Raytheon Secure Systems and Networks

Size: px
Start display at page:

Download "Raytheon Secure Systems and Networks"

Transcription

1 Technology Today HIGHLIGHTING RAYTHEON S TECHNOLOGY 2007 Issue 2 Raytheon Secure Systems and Networks Delivering Mission Assurance in a Hostile Cyberspace

2 Feature The Benefits of Multi-Level Security Col. Roger Shell was the deputy director of the National Security Agency s (NSA) National Computer Security Center (NCSC) as it was formed in the early 1980s. Dr. Kenneth Kung joined NCSC in 1984 as one of the system evaluators using the famous Orange Book. He learned his information assurance techniques from Dr. Shell and other early pioneers in this field (e.g., Steve Walker, David Bell, Marv Schaefer, Earl Boebert, etc.). Dr. Kung is the co-author and contributor to several other Rainbow Series of guidelines, while NSA remains the premier organization to learn the latest information system and weapon system protection techniques. Multi-level security (MLS) has been a holy grail ever since the early days of applying computer systems to meet the automation needs of military and intelligence systems. In the 1970s, MITRE published a series of papers (by Bell and LaPadua) that describe the issues and rules of determining access rights of individual users to information, based on their credentials. In fact, in 1971, Dr. Roger Schell (then a U.S. Air Force major) conducted his Ph.D. research at MIT on the Multics OS protection rings. Although multiple initiatives in the 1980s and 90s were launched to tackle the MLS problem, the issue is still with us today. This article addresses the background of the issues involved in solving the general MLS problem. It also describes both the security functionality and the assurance needs of the Department of Defense (DoD) community of users and possible solutions to address those needs. The DoD has a goal of fielding systems that provide the right information at the right time to the right person. In many cases, this goal is difficult to achieve due to the security classification of the data. To properly safeguard information today, many DoD information systems are separated in domains at the highest classification level of any data in the domain. They are commonly referred to as system high domains. If an individual does not possess a security clearance to access a domain, they are denied access to all information within the domain, even though some of the information may have originated at a lower classification and thus should be accessible to the individual. To ameliorate this problem, high-speed guards requiring additional hardware and processing overhead, or labor intensive procedures such as manually reviewing data, are commonly used when moving data between domains. The single-level security domain paradigm is not compatible with this time-sensitive collaborative processing environment needed to support net-centric operations and the systems of element approach where information is first published, then later subscribed. The concept of using single-level security domains results in over-clearing personnel, over-classifying data and creating system inefficiencies and redundancies. To minimize or eliminate these problems, the concept of MLS systems was developed. MLS eliminates the need for these separate domains. MLS systems reduce the total cost of ownership by eliminating hardware and software redundancies. Top secret, Traditional: one domain per security classification Unclassified Domain Secret Domain Top Secret Domain High Speed Guard High Speed Guard Figure 1. Traditional vs. MLS Enclaves secret, confidential and unclassified data all can reside in a single MLS domain. MLS provides the ability to simultaneously receive, process, store and disseminate data of multiple classifications within a domain where not all users have the security clearance to access all the data within the domain. MLS needs to permeate into the computing environment (workstations, servers and operating systems), the network, the database and the mission applications all must work together to maintain trust. MLS systems must assure that users are granted access to all the data, systems and services for which they are authorized, while denying them access if they are not authorized. Figure 1 illustrates a traditional configuration using guards between security domains on the left and an MLS enclave on the right. Multinational Information Systems The next major research milestone is to tackle the issue of multination- Top Secret MLS Domain with Unclassified through Top Secret Multi-level security (MLS) Secret Unclassified ISSUE 2 RAYTHEON TECHNOLOGY TODAY

3 al information systems (MNIS). MNIS are inherent in battle command to ensure the timely exchange of information across all coalition member domains and government agencies. Raytheon is doing research with the DoD to identify the issues and potential solutions under a study contract. With the proliferation of coalition operations and joint operations, the issue of information separation becomes even more challenging. Not only must the information be separated by clearance levels with each country s security policy, but well-defined information must be shared across multiple countries, where agreements to share are on a bilateral basis. Information releasable to certain countries is not releasable to other coalition partners. This complicated set of access control rules makes the Bell- LaPadula hierarchical security model of write up, read down traditionally used in MLS systems look simple. Raytheon is currently working to solve this demanding challenge of sharing information in the presence of multiple compartments within single security levels. Trusted Operating Systems There are several common approaches when attempting to provide MLS capability. One is to use a trusted operating system that attaches sensitivity labels to all objects within the domain. (Sun s Trusted Solaris TM is an example of a trusted operating system.) Sensitivity labels identify security classification and handling restrictions of the object. The sensitivity labels are compared to the user s security clearance and privileges to determine if access to the object is allowed. These operating systems are proprietary, tend to be very difficult to administer, and are at times extremely cumbersome to use. Because of their size and complexity, they have typically been evaluated only to a medium level of robustness. Due to administrative difficulties, customers often prefer less trustworthy operating systems such as Windows. Multiple Independent Levels of Security Another approach being developed to provide MLS capability is called Multiple Independent Levels of Security (MILS). Raytheon has been working with the Air Force Research Laboratory Information Directorate, the Cryptographic Modernization Program and the National Security Agency for several years on the foundational components for this high assurance architecture to support systems with MLS requirements and/or Multiple Single Levels of Security (MSLS). The goal of the MILS program is to establish a viable commercial market for high assurance, standardsbased commercial off-the-shelf (COTS) products that can be used to produce NSA-accredited systems. By leveraging COTS products that conform to the DO-178B safety standard, it is anticipated that the wider customer base for these products will result in a lower cost to DoD security customers. MILS have a layered architecture that enforces an information flow and data isolation security policy. At the bottom layer of the architecture is a small but highly trusted separation kernel. A separation kernel executes on processors such as Pentiums and PowerPCs to provide a virtual machine upon which a variety of COTS operating systems (e.g., Windows, Lynux, Solaris, etc.) can be hosted. The separation kernel provides a high robustness reference monitor 1 to enable this separation and to control communication between untrusted applications and data objects at various levels of classification/caveats on a single processor. It also enables trusted applications to execute on the same processor as untrusted applications, while ensuring that the trusted applications will not be compromised or interfered with in any way by the untrusted applications, (see Figure 2). Security policy enforcement mediated by the separation kernel is non-bypassable, always invoked and tamper-proof, because it is the only software that runs in privileged mode on the processor. Thus, systems with applications at different security levels/caveats require fewer processing resources. The separation kernel s security requirements are specified in the NSA s U.S. Government Protection Profile for Separation Kernels in s Requiring High Robustness, now in its final draft. A separation kernel can be evaluated to a high level of assurance (Evaluation Assurance Level (EAL 6+), because it is very small on the order of 4,000 lines of C-Language code. Although originally targeted to real-time, embedded systems, the Separation Kernel Protection Profile (SKPP) has been generalized to provide the security requirements for a high assurance virtual machine on which operating systems with medium or no assurance, such as Windows, can execute in separate partitions without degrading the assurance of the overall system. The Green Hills Software (GHS) Integrity Separation Kernel is available commercially and is currently undergoing evaluation at a high robustness level by a National Information Assurance Partnership (NIAP) accredited Common Criteria Testing Laboratory. It is targeted for embedded and server applications running on PowerPC and Intel processors. The Integrity Separation Kernel is being used in the Raytheon s Space and Airborne Systems NETSecure internal research Continued on page 10 1 IAEC 3285, NSA Infosec Design Course, High Robustness Reference Monitors version 3, Michael Dransfield, W. Mark Vanfleet. Raytheon is fielding a product called CHAIN (Compartmented High Assurance Information Network). CHAIN permits the separation of the information by compartments (as the name implies). Until the true MLS system is available, Raytheon is fielding CHAIN in multiple systems to separate information from different domains using the compartments enforcement mechanism. There are multiple commercial operating systems that allow this enforcement. To upgrade from compartments to multi-level security, the underlying operating system must meet the functionality and trust discussed in this article. RAYTHEON TECHNOLOGY TODAY 2007 ISSUE 2 9

