Defending DoD Missions in the Commercial Cloud



Similar documents
Panel Discussion: Evolving DoD Security Requirements for Cloud

Enterprises and OEMs. Securing identity and access.

DISA releases updated DoD Cloud Requirements What are the impacts? James Leach January 2015

Cyber Situational Awareness - Big Data Solution

2014 Defense Health Information Technology Symposium Cloud Computing in the Defense Health Agency

Load Balancing Algorithm Based on QoS Awareness Applied in Wireless Networks

Additional File 1 - A model-based circular binary segmentation algorithm for the analysis of array CGH data

Tank Level GPRS/GSM Wireless Monitoring System Solutions

DISA and the Evolving DoD Enterprise

Incorporating Statistical Process Control and Statistical Quality Control Techniques into a Quality Assurance Program

DEPARTMENT OF DEFENSE CLOUD COMPUTING SECURITY REQUIREMENTS GUIDE. REVISION HISTORY For Version 1, Release March, 2016

Big Data Platform (BDP) and Cyber Situational Awareness Analytic Capabilities (CSAAC)

DoD Cloud Computing Security Requirements Guide (SRG) Overview

AWS Worldwide Public Sector

Palliative Care Collaborative: 8th Annual Regional Conference

Unified Capabilities (UC)

Keywords: Transportation network, Hazardous materials, Risk index, Routing, Network optimization.

Bending Stresses for Simple Shapes

PCA vs. Varimax rotation

Contents Stochastic Ray Tracing

DoD Cybersecurity Discipline Implementation Plan October 2015 Amended February 2016

Data Consolidation and Application Optimization (DCAO) Organization

A Secure Password-Authenticated Key Agreement Using Smart Cards

How To Improve The Defense Communications System

DEPARTMENT OF DEFENSE (DoD) CLOUD COMPUTING SECURITY REQUIREMENTS GUIDE (SRG) Version 1, Release January 2015

Swisscom Cloud Strategy & Services

DoD ENTERPRISE CLOUD SERVICE BROKER CLOUD SECURITY MODEL

DISA Testing Services for the Enterprise. Luanne Overstreet

Moving Securely Around Space: The Case of ESA

Network Operations (NetOps)

DoD Mobility Overview

Contents. Presentation contents: Basic EDI dataflow in Russia. eaccounting for HR and Payroll. eaccounting in a Cloud

Joint Information Environment Single Security Architecture (JIE SSA)

A Combat Support Agency

How To Write A Storybook

ITIL & Service Predictability/Modeling Plexent

Bank Incentives, Economic Specialization, and Financial Crises in Emerging Economies

DEPARTMENT OF DEFENSE DeCA Directive HEADQUARTERS DEFENSE COMMISSARY AGENCY February 2002 Fort Lee, VA

Mission Partner Environment DISA Multinational Information Sharing

PRACTICAL ADVANTAGES OF USING THE MECHANICS OF CONTINUUM TO ANALYSE DEFORMATIONS OBTAINED FROM GEODETIC SURVEY

EMPLOYMENT SCREENING FORM

THE NAVAJO NATION Department of Personnel Management JOB VACANCY ANNOUNCEMENT INFORMATION SYSTEMS TECHNICIAN

What should go to the Cloud and When. What should NOT go to the Cloud and Why

NETWORK SERVICES (NS/NSC) ENTERPRISE CONNECTION DIVISION DEFENSE INFORMATION SYSTEMS NETWORK (DISN) CONNECTION PROCESS GUIDE (CPG)

NGEN Re-compete Industry Day Navy Data Center Consolidation

An Overview of Large US Military Cybersecurity Organizations

DoD s Strategic Mobility Vision: Needs & Challenges

DEFENSE INFORMATION SYSTEMS AGENCY STRATEGIC PLAN UNITED IN SERVICE TO OUR NATION

Before attempting to connect or operate this product, please read these instructions carefully and save this manual for future use.

DHMSM Program Management Office DoD Healthcare Management Systems (DHMS) Program Executive Office

Coverage Assessment and Target Tracking in 3D Domains

Mission Partner Concept

ANALYSIS OF ORDER-UP-TO-LEVEL INVENTORY SYSTEMS WITH COMPOUND POISSON DEMAND

It is the policy of the District to compensate employees based on policies and pay scales established by the Board of Trustees.

LUNARLINE: School of Cyber Security. Dedicated to providing excellence in Cyber Security Training Certifications. ISO 9001: 2008 Certified

SYSTEM AUTHORIZATION ACCESS REQUEST NAVY (SAAR-N)

What is Unified Capabilities?

