The architecture of military information security is based on trust. Whom and what you trust to sustain the confidentiality, integrity, and availability of your information? The basis for trust is found at the physical level. Secret papers have been stored in vaults which are in military camps surrounded by security perimeters.
With computer aided information management, the physical structure vanishes. Encrypted communications and information domains replace it. Air Gap Isolation becomes the major defence against malicious software.
Unfortunately, human negligence and various waveforms can breach the air gap. Thus, some military trust only monitoring. Every host and node in information domain have a sensor that sends information on events and incident to security operation centre, SOC. The SOC monitors the situation and reacts to all violations before they become serious.
Once you are collecting and analysing 50 000 incidents each second, you start demanding a better solution. Military consolidate all their information in data warehouses i.e. services, build an onion-structured security, and start attacking all malicious intentions between layers. This architecture is called defence-in-depth and active cyber defence.
The military is gradually losing their trust on physical, domain, monitor, and service structures. Might the content and real-time validators be the next base of trust? All content is encrypted as default, data can be processed only if a trusted entity validates both content, platform, and user to be true at given time.
There is also evidence that in crises, governmental bodies tend to trust only paper, vault, and manual information management.
No comments:
Post a Comment