4 Feature Benefits of Multi-Level Security Continued from page 9 and development effort to develop an MLS network processor that can be incorporated in legacy platforms such as the F/A-18 and B-2 to enable data fusion, sensor integration, distributed targeting and net-centric operations. Two other COTS operating system vendors, LynuxWorks and Wind River, have also developed separation kernels conforming to the SKPP that are available as Beta versions. In addition, GHS has demonstrated a high assurance Windows workstation running on their Padded Cell TM technology, which is based on their separation kernel. Separation kernels from the three vendors have been demonstrated publicly running a Raytheon application. Raytheon has also conducted research in the area of Partitioning Communication Systems (PCS), which enables trust relationships and data separation to be established between processors in a MILS enclave. The PCS is part of the middleware layer of the MILS architecture. In effect, the PCS functions as a data flow guard by controlling the information that flows between an application and the network. When running in a separate partition on top of a high assurance separation kernel (see Figure 2), a PCS provides data separation and controls the flow of information between processors in a manner that is non-bypassable, always invoked and tamper-proof. The PCS also provides separation by encrypting data before it is delivered to device drivers or the network interface. This enables the use of COTS network components in secure environments and may also eliminate the need for some guards in cases where downgrading is not required. With Objective Interface Systems (OIS) as a subcontractor, Raytheon is responsible for the development of the security requirements documented in the Partitioning Communications System Protection Profile (PCSPP). OIS is independently developing the first PCS, working closely with the three separation kernel vendors and intends to have it evaluated at a high robustness level. MILS - Multiple Independent Levels of Security MSL - Multi Single Level MLS - Multi Level Secure SL - Single Level Trusted Path Console Manager Token Service Driver File System Driver Network Interface Unit Supervisor Mode MMU, Inter Partition Communications Interrupts Figure 2. Representative MILS Architecture The PCS has been demonstrated publicly on the GHS separation kernel running on Intel processors. A version of the PCS for PowerPC is currently under development. Protection profiles and products for other MILS middleware components are in various stages of development. As a subcontractor to Raytheon under an AFRL CRAD program, SRI International has started work on a MILS Network System Protection Profile. A MILS file system and MILS CORBA protection profile have also been proposed. Trusted components such as downgraders, firewalls, virus protection, and intrusion detection and protection are employed at the application level in the MILS architecture. These efforts are expected to continue over the next several years. Guard Technology Evaluated MILS products are still years away from being available in general workstations and servers. In the meantime, there is a need to provide capabilities to connect systems composed of various security levels together, while granting access to only authorized users of the data. One of the key technologies that support data sharing between security domains is the security guard that sits between different security domains. Raytheon has developed a product called High Speed Guard to support the user community s need for data sharing between single-level domains. Application (User Mode) Partitions PCS (MLS) S (SL) Guest OS/ Middleware RTOS Micro Kernal (MILS Separation Kernal) Processor What Is a Guard, Anyway? Current security policies require a trusted entity to independently validate data being moved between top secret, secret and unclassified networks. These products are commonly known as trusted guards, high assurance guards or just guards. Guards typically function as proxies, providing security separation between the two systems being connected. There are three main functions for a guard: Network separation Mandatory access control Data validation Network Separation A guard s high-security ( high ) side network interface has an IP address on the high side network while the guard s low side network interface uses an IP address from the low side network. Thus, the guard provides network separation and typically enforces source/destination IP via some firewall mechanism in the guard. Mandatory Access Control Another requirement for guards is to enforce Mandatory Access Control (MAC). Per current security policy, a trusted operating system such as Trusted Solaris is required to meet MAC requirements. In a trusted operating system, the operating system carries label information on all components on the system memory, file systems, network interfaces, etc., and provides APIs for systems such as guards to move data between security levels. S (SL) Guest OS/ Middleware S (SL) Guest OS/ Middleware ISSUE 2 RAYTHEON TECHNOLOGY TODAY