(Semi)Parametric Models vs Nonparametric Models

A Novel Lightweight Algorithm for Secure Network Coding

A Systematic Approach to the Comparison of Roles in the Software Development Processes

Preface. P.1 Purpose. P.3 Authority. P.4 References. Procedures for Performing a Failure Modes, Effects, and Criticality

Fault tolerance in cloud technologies presented as a service

HP Mission-Critical Services

Descriptive Models. Cluster Analysis. Example. General Applications of Clustering. Examples of Clustering Applications

Evolution of Internet Infrastructure in the 21 st century: The Role of Private Interconnection Agreements

DATAPLAY: Mapping Game Mechanics to Traditional Data Visualization

is knowing the car market inside out.

Improving the security of EAP-EHash authentication method

STATE OF RHODE ISLAND AND PROVIDENCE PLANTATIONS

Data Mining from the Information Systems: Performance Indicators at Masaryk University in Brno

BRO1075. Manager - International Tax, Taxation Department TAX/86/444. TAX/MCM/hrcfX736 INSURANCE PREMIUM I TAX . AVIATION.

Partnering with Small Business

A New replenishment Policy in a Two-echelon Inventory System with Stochastic Demand


2014 Forecast to Industry

Improvements Needed With Host-Based Intrusion Detection Systems

Unified Capabilities (UC)

An RFID Distance Bounding Protocol

LUNARLINE: School of Cyber Security. Dedicated to providing excellence in Cyber Security Training Certifications. ISO 9001: 2008 Certified

RESEARCH ON DUAL-SHAKER SINE VIBRATION CONTROL. Yaoqi FENG 1, Hanping QIU 1. China Academy of Space Technology (CAST)

DoD Mobility Kim Rice

Feature selection for intrusion detection. Slobodan Petrović NISlab, Gjøvik University College

DEPARTMENT OF THE NAVY HEADQUARTERS UNITED STATES MARINE CORPS 3000 MARINE CORPS PENTAGON WASHINGTON, DC

HEAT TRANSFER ANALYSIS OF LNG TRANSFER LINE

DSS/NCMS Leadership Quarterly Meeting 15 November 2013

Cloud Security. A Sales Guy Talks About DoD s Cautious Journey to the Public Cloud. Sean Curry Sales Executive, Aquilent

Hosted by Lunarline: School of Cyber Security

AGENDA. CNDSP Program CNDSP is a Team Sport. Protect Respond CNDSP Contacts Questions

Probabilistic maintenance and asset management on moveable storm surge barriers

Electric Potential. otherwise to move the object from initial point i to final point f

No 28 Xianning West Road, Xi an No 70 Yuhua East Road, Shijiazhuang.

Abstract. 1. Introduction

Department of Defense INSTRUCTION

IT Update - August 2006

WORKERS' COMPENSATION ANALYST, 1774 SENIOR WORKERS' COMPENSATION ANALYST, 1769

An AnyLogic Simulation Model for Power and Performance Analysis of Data Centres

COMPLIANCE WITH THIS PUBLICATION IS MANDATORY

A Novel Methodology of Working Capital Management for Large. Public Constructions by Using Fuzzy S-curve Regression

Transcription:

Dfndng DoD Mssons n th Commcal Cloud Pt Dnsmo Cybscuty Rsk Managmnt 18 Jun 2015 UNCLASSIFIED 1

Data Catgozaton IMPAC LEVELS Lvl 1: Unclassfd Infomaton Appovd fo Publc Rlas Lvl 2: Non-Contolld Unclassfd Infomaton Lvl 3: Contolld Unclassfd Infomaton Lvl 4: Contolld Unclassfd Infomaton Expot Contol, PI, PHI, FOUO and oths Lvl 5: Contolld Unclassfd Infomaton CUI Rqung Hgh Potcton,.. NSSs Lvl 6: Classfd Infomaton up to SECRE h data nds to dv th lvl of potcton and dfns qud! UNCLASSIFIED 2

Ky Scuty Rqumnts IMPAC LEVEL INFORMAION SENSIIVIY SECURIY CONROLS LOCAION OFF-PREMISES CONNECIVIY SEPARAION PERSONNEL REQUIREMENS 2 PUBLIC o Non ctcal Msson Infomaton FdRAMP v2 Modat US / US outlyng aas o DoD on pmss o AO authozd locatons Intnt Vtual / Logcal PUBLIC COMMUNIY Natonal Agncy Chck and Inqus (NACI) 4 5 CUI o Non CUI Ctcal Msson Infomaton Non Natonal Scuty Systms Hgh Snstvty CUI Natonal Scuty Systms Lvl 2 + CUI Spcfc alod St Lvl 4 + NSS & CUI Spcfc alod St US / US outlyng aas o DoD on pmss o AO authozd locatons US / US outlyng aas o DoD on pmss NIPRNt va CAP NIPRNt va CAP Vtual / Logcal PUBLIC COMMUNIY Stong Vtual Spaaton Btwn nant Systms & Infomaton Vtual / Logcal FEDERAL GOV. COMMUNIY Ddcatd Infastuctu ADP 1 Sngl Scop Backgound Invstgaton (SSBI) ADP 2 Natonal Agncy Chck wth Law and Cdt (NACLC) Non Dsclosu Agmnt (NDA) 6 Classfd SECRE Natonal Scuty Systms Lvl 5 + Classfd Ovlay US / US outlyng aas o DoD on pmss CLEARED / CLASSIFIED FACILIIES SIPRNE va CAP Vtual / Logcal FEDERAL GOV. COMMUNIY Ddcatd Infastuctu Favoably Adjudcatd SSBI SECRE Claanc NDA UNCLASSIFIED 3

