The Military Technical Institute

The Military Technical Institute The security is essential, the security is a challenge Jitka Čapková

Petr Kozák

Vojenský technický ústav, s.p.

The Czech Republic security legislation applicable to CIS: • Law n. 412/2005 Sb., • Regulation n. 523/2005 Sb., concerning security of the CIS and other electronic devices handling classified information and shielded enclosures certification, as amended by regulation n. 453/2011 Sb. (beside a general rules for classified information

processing it also describes for example INFOSEC rules), • Czech National Security Agency Standard n. 2/2007 Sb. (equivalent to SDIP-29) Vojenský technický ústav, s.p., Mladoboleslavská 944, 197 21 Praha 9 – Kbely Tel.: +420 910 105 101, e-mail: [email protected], www.vtusp.cz

The security as a challenge Cons: The security is considered as a limitation by the designers. The security is considered as a necessary evil by the users. The security is often understand generally as a troublemaker by all. Pros: The system security guarantees data reliability, availability and authenticity. The system security gives a commander one of the preconditions for the task execution.

The security is a challenge for industry!!! Vojenský technický ústav, s.p., Mladoboleslavská 944, 197 21 Praha 9 – Kbely Tel.: +420 910 105 101, e-mail: [email protected], www.vtusp.cz

How to satisfy security requirements during the system development? • The security must be understand as an integral part of the contract – one of the initial conditions of the public tender. • From the very beginning (architecture design stage) is necessary to think of:

•

–

The RED and BLACK zones separation, filtering, layout of cables …,

–

The INFOSEC rules,

–

The communication cables protection,

–

The RED and BLACK data secure isolation.

Participation of the security manager before and during realization is required, and

in the period of the system certification the participation of contractor is needed. Vojenský technický ústav, s.p., Mladoboleslavská 944, 197 21 Praha 9 – Kbely Tel.: +420 910 105 101, e-mail: [email protected], www.vtusp.cz

The system certification • The stand alone certification is relevant for cryptographic devices and radios containing crypto capability only. • In the case of the information systems is certification performed for the whole system, including applied security features (mechanism). • Military Technical Institute is a designer and a provider of the wide spectrum of the security mechanisms for the certified systems used by The Czech Republic Armed Forces as a WOC/SQOC/DSQOC and GBAD.

Vojenský technický ústav, s.p., Mladoboleslavská 944, 197 21 Praha 9 – Kbely Tel.: +420 910 105 101, e-mail: [email protected], www.vtusp.cz

The security solutions designed and provided by VTÚ Data diode: –

2 Mbps

–

12 Mbps

–

100 Mbps (under development stage).

Two-way security gateways – 3S-x – Smart Security Separator: –

3S-1 – Force Protection (targets positions, objects, vector data, brief orders), between

security levels unclassified and secret, –

3S-2 – ATC (ADEXP flight plans), between security levels unclassified and secret,

–

3S-3 – MSS-2 (a national flight crews evidence) between levels unclassified and secret,

–

3S-4 – FADR (designed and planned for levels confidential – secret),

–

3S-5 – Mi-171Š (designed and planned for levels unclassified/restricted – secret).

Vojenský technický ústav, s.p., Mladoboleslavská 944, 197 21 Praha 9 – Kbely Tel.: +420 910 105 101, e-mail: [email protected], www.vtusp.cz

The security solutions designed and provided by VTÚ BF unit – a security filter: –

The integrated security gateway for bit and character oriented messages,

–

Development nearly finished – actually in the stage of the factory tests, user tests

scheduled for September 2015, –

Designed particularly for ground forces.

IEG – Information Exchange Gateway: –

Designed under NATO IEG Light concept for connection of the NATO SECRET, national SECRET and mission SECRET domains.

–

Delivered during 2012.

–

Designed particularly for ground forces.

Vojenský technický ústav, s.p., Mladoboleslavská 944, 197 21 Praha 9 – Kbely Tel.: +420 910 105 101, e-mail: [email protected], www.vtusp.cz

IEG

Data Diode BF Unit

Smart Security Separator Vojenský technický ústav, s.p., Mladoboleslavská 944, 197 21 Praha 9 – Kbely Tel.: +420 910 105 101, e-mail: [email protected], www.vtusp.cz

Vojenský technický ústav, s.p., Mladoboleslavská 944, 197 21 Praha 9 – Kbely Tel.: +420 910 105 101, e-mail: [email protected], www.vtusp.cz

Happy to answer any questions… [email protected]

www.vtusp.cz Vojenský technický ústav, s.p., Mladoboleslavská 944, 197 21 Praha 9 – Kbely Tel.: +420 910 105 101, e-mail: [email protected], www.vtusp.cz