5 PROFILE: KENNETH KUNG Data Validation Data Feed 1 Large File Transfer Data Feed 2 Guards must validate that the data passing through it is authorized. Guards typically enforce different checks depending on the direction the data is flowing. When data is passed from a high to low, the main focus of data validation is to ensure that only data authorized at the lower network s security level is passed. Several options exist for performing this check: Classification rules to independently interrogate the data to determine its classification Verify existing labels on data Verify upstream system s digital signature on data if provided The correct option depends on a particular system s data formats. The prevention of malicious content is the primary concern when moving data from a lower network. For file-based transfers, virus scanning is the primary mechanism for meeting this requirement. For streaming data, virus scanning is problematic so data validation can be used to verify that the content of the data is valid and there is no unknown content. Raytheon High Speed Guard Figure 3 illustrates a typical use of the Raytheon guard. Raytheon s High Speed Guard was built for high bandwidth needs within the High Speed Guard Data Feed n Message Transfer Msg: ABCD Class: S Dataset ID: Y Current: Z Coordinates: 12345N095432E Classification X Classification Y Msg: ABCD Class: S Dataset ID: Y Current: Z Coordinates: 12345N095432E Figure 3. The Raytheon High Speed Guard provides a high-bandwidth, low-latency crossdomain solution for most intelligence community and DoD data types. intelligence community. Key features of our guard: Performance: Currently achieves 850Mb/sec on 1 Gigabit networks and 4.5 Gb/sec on 10 Gigabit networks. History: Our guard has been in use since 1998 and has over 144 units operational. It has been certified by multiple agencies at Director of Central Intelligence Directive (DCID) 6/3 Protection Level 4. Flexibility: The Raytheon guard supports TCP/IP socket-based transfers, file-based transfer, and has a Human Review capability that utilizes digital signature validation. The guard is also rehostable to various trusted platforms. Raytheon s current platform is Sun using Trusted Solaris 8. Raytheon also supports Silicon Graphics Incorporated (SGI) hardware running Trusted Irix, but that OS is being end-of-life d in Raytheon plans to support SELinux in the next months and may also support Solaris 10 with Trusted Extensions. Ease of Use: The Raytheon guard comes with complete documentation and training, enabling end users to maintain it, if desired. The rules language is straightforward, but very powerful and includes full XML parsing capability. Carolyn Boettcher, Kenneth Kung, Jerry Lebowitz, Kevin Cariker, A principal engineering fellow for Raytheon s Network Centric Systems (NCS) business, Kenneth Kung, Ph.D. has over 26 years of system and software engineering experience, including 22 years with Raytheon. Currently, he is leading the architecture capability area for NCS on the Enterprise Net-centric Integration Capability (ENIC) initiative, which seeks to change the way we develop solutions and capabilities for Raytheon customers. He leads the development of reference architectures, solution architectures and architecture governance. This effort transforms our culture by enhancing our speed to market, speed to demo and ability to cost appropriately. Kung represents NCS on the Corporate Architecture Review Board. Some of the board s functions include developing a strategy to train system architects, ensuring the interoperability of various systems, and recommending Raytheon architecture directions involving our customers. He participates in several industry consortia and standards committees, including the Net Centric Operations International Consortium, the Open Group Architecture Forum, the ISO/IEC JT1 Subcommittee 27 on Cyber Security U.S. Technical Advisory Group, and the Systems Architecture Forum. From these external boards, Kung has been able to learn and exchange lessons with others in the industry. From , Kung was the Architecture Technology Area Director at Corporate Engineering, where he led the initial development of the taxonomy of the reference architectures and C2 reference architecture. Before coming to Raytheon, Kung worked at the Aerospace Corporation, supporting the National Security Agency on information security product evaluation. He has been lecturing in colleges for more than 30 years on topics such as information security and communication networks. He has also served on the advisory boards of Harvey Mudd College and California State University, Fullerton. Kung received his bachelor s degree in engineering from UCLA. He later received his master s and doctorate degrees in computer science also from UCLA. He is a Certified Raytheon Six Sigma Expert TM and Raytheon Certified Architect. RAYTHEON TECHNOLOGY TODAY 2007 ISSUE 2 11

6 Do you have a great idea for an article? We are always looking for ways to connect with you our engineering, technology and Mission Assurance professionals. If you have an article or an idea for an article regarding technical achievements, customer solutions, relationships, Mission Assurance, etc., send it along. If your topic aligns with a future issue of Technology Today or is appropriate for an online article, we will be happy to consider it and will contact you for more information. Send your article ideas to We re waiting to hear from you! Copyright 2007 Raytheon Company. All rights reserved. Approved for public release. Printed in the USA. Customer Success Is Our Mission is a trademark of Raytheon Company. Capability Maturity Model,CMM and CMMI are registered in the U.S. Patent and Trademark Office by Carnegie Mellon University.

Raytheon Secure Systems and Networks

Raytheon Secure Systems and Networks Technology Today HIGHLIGHTING RAYTHEON S TECHNOLOGY 2007 Issue 2 Raytheon Secure s and Networks Delivering Mission Assurance in a Hostile Cyberspace Feature Ensuring That Our s Can Be Trusted The systems

More information

Applications of Formal Methods in Building High-Assurance Secure Systems

Applications of Formal Methods in Building High-Assurance Secure Systems Applications of Formal Methods in Building High-Assurance Secure Systems Rance J. DeLong Computer Engineering Department Information Assurance Santa Clara University 1 Credits The work described is being

More information

The MILS Component Integration Approach To Secure Information Sharing

The MILS Component Integration Approach To Secure Information Sharing The MILS Component Integration Approach To Secure Information Sharing Carolyn Boettcher, Raytheon, El Segundo CA Rance DeLong, LynuxWorks, San Jose CA John Rushby, SRI International, Menlo Park CA Wilmar

More information

High Assurance Security/Safety for Deeply Embedded, Real-time Systems

High Assurance Security/Safety for Deeply Embedded, Real-time Systems High Assurance Security/Safety for Deeply Embedded, Real-time Systems R. William Beckwith Objective Interface Systems, Inc. Herndon, Virginia, U.S.A. bill.beckwith@ois.com W. Mark Vanfleet National Security

More information

Reference Guide for Security in Networks

Reference Guide for Security in Networks Reference Guide for Security in Networks This reference guide is provided to aid in understanding security concepts and their application in various network architectures. It should not be used as a template

More information

Meeting Cyber Security Challenges

Meeting Cyber Security Challenges Meeting Cyber Security Challenges Presented to Naval Postgraduate School Cyber Summit 29 October 2009 Cynthia Irvine, PhD, Professor Naval Postgraduate School UNCLASSIFIED Overview Challenges in Cyber

More information

White Paper Levels of Linux Operating System Security

White Paper Levels of Linux Operating System Security White Paper Levels of Linux Operating System Security Owl Approach to the Hardening of Linux Abstract Cross Domain Solutions produced by Owl Computing Technologies, Inc., running on Security Enhanced (SE)

More information

Applying Multi-core and Virtualization to Industrial and Safety-Related Applications

Applying Multi-core and Virtualization to Industrial and Safety-Related Applications White Paper Wind River Hypervisor and Operating Systems Intel Processors for Embedded Computing Applying Multi-core and Virtualization to Industrial and Safety-Related Applications Multi-core and virtualization

More information

IQware's Approach to Software and IT security Issues

IQware's Approach to Software and IT security Issues IQware's Approach to Software and IT security Issues The Need for Security Security is essential in business intelligence (BI) systems since they have access to critical and proprietary enterprise information.

