Repository hosted by TU Delft Library

Home · Contact · About · Disclaimer ·
 

Towards Multi-Level Security for NATO Collective Mission Training – a White Paper

Attachments

Author: Möller, B. · Karlsson, P. · Croom-Johnson, S. · Hartog, T. · Huiskamp, W. · Verkoelen, C.A.A. · Jones, G. · Nielsen, M.N. · Ståhl, I.
Type:article
Date:2011
Publisher: Simulation Interoperability Standards Organization (SISO)
Source:2011 Spring Simulation Interoperability Workshop, 4-8 April 2011, Boston, MA, USA
Identifier: 428747
Article number: 11S-SIW-069
Keywords: Simulation · Simulation · Training · Interoperability · NATO · Security · Multi-level security · Communication & Information Organisation · ISEC - Information Security MSG - Modelling Simulation & Gaming · TS - Technical Sciences BSS - Behavioural and Societal Sciences

Abstract

Distributed simulation is rapidly becoming a necessity for collective mission training. With missions being joint and combined, we will never fight alone. Thus we need to train together, within and between nations. However, in any such scenario it is likely that some or all of the information may be classified at some level and need protection, be it scenarios, weapon and sensor capabilities or doctrines. In order for simulations to be interactive, one-way approaches such as data diodes will not work. Reclassification of systems using a “system high” approach has proven too complicated and expensive. This raises the need for true multi level security in collective mission training. This is indeed one of the big challenges in realizing the full potential of distributed simulation for defence purposes. As part of the NATO RTO program a new modelling and simulation working group has been formed, MSG-080, to look at this topic. Initial members include Canada, Estonia, France, the Netherlands, Norway, Sweden, UK and the US. A kick-off meeting has taken place in October 2010 and a first round of knowledge exchange has taken place. An early conclusion is that most participating nations have similar requirements. This paper summarizes the starting point for this group, including typical use cases where security solutions are needed, some basics about Multi-Level Security principles as well as a description of a few recent experiments carried out by some participants. Finally it describes some early considerations that were raised during the kick-off. Some examples are the need to obscure system capabilities, the need to support both simulation protocols and IT protocols (VoIP etc), the need for adequate performance and the need to get accreditation offices involved.