification level, security policy and operational responsibility for the information. By determining the threat significance, trust level and threats for each individual SPEP specific security requirements and assurance requirements can be defined.
TNO Identifier
446891
Source title
2011 IEEE Military Communications Conference, MILCOM 2011, 7-10 November 2011, Baltimore, MD, USA
Pages
1267-1272
Files
To receive the publication files, please send an e-mail request to TNO Repository.