More information

WIND RIVER SECURE ANDROID CAPABILITY

WIND RIVER SECURE ANDROID CAPABILITY WIND RIVER SECURE ANDROID CAPABILITY Cyber warfare has swiftly migrated from hacking into enterprise networks and the Internet to targeting, and being triggered from, mobile devices. With the recent explosion

More information

evm Virtualization Platform for Windows

evm Virtualization Platform for Windows B A C K G R O U N D E R evm Virtualization Platform for Windows Host your Embedded OS and Windows on a Single Hardware Platform using Intel Virtualization Technology April, 2008 TenAsys Corporation 1400

More information

A Multi-layered Approach to Security in High Assurance Systems 1

A Multi-layered Approach to Security in High Assurance Systems 1 A Multi-layered Approach to Security in High Assurance Systems 1 Jim Alves-Foss, Carol Taylor, and Paul Oman Center for Secure and Dependable Systems University of Idaho [jimaf,ctaylor,oman]@cs.uidaho.edu

More information

Parallels Virtuozzo Containers

Parallels Virtuozzo Containers Parallels Virtuozzo Containers White Paper Top Ten Considerations For Choosing A Server Virtualization Technology www.parallels.com Version 1.0 Table of Contents Introduction... 3 Technology Overview...

More information

SYSTEMS SECURITY ENGINEERING

SYSTEMS SECURITY ENGINEERING SSE-100-1 NATIONAL SECURITY AGENCY INFORMATION ASSURANCE GUIDANCE FOR SYSTEMS BASED ON A SECURITY REAL-TIME OPERATING SYSTEM SYSTEMS SECURITY ENGINEERING NATIONAL SECURITY AGENCY 9800 SAVAGE ROAD, SUITE

More information

Mandatory Access Control Systems

Mandatory Access Control Systems CSE497b Introduction to Computer and Network Security - Spring 2007- Professor Jaeger Mandatory Access Control Systems CSE497b - Spring 2007 Introduction Computer and Network Security Professor Jaeger

More information

Future Multi-Mission Satellite Operations Centers Based on an Open System Architecture and Compatible Framework

Future Multi-Mission Satellite Operations Centers Based on an Open System Architecture and Compatible Framework Future Multi-Mission Satellite Operations Centers Based on an Open System Architecture and Compatible Framework GSAW 2014 Thomas J. Sullivan, Aerospace Ground Systems Lab Rico Espindola, MMSOC Flight Operations

More information

Security in SCADA solutions

Security in SCADA solutions Security in SCADA solutions Green Hills Software Peter Hoogenboom Engineering Manager - EMEA 2011 Green Hills Software D&E Event, 22 Sep 2011, Evoluon Eindhoven (NL) Slide 1 Security in SCADA solutions

More information

A Data Centric Approach for Modular Assurance. Workshop on Real-time, Embedded and Enterprise-Scale Time-Critical Systems 23 March 2011

A Data Centric Approach for Modular Assurance. Workshop on Real-time, Embedded and Enterprise-Scale Time-Critical Systems 23 March 2011 A Data Centric Approach for Modular Assurance The Real-Time Middleware Experts Workshop on Real-time, Embedded and Enterprise-Scale Time-Critical Systems 23 March 2011 Gabriela F. Ciocarlie Heidi Schubert

More information

Secure Content Automation Protocol (SCAP): How it is increasingly used to automate enterprise security management activities

Secure Content Automation Protocol (SCAP): How it is increasingly used to automate enterprise security management activities Secure Content Automation Protocol (SCAP): How it is increasingly used to automate enterprise security management activities Sean Barnum sbarnum@mitre.org September 2011 Overview What is SCAP? Why SCAP?

More information

Solution Recipe: Improve PC Security and Reliability with Intel Virtualization Technology

Solution Recipe: Improve PC Security and Reliability with Intel Virtualization Technology Solution Recipe: Improve PC Security and Reliability with Intel Virtualization Technology 30406_VT_Brochure.indd 1 6/20/06 4:01:14 PM Preface Intel has developed a series of unique Solution Recipes designed

More information

CS 356 Lecture 25 and 26 Operating System Security. Spring 2013

CS 356 Lecture 25 and 26 Operating System Security. Spring 2013 CS 356 Lecture 25 and 26 Operating System Security Spring 2013 Review Chapter 1: Basic Concepts and Terminology Chapter 2: Basic Cryptographic Tools Chapter 3 User Authentication Chapter 4 Access Control

More information

CS 665: Computer System Security. Designing Trusted Operating Systems. Trusted? What Makes System Trusted. Information Assurance Module

CS 665: Computer System Security. Designing Trusted Operating Systems. Trusted? What Makes System Trusted. Information Assurance Module CS 665: Computer System Security Designing Trusted Operating Systems Bojan Cukic Lane Department of Computer Science and Electrical Engineering West Virginia University 1 Trusted? An operating system is

More information

Cyber Essentials Questionnaire

Cyber Essentials Questionnaire Cyber Essentials Questionnaire Introduction The Cyber Essentials scheme is recommended for organisations looking for a base level Cyber security test where IT is a business enabler rather than a core deliverable.

More information

Overview. CMU/SEI Cyber Innovation Center. Dynamic On-Demand High-Performance Computing System. KVM and Hypervisor Security.

Overview. CMU/SEI Cyber Innovation Center. Dynamic On-Demand High-Performance Computing System. KVM and Hypervisor Security. KVM and Hypervisor Security David Shepard and Matt Gaston CMU/SEI Cyber Innovation Center February 2012 2012 by Carnegie Mellon University. Published SEI PROPRIETARY INFORMATION. Distribution: Director

More information

Building A Secure Microsoft Exchange Continuity Appliance

Building A Secure Microsoft Exchange Continuity Appliance Building A Secure Microsoft Exchange Continuity Appliance Teneros, Inc. 215 Castro Street, 3rd Floor Mountain View, California 94041-1203 USA p 650.641.7400 f 650.641.7401 ON AVAILABLE ACCESSIBLE Building

More information

Security Enhanced Linux and the Path Forward

Security Enhanced Linux and the Path Forward Security Enhanced Linux and the Path Forward April 2006 Justin Nemmers Engineer, Red Hat Agenda System security in an insecure world Red Hat Enterprise Linux Security Features An overview of Discretionary

