NATO automated information system co-operative zone technologies, Journal of Telecommunications and Information Technology, 2003, nr 4

The core components of NATO’s automated information systems (AIS) include directory services (DS), e-mail, web services, and military message handling systems (MMHS) to exchange information with similar capabilities in NATO’s member nation systems or systems that are under control of multi-national coalitions. NATO has developed the concept of information exchange gateways (IEGs) to meet this requirement. This paper introduces the concept of combining symmetric co-operative zones (CZs) to form these information exchange gateways. A generic framework for the co- operative zone network and security architecture is introduced in support of co-operative zone development. It is shown how a co-operative zone network interface can be integrated with the NATO general-purpose segment communications system (NGCS). Development of the NATO co-operative zones is based on an evolutionary approach. A baseline co-operative zone configuration, supporting directory services, e-mail and web services, has been tested and validated on the allied systems interoperability testbed (ASIT). This paper reports the results of the test and validation program. The paper concludes with an overview of planned evolutionary steps for cooperative zone development. Subjects covered in this overview are extension of information services, enhancement of security architecture, and operational deployment (i.e., scalability and manageability)

Design and implementation of a private certificate authority: a case study of Telkom Kenya limited

Thesis submitted in partial fulfillment of the requirements for the Degree of Master of Science in Information Systems Security (MSc.ISS) at Strathmore UniversityPublic Key Infrastructure (PKI) provides confidentiality and integrity to an enterprise and its customers. Applications accessed through corporate network needs to be protected when in transit and hence the need for a Certificate Authority (CA). Most enterprises currently purchase digital certificates from other Certificate Authorities, for instance Comodo, Symantec, Digicert, Thwate, GoDadddy, etc. Others purchase through third parties for instance Cloud Productivity Solutions in Kenya who then get their digital certificates from GeoTrust. These certificates are used to guarantee secure communication when accessing services on servers within an organization. The main challenge of buying of the certificates is the high purchase cost of single or Subject Alternative Name (SAN) certificates. By having their own Certificate Authority, digital certificates would cost less and give an enterprise the means to control large numbers of Digital Certificates for SSL, authentication, document signing, S/MIME (Secure/Multipurpose Internet Mail Extensions) and other usages of digital signatures. This implies that costs would be reduced by generation of enterprise-owned digital certificates instead of purchasing them. By understanding the current infrastructure in place, a CA was created for generation distribution and revocation of SSL certificates. This would replace purchasing of certificates signed by other public Certificate Authorities. This dissertation sought to design, develop and implement a comprehensive CA as per the X.509 standard for the purpose of generation of certificates for internal use for corporates and selling of the same to generate revenue so as to cut on costs incurred on purchase of digital certificates. Also a proof of concept of a private CA was used to validate the certificate authority with security of the Certificate Authority being considered

Journal of Telecommunications and Information Technology, 2003, nr 4

kwartalni

Implicações Doutrinárias

Neste estudo foi empregue o método científico, com recurso ao modelo dedutivo, para se encontrar resposta ao problema em análise, consubstanciado na questão central “A doutrina das Transmissões de Campanha no Exército Português altera-se substancialmente com a adopção do Sistema de Informação e Comunicações-Táctico?”. O estudo está organizado em duas partes dotadas de um encadeamento lógico: na primeira, denominada de generalidades e conceitos de Transmissões, abordam-se as razões que levaram à necessidade de um novo sistema de informação e comunicações táctico para o Exército, bem como dois conceitos enquadrantes da nova realidade das comunicações militares, a guerra da informação e as operações centradas em rede. Com base nestes conceitos avança-se para uma definição de funções e princípios que guiam os Sistemas de Informação e Comunicações na actualidade. Na segunda parte é abordado o emprego táctico das transmissões, estudando-se os sistemas Mobile Subscriber Equipment e o conceito de LandWarNet aplicado às novas brigadas norte-americanas. Após um enquadramento conceptual e uma análise à estrutura lógica e modular do Sistema de Informação e Comunicações-Táctico, apresenta-se um possível emprego do mesmo na manobra de uma brigada. Conclui-se que, face à nova filosofia modular do Sistema de Informação e Comunicações-Táctico, à sua utilização de protocolos standard, à sua capacidade de implementação de serviços diferenciados e à sua versatilidade e potencial interoperabilidade, a doutrina das transmissões de campanha no Exército se altera substancialmente com a adopção do Sistema de Informação e Comunicações-Táctico. Em complemento, apresentam-se contributos para a implementação da componente de segurança no Sistema de Informação e Comunicações-Táctico. Abstract: In this study a scientific methodology was used, resorting to a deductive model to find an answer to the problem in analysis summed up in the main question: “Does the introduction of the Tactical Communications and Information System significantly change the tactical signal support doctrine in the Portuguese army?” The study is organized in two parts according to a logical sequence: in the first one, named signals concepts and generalities, the reasons behind the need of a new Army tactical communications and information system are addressed, as well as two structuring concepts of the new military communications environment, information warfare and network centric operations. Starting from these concepts the study moves on to define the new functions and principles that drive Communications and Information Systems nowadays. In the second part the study addresses the tactical employment of signals, by studying the Mobile Subscriber Equipment system and the LandWarNet concept as applied to the new North American brigades. Following a conceptual framing and an analysis of the modular and logical structure of the Tactical Communications and Information System, its possible employment in the brigade maneuver is presented. It is concluded that, because of the Tactical Communications and Information System’s modular philosophy, its adherence to standard protocols, its differentiated services implementation capability and its potential versatility and interoperability, the introduction of Tactical Communications and Information System significantly changes the tactical signal support doctrine in the Portuguese army. In addition, some contributions to the implementation of the security component of Tactical Communications and Information System are presented