Secure Configuration tool Suite Initiative

Vulnerability identification, remediation, and compliance verification within the Department of Defense (DOD) are currently inconsistent and non-integrated. The Secure Configuration Tool Suite (SCTS) solution should make significant grounds in resolving the DOD deficiency within an Enterprise-wide Information Assurance Vulnerability Management System. The professional project documented in this paper is a result of a major DOD initiative in support of the SCTS, and is comprised of 2 initiatives: the Secure Configuration Compliance Validation Initiative (SCCVI), which provides vulnerability assessment capability, and the Secure Configuration Remediation Initiative (SCRI), which provides vulnerability remediation capability. As a member of the project installation team the author performed on-site installations as required and directed. The DOD is a large organization and documenting the entire project would be beyond the scope of this professional project. Therefore, this analysis is based on a smaller scale of the initiative above. The installation of an unclassified baseline model at a pre-selected DOD command andall of its subcomponents will be utilized for this thesis. This installation will eventually be available for all DOD components to use as a lessons-learned tool and as a result these tools will be applied across the DOD Enterprise and should fully integrate IA Vulnerability identification, verification, and reporting; thus making a significant contribution to an Enterprise-wide Information Assurance Vulnerability Management System. While this project is based on actual events and efforts, in order to keep within the guidelines of non-disclosure outside of the DOD environment, specific names of commands, agencies and locations have been substituted with generic ones

Networking as a Strategic Tool, 1991

This conference focuses on the technological advances, pitfalls, requirements, and trends involved in planning and implementing an effective computer network system. The basic theme of the conference is networking as a strategic tool. Tutorials and conference presentations explore the technology and methods involved in this rapidly changing field. Future directions are explored from a global, as well as local, perspective

An Open Management and Administration Platform for IEEE 802.11 Networks

The deployment of Wireless Local Area Network (WLAN) has greatly increased in past years. Due to the large deployment of the WLAN, the immediate need of management platforms has been recognized, which has a significant impact on the performance of a WLAN. Although there are various vendor-specific and proprietary solutions available in the market to cope with the management of wireless LAN, they have problems in interoperability and compatibility. To address this issues, IETF has come up with the interoperability standard of management of WLANs devices, Control And Provisioning of Wireless Access Points (CAPWAP) protocol, which is still in the draft phase. Commercial implementation of this draft protocol from WLAN equipment vendors is rather expensive. Open source community, therefore, tried to provide free management solutions. An open source project called openCAPWAP was initiated. However, it lacks a graphic user interface that makes it hard to implement for novice network administrators or regular customers. Therefore, the researcher designed and developed a web interface framework that encapsulates openCAPWAP at the bottom to provide user-friendly management experience. This application platform was designed to work with any remote web server in the public domain through which it can connect to access points or access controllers through a secure shell to configure them. This open platform is purely open source-based. It is operating system independent: it can be implemented on any open source environment such as regular Linux operating system or embedded operation system small form factor single board computers. The platform was designed and tested in a laboratory environment and a remote system. This development contributes to network administration in both network planning and operational management of the WLAN networks

The RAppArmor Package: Enforcing Security Policies in R Using Dynamic Sandboxing on Linux

The increasing availability of cloud computing and scientific super computers brings great potential for making R accessible through public or shared resources. This allows us to efficiently run code requiring lots of cycles and memory, or embed R functionality into, e.g., systems and web services. However some important security concerns need to be addressed before this can be put in production. The prime use case in the design of R has always been a single statistician running R on the local machine through the interactive console. Therefore the execution environment of R is entirely unrestricted, which could result in malicious behavior or excessive use of hardware resources in a shared environment. Properly securing an R process turns out to be a complex problem. We describe various approaches and illustrate potential issues using some of our personal experiences in hosting public web services. Finally we introduce the RAppArmor package: a Linux based reference implementation for dynamic sandboxing in R on the level of the operating system

Lockheed Martin Idaho Technologies Company information management technology architecture

The Information Management Technology Architecture (TA) is being driven by the business objectives of reducing costs and improving effectiveness. The strategy is to reduce the cost of computing through standardization. The Lockheed Martin Idaho Technologies Company (LMITCO) TA is a set of standards and products for use at the Idaho National Engineering Laboratory (INEL). The TA will provide direction for information management resource acquisitions, development of information systems, formulation of plans, and resolution of issues involving LMITCO computing resources. Exceptions to the preferred products may be granted by the Information Management Executive Council (IMEC). Certain implementation and deployment strategies are inherent in the design and structure of LMITCO TA. These include: migration from centralized toward distributed computing; deployment of the networks, servers, and other information technology infrastructure components necessary for a more integrated information technology support environment; increased emphasis on standards to make it easier to link systems and to share information; and improved use of the company`s investment in desktop computing resources. The intent is for the LMITCO TA to be a living document constantly being reviewed to take advantage of industry directions to reduce costs while balancing technological diversity with business flexibility