More information

Secure Virtual Machine Systems

Secure Virtual Machine Systems C H A P T E R 11 Secure Virtual Machine Systems A problem in building a new, secure operating system is that existing applications may not run on the new system. Operating systems define an application

More information

EECatalog SPECIAL FEATURE

EECatalog SPECIAL FEATURE Type Zero Hypervisor the New Frontier in Embedded Virtualization The hypervisor s full control over the hardware platform and ability to virtualize hardware platforms are beneficial in environments that

More information

GE Measurement & Control. Cyber Security for NEI 08-09

GE Measurement & Control. Cyber Security for NEI 08-09 GE Measurement & Control Cyber Security for NEI 08-09 Contents Cyber Security for NEI 08-09...3 Cyber Security Solution Support for NEI 08-09...3 1.0 Access Contols...4 2.0 Audit And Accountability...4

More information

National Information Assurance Partnership

National Information Assurance Partnership National Information Assurance Partnership TM Common Criteria Evaluation and Validation Scheme Validation Report IBM UK Ltd IBM WebSphere Business Integration Message Broker Version 5.0, Fix Pack 4 Report

More information

Trusted RUBIX TM. Version 6. Multilevel Security in Trusted RUBIX White Paper. Revision 2 RELATIONAL DATABASE MANAGEMENT SYSTEM TEL +1-202-412-0152

Trusted RUBIX TM. Version 6. Multilevel Security in Trusted RUBIX White Paper. Revision 2 RELATIONAL DATABASE MANAGEMENT SYSTEM TEL +1-202-412-0152 Trusted RUBIX TM Version 6 Multilevel Security in Trusted RUBIX White Paper Revision 2 RELATIONAL DATABASE MANAGEMENT SYSTEM Infosystems Technology, Inc. 4 Professional Dr - Suite 118 Gaithersburg, MD

More information

Data Sheet: Endpoint Security Symantec Endpoint Protection The next generation of antivirus technology from Symantec

Data Sheet: Endpoint Security Symantec Endpoint Protection The next generation of antivirus technology from Symantec The next generation of antivirus technology from Symantec Overview Advanced threat protection combines Symantec AntiVirus with advanced threat prevention to deliver an unmatched defense against malware

More information

High Assurance Security For Embedded, Distributed Systems

High Assurance Security For Embedded, Distributed Systems High Assurance Security For Embedded, Distributed Systems Bill Beckwith Objective Interface Systems, Inc. +1 703 295 6500 bill.beckwith@ois.com http://www.ois.com OMG Real-time and Embedded Workshop July

More information

A M D DA S 1. 0 For the Manageability, Virtualization and Security of Embedded Solutions

A M D DA S 1. 0 For the Manageability, Virtualization and Security of Embedded Solutions A M D DA S 1. 0 For the Manageability, Virtualization and Security of Embedded Solutions AMD DAS (DASH, AMD Virtualization (AMD-V ) Technology, and Security) 1.0 is a term used to describe the various

More information

IT ASSET MANAGEMENT Securing Assets for the Financial Services Sector

IT ASSET MANAGEMENT Securing Assets for the Financial Services Sector IT ASSET MANAGEMENT Securing Assets for the Financial Services Sector V.2 Final Draft May 1, 2014 financial_nccoe@nist.gov This revision incorporates comments from the public. Page Use case 1 Comments

More information

SECURITY: THE KEY TO AFFORDABLE UNMANNED AIRCRAFT SYSTEMS. By Alex Wilson, Director of Business Development, Aerospace and Defense

SECURITY: THE KEY TO AFFORDABLE UNMANNED AIRCRAFT SYSTEMS. By Alex Wilson, Director of Business Development, Aerospace and Defense SECURITY: THE KEY TO AFFORDABLE UNMANNED AIRCRAFT SYSTEMS By Alex Wilson, Director of Business Development, Aerospace and Defense EXECUTIVE SUMMARY Cost efficiency and affordability will always be key

More information

Spyware Doctor Enterprise Technical Data Sheet

Spyware Doctor Enterprise Technical Data Sheet Spyware Doctor Enterprise Technical Data Sheet The Best of Breed Anti-Spyware Solution for Businesses Spyware Doctor Enterprise builds on the strength of the industry-leading and multi award-winning Spyware

More information

Taking the Open Source Road

Taking the Open Source Road The National Security Agency s Review of Emerging Technologies Taking the Open Source Road Raising the Bar in Operating System Security Cryptographic Binding of Metadata Providing a Secure Foundation with

More information

Windows Embedded Security and Surveillance Solutions

Windows Embedded Security and Surveillance Solutions Windows Embedded Security and Surveillance Solutions Windows Embedded 2010 Page 1 Copyright The information contained in this document represents the current view of Microsoft Corporation on the issues

More information

ARCHITECT S GUIDE: Comply to Connect Using TNC Technology

ARCHITECT S GUIDE: Comply to Connect Using TNC Technology ARCHITECT S GUIDE: Comply to Connect Using TNC Technology August 2012 Trusted Computing Group 3855 SW 153rd Drive Beaverton, OR 97006 Tel (503) 619-0562 Fax (503) 644-6708 admin@trustedcomputinggroup.org

More information

Multinational Force-Iraq Portal and Multinational Information Sharing

Multinational Force-Iraq Portal and Multinational Information Sharing Multinational Force-Iraq Portal and Multinational Information Sharing MAJ Ed McLarney JFCOM J9, Joint Experimentation Joint Prototyping Pathway 13 June 2005 Edward.mclarney@je.jfcom.mil 757-203-3254 1

More information

Session objectives. Access control. Subjects and objects. The request. Information Security

Session objectives. Access control. Subjects and objects. The request. Information Security The session Session objectives Access Control Information Security Dr Hans Georg Schaathun Introduce fundamental terminology of access control Understand principles of privilege management and identity

More information

Start building a trusted environment now... (before it s too late) IT Decision Makers

Start building a trusted environment now... (before it s too late) IT Decision Makers YOU CAN T got HAP Start building a trusted environment now... IT Decision Makers (before it s too late) HAP reference implementations and commercial solutions are available now in the HAP Developer Kit.

