* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
Download Panel 7 Maritime Transportation Logistics & Security Nov. 17, 2010
Survey
Document related concepts
Deep packet inspection wikipedia , lookup
Wake-on-LAN wikipedia , lookup
Zero-configuration networking wikipedia , lookup
Computer network wikipedia , lookup
Distributed firewall wikipedia , lookup
Airborne Networking wikipedia , lookup
List of wireless community networks by region wikipedia , lookup
Piggybacking (Internet access) wikipedia , lookup
Wireless security wikipedia , lookup
Network tap wikipedia , lookup
Computer security wikipedia , lookup
Recursive InterNetwork Architecture (RINA) wikipedia , lookup
Service-oriented architecture implementation framework wikipedia , lookup
Transcript
Maritime Cargo Security Presented by: Russ Clement (Deputy PM) Space and Naval Warfare Systems Center – Pacific Technical Point of Contact: [email protected] Advanced Container Security Device (ACSD) Program –Communications Sponsored by Department of Homeland Security (DHS), Ken Concepcion Program Manager November 17, 2010 San Diego, CA 1 Maritime Cargo Security (panel 7) DHS S&T is Developing Technical Requirements and Supporting Docs for Monitoring Cargo Security from Point of Stuffing to Deconsolidation Security Device (SD) Requirements Electronic Chain of Custody (ECoC) Device Requirements Marine Asset Tag Tracking System (MATTS) Requirements Container Stuffing/ Sealing Dray to Terminal Foreign port Terminal Hardware/Devices Network Access Device Requirements Network Security and Encryption Ocean Commerce US port Terminal Inland Dray or Rail Transport Deconsolidation = Data Read Locations = Secure FNAD Physical, Software and Protocol Interface Control Documents (ICDs) (2) Test and Evaluation Master Plans (TEMPS) (5) All documents completed and released to DHS in November 2010 2 Maritime Cargo Security (panel 7) All Three Requirements (SD, ECoC and MATTS) Feature: • Open Network Architecture using IEEE Standard 802.15.4-2006 for Wireless Links • • • • • Support for both Commercial and Security-Purposed Messaging Support for Existing Wireless Commercial Products for Backhaul (SAT/CELL) Support for New Commercial Products for Network Extension (Routing) End-to-end Encryption for Network Security Validated Sensor and Network Protocols supported by Field Tests and International Pilots Including: Japan to US (MATTS, 2008-2009) China To US (SD+MATTS, 2010 on-going) Secure Corridors (ECoC + MATTS ,APEX 2011) Applicable from Government to Commercial Government Applications Commercial Applications 3 Maritime Cargo Security (panel 7) Government/Commercial Opportunities Hardware Products • Sensors • Network Devices • Hand Held Readers OSI Model of Security Device Network Red = Proprietary Technology, Green = Open Architecture Software Products • Device OS/APIs • Malware Mitigation Tools • Site Implementation Tools Network Security Services • On-site • Enterprise Wide System Implementation Services • Ports • Shipper’s Facilities • Factories Layer Security Device or Sensor (on-conveyance) External Device for Cell/SAT/Routing and GPS Network Access Device (NAD) Command Center or Handheld User Interface Command Applications Presentation On-board OS Application with Encryption Supplemental Sensing Phenomenology Data Process for Custody Functions (optional) ICD-implemented Route Management Application Sensing Phenomenology Data Process Session Transport Network Operations and Maintenance Data Link • Data Services • Command Centers • Logistics (fee for service) Physical OS application w/encryption MS, UNIX or LINUX OS Applications Interface with Encryption OS Application Interface to ICD OS application interface to ICD MS, UNIX or LINUX TCP/IP Interface ICD-Implemented Network Discovery and Logical Addressing ICD-Implemented Network Discovery and Logical Addressing IP Packet Routing TCP ICD –Implemented Communication, Endto-end Connection and Reliability ICD –Implemented Communication, End-toend Connection and Reliability or Routing < --ICD to IP--> (convert ‘15.4 data frame to IP packet) IP IEEE 802.15.4 IEEE 802.15.4 < --IEEE 802.15.4 802.3 Ethernet -- > Ethernet Interface 2.4 GHz ISM Band Channel Use-age per ICD 2.4 GHz ISM Band Channel Use-age per ICD < --2.4 GHz ISM Band –Ethernet -- > Ethernet Cable Training • Operations • Technical Support • Network Security 4 Maritime Cargo Security (panel 7) TAKE-AWAY’s • New Cargo Security Technical Requirements in Review at DHS Features open network architecture Defines protocols for network discovery and message transfer Defines uniform message format Promotes value added functions • Supports Cargo Security and Electronic Chain of Custody Applications Cargo Security – Autonomous capability to detect door openings or removal (either door) Chain of Custody – Autonomous monitoring of physical locking mechanism of the conveyance door and location of conveyance. • Robust Primary Wireless Link is IEEE Standard 802.15.4-2006 MAC and PHY Supports security and commercial services Allows for existing commercial backhaul products/services (CELL/SAT/Routing) Supports end-to-end encryption on un-trusted networks. • Designed for Global Application 2.4 GHz ISM Band Low cost commercial-grade radios Exportable encryption (AES 128 and possibly in future 256) 5