Rsk Managmnt Rsk Pofl AO Dcson Idntfy Cloud Svc Povd () Offng (s) wth DoD Povsonal AO (P-AO) aganst msson data scuty qumnts Slct aft compang sk pofls Rcpocty: maxmz us of xstng body of vdnc (.g. scop, tstng, sults, sdual sk) Idntfy and solv any addtonal tstng qumnts If sk s accptabl: Issu a Msson Own AO, xplctly flctng accptanc of sk and lablts n DoD P-AO fo systm and msson. Msson AO UNCLASSIFIED 4

Cloud Dfns Objctvs Lvl 2 Commcal Cloud Intnt basd uss connct to Lvl 2 s va dct Intnt Accss Intnt Us Lvl 2 s Intnt DoD Intnt Accss Pont (IAP) Ntwok dfnss nhtd though povdd capablts NIPRNt uss connct to Lvl 2 s va th DoD IAPs NIPRNt Us NIPRNt UNCLASSIFIED 5

Cloud Dfns Objctvs Lvl 4/5 Commcal Cloud Lvl 4/5 s Intnt Us Intnt DoD Intnt Accss Pont (IAP) Conncton Cloud Accss Pont (CAP) Potct applcatons xcutng n th cloud fom malcous actvty NIPRNt Us NIPRNt Potct th DoDIN fom malcous actvty occung n th cloud UNCLASSIFIED 6 25 JAN 2015 -- 1750 6

DCO Rsponsblts ELEMENS OF DCO/ DCO s a shad sponsblty btwn DISA, povds, th, and Msson Owns Lvl 4 / 5 s Msson Own (VPC) Intuson Dtcton/Pvnton Systm (IDPS) Intnt Conncton Fwall Capablts Entps Infomaton Assuanc Intnt Us DoD Intnt Accss Pont (IAP) Cloud Accss Pont (CAP) Enclav Scuty Applcaton Potcton Loggng and Analyss NIPRNt Us NIPRNt UNCLASSIFIED 7

Bounday Povds USCYBERCOM JFHQ-DODIN CP JCC / CCMD DISA DCC DNC CONUS (DoDIN ) ----------- USCYBERCOM JFHQ-DODIN CP Bounday (B) JCC / CCMD 1 US- CER DISA DCC DNC CONUS (DoDIN ) ----------- Msson (C2+Ops) Bounday (B) 1 2 Ods LEGEND Data Shang Data Flow/Rpotng Msson Owns Mssons Contan 3 UNCLASSIFIED 8

Msson Povds USCYBERCOM JFHQ-DODIN CP JCC / CCMD Msson (C2+Ops) 2 US- CER DISA DCC DNC CONUS (DoDIN ) ----------- Msson (C2+Ops) Bounday (B) MCN D MCN D 1 2 Ods LEGEND Data Shang Data Flow/Rpotng Msson Owns Mssons Contan 3 UNCLASSIFIED 9

Msson Owns / s USCYBERCOM JFHQ-DODIN CP JCC / CCMD Msson Owns Mssons Contan 3 US- CER DISA DCC DNC CONUS (DoDIN ) ----------- Msson (C2+Ops) Bounday (B) MCN D MCN D 1 2 Ods LEGEND Data Shang Data Flow/Rpotng Msson Owns Mssons Contan 3 UNCLASSIFIED 10

Rollng nto th Cloud! UNCLASSIFIED 11

Contact/POC Infomaton Infomaton www.dsa.ml Wbst o Pogam Extnal Lnk http://www.dsa.ml/computng/cloud-svcs/cloud-suppot https://dsa.dps.ml/dsa/og/atb/cloud%20bok/pags/dfault.aspx EMAIL https://dsa.dps.ml/dsa/og/atb/cloud%20bok/pags/contact%20us.aspx kvn.a.walk50.cv@mal.ml PHONE 301-225-5036 UNCLASSIFIED 12

Untd n Svc to Ou Naton UNCLASSIFIED 13

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information