More information

CAPP-Compliant Security Event Audit System for Mac OS X and FreeBSD

CAPP-Compliant Security Event Audit System for Mac OS X and FreeBSD CAPP-Compliant Security Event Audit System for Mac OS X and FreeBSD Robert N. M. Watson Security Research Computer Laboratory University of Cambridge March 23, 2006 Introduction Background Common Criteria,

More information

Mandatory Access Control

Mandatory Access Control CIS/CSE 643: Computer Security (Syracuse University) MAC: 1 1 Why need MAC DAC: Discretionary Access Control Mandatory Access Control Definition: An individual user can set an access control mechanism

More information

GSAW 2010. C2 System Advantages Sought, Lessons Learned, and Product Philosophies. Ryan Telkamp. Presenter name Presenter Title

GSAW 2010. C2 System Advantages Sought, Lessons Learned, and Product Philosophies. Ryan Telkamp. Presenter name Presenter Title GSAW 2010 Evolution of a Service Oriented Architecture t (SOA) C2 System Advantages Sought, Lessons Learned, and Product Philosophies Ryan Telkamp Presenter name Presenter Title BOEING is a trademark of

More information

Intel Active Management Technology Embedded Host-based Configuration in Intelligent Systems

Intel Active Management Technology Embedded Host-based Configuration in Intelligent Systems WHITE PAPER Intel vpro Technology Embedded Host-based Configuration in Intelligent Systems Easy activation of Intel vpro technology remote manageability without trade-offs in security, functionality, and

More information

A Modern Framework for Network Security in the Federal Government

A Modern Framework for Network Security in the Federal Government A Modern Framework for Network Security in the Federal Government 1 A MODERN FRAMEWORK FOR NETWORK SECURITY IN THE FEDERAL GOVERNMENT Trends in Federal Requirements for Network Security In recent years,

More information

Virtualization: Hypervisors for Embedded and Safe Systems. Hanspeter Vogel Triadem Solutions AG

Virtualization: Hypervisors for Embedded and Safe Systems. Hanspeter Vogel Triadem Solutions AG 1 Virtualization: Hypervisors for Embedded and Safe Systems Hanspeter Vogel Triadem Solutions AG 2 Agenda Use cases for virtualization Terminology Hypervisor Solutions Realtime System Hypervisor Features

More information

Virtualization Technology

Virtualization Technology Virtualization Technology A Manifold Arms Race Michael H. Warfield Senior Researcher and Analyst mhw@linux.vnet.ibm.com 2008 IBM Corporation Food for Thought Is Virtual Reality an oxymoron or is it the

More information

ISOLATING UNTRUSTED SOFTWARE ON SECURE SYSTEMS HYPERVISOR CASE STUDY

ISOLATING UNTRUSTED SOFTWARE ON SECURE SYSTEMS HYPERVISOR CASE STUDY ISOLATING UNTRUSTED SOFTWARE ON SECURE SYSTEMS HYPERVISOR CASE STUDY Dr. Gregg Wildes DornerWorks www.dornerworks.com Embedded Systems Engineering for Security and Safety-Critical Systems Where Hardware

More information

TOP TEN CONSIDERATIONS

TOP TEN CONSIDERATIONS White Paper TOP TEN CONSIDERATIONS FOR CHOOSING A SERVER VIRTUALIZATION TECHNOLOGY Learn more at www.swsoft.com/virtuozzo Published: July 2006 Revised: July 2006 Table of Contents Introduction... 3 Technology

More information

A Standards-Based Integration Platform for Reconfigurable Unmanned Aircraft Systems

A Standards-Based Integration Platform for Reconfigurable Unmanned Aircraft Systems WHITEPAPER A Standards-Based Integration Platform for Reconfigurable Unmanned Aircraft Systems Executive Summary This paper addresses the system design and integration challenges involved in meeting the

More information

Virtualization and the U2 Databases

Virtualization and the U2 Databases Virtualization and the U2 Databases Brian Kupzyk Senior Technical Support Engineer for Rocket U2 Nik Kesic Lead Technical Support for Rocket U2 Opening Procedure Orange arrow allows you to manipulate the

More information

What can DDS do for You? Learn how dynamic publish-subscribe messaging can improve the flexibility and scalability of your applications.

What can DDS do for You? Learn how dynamic publish-subscribe messaging can improve the flexibility and scalability of your applications. What can DDS do for You? Learn how dynamic publish-subscribe messaging can improve the flexibility and scalability of your applications. 2 Contents: Abstract 3 What does DDS do 3 The Strengths of DDS 4

More information

Unit 10 : An Introduction to Linux OS

Unit 10 : An Introduction to Linux OS Unit 10 : An Introduction to Linux OS Linux is a true 32/64-bit operating system that run on different platforms. It is a multi-user, multi-tasking and time sharing operating system. Linux is a very stable

More information

THE RTOS AS THE ENGINE POWERING THE INTERNET OF THINGS

THE RTOS AS THE ENGINE POWERING THE INTERNET OF THINGS THE RTOS AS THE ENGINE POWERING THE INTERNET OF THINGS By Bill Graham and Michael Weinstein INNOVATORS START HERE. EXECUTIVE SUMMARY Driven by the convergence of cloud technology, rapidly growing data

More information

Implementing Network Attached Storage. Ken Fallon Bill Bullers Impactdata

Implementing Network Attached Storage. Ken Fallon Bill Bullers Impactdata Implementing Network Attached Storage Ken Fallon Bill Bullers Impactdata Abstract The Network Peripheral Adapter (NPA) is an intelligent controller and optimized file server that enables network-attached

More information

Building the Internet of Things Jim Green - CTO, Data & Analytics Business Group, Cisco Systems

Building the Internet of Things Jim Green - CTO, Data & Analytics Business Group, Cisco Systems Building the Internet of Things Jim Green - CTO, Data & Analytics Business Group, Cisco Systems Brian McCarson Sr. Principal Engineer & Sr. System Architect, Internet of Things Group, Intel Corp Mac Devine

More information

Using Cellular RTU Technology for Remote Monitoring and Control in Pipeline and Well Applications

Using Cellular RTU Technology for Remote Monitoring and Control in Pipeline and Well Applications Using Cellular RTU Technology for Remote Monitoring and Control in Pipeline and Well Applications Steve Frank Business Development Manager Moxa Inc. Introduction Cellular technology minimizes site visits

More information

CPNI VIEWPOINT CONFIGURING AND MANAGING REMOTE ACCESS FOR INDUSTRIAL CONTROL SYSTEMS

CPNI VIEWPOINT CONFIGURING AND MANAGING REMOTE ACCESS FOR INDUSTRIAL CONTROL SYSTEMS CPNI VIEWPOINT CONFIGURING AND MANAGING REMOTE ACCESS FOR INDUSTRIAL CONTROL SYSTEMS MARCH 2011 Acknowledgements This Viewpoint is based upon the Recommended Practice: Configuring and Managing Remote Access

More information

Secure Networks for Process Control

Secure Networks for Process Control Secure Networks for Process Control Leveraging a Simple Yet Effective Policy Framework to Secure the Modern Process Control Network An Enterasys Networks White Paper There is nothing more important than

More information

ARINC 653. An Avionics Standard for Safe, Partitioned Systems

ARINC 653. An Avionics Standard for Safe, Partitioned Systems ARINC 653 An Avionics Standard for Safe, Partitioned Systems 1 Courtesy of Wind River Inc. 2008 IEEE-CS Seminar June 4 th, 2008 Agenda Aerospace Trends IMA vs. Federated ARINC 653 Main concepts Safety

More information

Solution Guide Parallels Virtualization for Linux

Solution Guide Parallels Virtualization for Linux Solution Guide Parallels Virtualization for Linux Overview Created in 1991, Linux was designed to be UNIX-compatible software that was composed entirely of open source or free software components. Linux

More information

Building Robust Security Solutions Using Layering And Independence

Building Robust Security Solutions Using Layering And Independence Building Robust Security Solutions Using Layering And Independence Fred Roeper Neal Ziring Information Assurance Directorate National Security Agency Session ID: STAR-401 Session Classification: Intermediate

More information

Enterprise Cybersecurity Best Practices Part Number MAN-00363 Revision 006

Enterprise Cybersecurity Best Practices Part Number MAN-00363 Revision 006 Enterprise Cybersecurity Best Practices Part Number MAN-00363 Revision 006 April 2013 Hologic and the Hologic Logo are trademarks or registered trademarks of Hologic, Inc. Microsoft, Active Directory,

More information

RSA SecurID Two-factor Authentication

RSA SecurID Two-factor Authentication RSA SecurID Two-factor Authentication Today, we live in an era where data is the lifeblood of a company. Now, security risks are more pressing as attackers have broadened their targets beyond financial

More information

McAfee Security Architectures for the Public Sector

McAfee Security Architectures for the Public Sector White Paper McAfee Security Architectures for the Public Sector End-User Device Security Framework Table of Contents Business Value 3 Agility 3 Assurance 3 Cost reduction 4 Trust 4 Technology Value 4 Speed

More information

Virtual Machine Security

Virtual Machine Security Virtual Machine Security CSE497b - Spring 2007 Introduction Computer and Network Security Professor Jaeger www.cse.psu.edu/~tjaeger/cse497b-s07/ 1 Operating System Quandary Q: What is the primary goal

More information

The Significance of Common Criteria, Protection Profiles, and Lumeta IPsonar

The Significance of Common Criteria, Protection Profiles, and Lumeta IPsonar Lumeta IPsonar 5.5C The Significance of Common Criteria, Protection Profiles, and Lumeta IPsonar The aim of the new Common Criteria is to ensure that commercial enterprise security products represent a

More information

Only Athena provides complete command over these common enterprise mobility needs.

Only Athena provides complete command over these common enterprise mobility needs. Mobile devices offer great potential for making your enterprise run faster, smarter, and more profitably. However, mobile devices can create considerable challenges for your IT organization, since they

More information

System Assurance C H A P T E R 12

System Assurance C H A P T E R 12 C H A P T E R 12 System Assurance 169 The aim of system assurance is to verify that a system enforces a desired set of security goals. For example, we would like to know that a new operating system that

More information

Certification Report

Certification Report Certification Report EAL 4+ Evaluation of Solaris 10 Release 11/06 Trusted Extensions Issued by: Communications Security Establishment Canada Certification Body Canadian Common Criteria Evaluation and

More information

COMP3441 Lecture 9: Security Architecture

COMP3441 Lecture 9: Security Architecture COMP3441 Lecture 9: Security Architecture Ron van der Meyden (University of New South Wales Sydney, Australia) May 6, 2014 Overview Security Design Principles Security Architecture Security Design in the

More information

TRANSMAT Trusted Operations for Untrusted Database Applications

TRANSMAT Trusted Operations for Untrusted Database Applications TRANSMAT Trusted Operations for Untrusted Database s Dan Thomsen Secure Computing Corporation 2675 Long Lake Road Roseville, MN 55113, USA email: thomsen@sctc.com Abstract This paper presents a technique

More information

Hitachi Virtual Storage Platform Family: Security Overview. By Hitachi Data Systems

Hitachi Virtual Storage Platform Family: Security Overview. By Hitachi Data Systems Hitachi Virtual Storage Platform Family: Security Overview By Hitachi Data Systems April 2015 Contents Executive Summary... 3 Hitachi Virtual Storage Platform G1000 Security Components... 4 Privileged

More information

CONTROL SYSTEM VENDOR CYBER SECURITY TRENDS INTERIM REPORT

CONTROL SYSTEM VENDOR CYBER SECURITY TRENDS INTERIM REPORT Energy Research and Development Division FINAL PROJECT REPORT CONTROL SYSTEM VENDOR CYBER SECURITY TRENDS INTERIM REPORT Prepared for: Prepared by: California Energy Commission KEMA, Inc. MAY 2014 CEC

More information

Double-Take Replication in the VMware Environment: Building DR solutions using Double-Take and VMware Infrastructure and VMware Server

Double-Take Replication in the VMware Environment: Building DR solutions using Double-Take and VMware Infrastructure and VMware Server Double-Take Replication in the VMware Environment: Building DR solutions using Double-Take and VMware Infrastructure and VMware Server Double-Take Software, Inc. 257 Turnpike Road; Suite 210 Southborough,

More information

CMPT 471 Networking II

CMPT 471 Networking II CMPT 471 Networking II Firewalls Janice Regan, 2006-2013 1 Security When is a computer secure When the data and software on the computer are available on demand only to those people who should have access

More information

Computer Security: Principles and Practice

Computer Security: Principles and Practice Computer Security: Principles and Practice Chapter 10 Trusted Computing and Multilevel Security First Edition by William Stallings and Lawrie Brown Lecture slides by Lawrie Brown Trusted Computing and

More information

VMware and CPU Virtualization Technology. Jack Lo Sr. Director, R&D

VMware and CPU Virtualization Technology. Jack Lo Sr. Director, R&D ware and CPU Virtualization Technology Jack Lo Sr. Director, R&D This presentation may contain ware confidential information. Copyright 2005 ware, Inc. All rights reserved. All other marks and names mentioned

More information

Accessing and sending data securely across security domains

Accessing and sending data securely across security domains In this White Paper Connectivity is good. Secure connectivity is essential. This white paper by Thales UK explains how Thales Gateway Services protect the exchange of data across security domains. It discusses

More information

Automating Attack Analysis Using Audit Data. Dr. Bruce Gabrielson (BAH) CND R&T PMO 28 October 2009

Automating Attack Analysis Using Audit Data. Dr. Bruce Gabrielson (BAH) CND R&T PMO 28 October 2009 Automating Attack Analysis Using Audit Data Dr. Bruce Gabrielson (BAH) CND R&T PMO 28 October 2009 2 Introduction Audit logs are cumbersome and traditionally used after the fact for forensics analysis.

More information

Virtualization for Hard Real-Time Applications Partition where you can Virtualize where you have to

Virtualization for Hard Real-Time Applications Partition where you can Virtualize where you have to Virtualization for Hard Real-Time Applications Partition where you can Virtualize where you have to Hanspeter Vogel Triadem Solutions AG Real-Time Systems GmbH Gartenstrasse 33 D-88212 Ravensburg Germany

More information

Deltek Vision 7.0 LA. Technical Readiness Guide

Deltek Vision 7.0 LA. Technical Readiness Guide Deltek Vision 7.0 LA Technical Readiness Guide May 15, 2012 While Deltek has attempted to verify that the information in this document is accurate and complete, some typographical or technical errors may

More information

DB2 Connect for NT and the Microsoft Windows NT Load Balancing Service

DB2 Connect for NT and the Microsoft Windows NT Load Balancing Service DB2 Connect for NT and the Microsoft Windows NT Load Balancing Service Achieving Scalability and High Availability Abstract DB2 Connect Enterprise Edition for Windows NT provides fast and robust connectivity

More information

IT Security and OT Security. Understanding the Challenges

IT Security and OT Security. Understanding the Challenges IT Security and OT Security Understanding the Challenges Security Maturity Evolution in Industrial Control 1950s 5/4/2012 # 2 Technology Sophistication Security Maturity Evolution in Industrial Control

More information

Does your Citrix or Terminal Server environment have an Achilles heel?

Does your Citrix or Terminal Server environment have an Achilles heel? CRYPTZONE WHITE PAPER Does your Citrix or Terminal Server environment have an Achilles heel? Moving away from IP-centric to role-based access controls to secure Citrix and Terminal Server user access cryptzone.com

More information

Security Solutions to Meet NERC-CIP Requirements. Kevin Staggs, Honeywell Process Solutions

Security Solutions to Meet NERC-CIP Requirements. Kevin Staggs, Honeywell Process Solutions Kevin Staggs, Honeywell Process Solutions Table of Contents Introduction...3 Nerc Standards and Implications...3 How to Meet the New Requirements...4 Protecting Your System...4 Cyber Security...5 A Sample

More information

Star System. 2004 Deitel & Associates, Inc. All rights reserved.

Star System. 2004 Deitel & Associates, Inc. All rights reserved. Star System Apple Macintosh 1984 First commercial OS GUI Chapter 1 Introduction to Operating Systems Outline 1.1 1.2 1.3 1.4 1.5 1.6 1.7 1.8 1.9 1.10 1.11 1.12 Introduction What Is an Operating System?

More information

Paravirtualization Figure 1.

Paravirtualization Figure 1. HRG Insight: Virtualization Virtualization? Everyone has heard about it but even the term conjures up a hazy, intangible image. It is one of those technology topics many CIOs and IT decision-makers would

More information

Microkernels, virtualization, exokernels. Tutorial 1 CSC469

Microkernels, virtualization, exokernels. Tutorial 1 CSC469 Microkernels, virtualization, exokernels Tutorial 1 CSC469 Monolithic kernel vs Microkernel Monolithic OS kernel Application VFS System call User mode What was the main idea? What were the problems? IPC,

More information

Advanced Visibility. Moving Beyond a Log Centric View. Matthew Gardiner, RSA & Richard Nichols, RSA

Advanced Visibility. Moving Beyond a Log Centric View. Matthew Gardiner, RSA & Richard Nichols, RSA Advanced Visibility Moving Beyond a Log Centric View Matthew Gardiner, RSA & Richard Nichols, RSA 1 Security is getting measurability worse Percent of breaches where time to compromise (red)/time to Discovery

More information

Network Security Guidelines. e-governance

Network Security Guidelines. e-governance Network Security Guidelines for e-governance Draft DEPARTMENT OF ELECTRONICS AND INFORMATION TECHNOLOGY Ministry of Communication and Information Technology, Government of India. Document Control S/L Type

More information

Security White Paper The Goverlan Solution

Security White Paper The Goverlan Solution Security White Paper The Goverlan Solution The Goverlan Administration Suite (which includes the following modules: Administration & Diagnostics, Remote Control, Scope Actions, and WMIX) is a powerful

More information

Email Security for Small Businesses: What's the Right Solution For You?

Email Security for Small Businesses: What's the Right Solution For You? Postini White Paper Email Security for Small Businesses: What's the Right Solution For You? The Small Business Dilemma: Fighting Growing Email Threats with Fewer Resources Many small businesses today face

More information

Triangle InfoSeCon. Alternative Approaches for Secure Operations in Cyberspace

Triangle InfoSeCon. Alternative Approaches for Secure Operations in Cyberspace Triangle InfoSeCon Alternative Approaches for Secure Operations in Cyberspace Lt General Bob Elder, USAF (Retired) Research Professor, George Mason University Strategic Advisor, Georgia Tech Research Institute

More information

SANS Top 20 Critical Controls for Effective Cyber Defense

SANS Top 20 Critical Controls for Effective Cyber Defense WHITEPAPER SANS Top 20 Critical Controls for Cyber Defense SANS Top 20 Critical Controls for Effective Cyber Defense JANUARY 2014 SANS Top 20 Critical Controls for Effective Cyber Defense Summary In a

More information

Ti m b u k t up ro. Timbuktu Pro and Microsoft System Management Server Integration White Paper. Contents

Ti m b u k t up ro. Timbuktu Pro and Microsoft System Management Server Integration White Paper. Contents The #1 Remote Control and File Transfer Software Contents 1 Integration Summary 1 An Introduction to Timbuktu Pro 2 Integration Details 2 SMS Application Distribution Packs for Timbuktu Pro 3 SMS Console

More information