A view on Interoperability vs Cyber Security/Information Assurance by Mr. Jack Zavin Advisor Council Member,
NCOIC Member Executive Representative, & Vice Chair Net Centric Attributes Functional Team
Apidays New York 2024 - The value of a flexible API Management solution for O...
Â
Interoperability versus Cyber Security/Information Assurance?
1. Interoperability versus Cyber Security/Information
Assurance?
Mr. Jack Zavin
Advisor Council Member,
NCOIC Member Executive Representative,
& Vice Chair Net Centric Attributes Functional Team
11 June 2010
Approved for Public Release
Distribution Unlimited
NCOIC-DefDailyCyber-JZ20100611rev1
2. Net Centric Environment (NCE):
Objective, Goals & Description
ď§ Objective: All users, whether known or unanticipated, are
able to easily discover, access, trust, and use the
data/information that supports their business/mission
objectives unconstrained by their location or time of day.
ď§ Goals:
â Evolve & Populate the NCE
â Protect & Defend the NCE
â Manage & Operate the NCE
ď§ The NCE is implemented with evolving balanced &
synchronized sets of Process, Organization, People,
Information & Materiel (POPIM) Solutions.
ď§ Interoperability whether in an NCE or not is more than just
the technical exchange of information rather it is composed
of evolvable POPIM Solutions Sets. Interoperability must be
synergized with Information Assurance to assure obtaining
the best of both.
3. Net Centric Environment:
Functional Performers
Managers/Operators** IA*
IA
Info Producers/publishers**
Information Services IA
Providers IA
Users/Consumers**
Computing
Resource
Providers IA
Information Transport
Providers IA
⢠Behavior and relationship characteristics include: Quality of Service;
Quality of Protection; Addressing; Tagging of content & roles/Identities;
⢠Information Forms include voice, video, images, text, graphicsâŚ.
* IA = Information Assurance â protecting & defending the information
and information technology.
** Includes Software Applications whether hosted locally or by a
computing resource provider.
4. Interoperability Model:
A composite of Materiel & Non-materiel solutions
Mission/Business Objectives IA
Non-Materiel
Solutions
Harmonized Strategy/Doctrines IA
Process,
Layers of Interoperability
Organization,
Aligned Operations IA People
Aligned Procedures IA
Knowledge/Awareness IA
Data,
Information Interoperability Information,
IA
Knowledge
Data/Object Model Interoperability
IA
Network Interoperability Information
IA
Transport
Materiel
Solutions
Physical Interoperability IA
5. Interoperability Model &
End to End Quality of Service (QoS)
Mission/Business Objectives IA
Organizational
Harmonized Strategy/Doctrines Drivers
IA Quality of
Layers of Interoperability
Aligned Operations Operation
IA
Services
Aligned Procedures (QoOS)
IA
Knowledge/Awareness IA
Quality of
Information
Information Interoperability IA
Services
(QoIS)
Data/Object Model Interoperability
IA
Quality of
Network Interoperability IA Transport Technical
Services Drivers
Physical Interoperability IA
(QoTS)
6. End-to-End Quality of Service
End-to-End Quality of Service
+ = +
Q u a l i t y o f O p e r a t i o n Services Quality of Information Services Quality of Transport Services
Key Needs: Key Needs: Key Needs:
⢠Mission or business ⢠Discoverability & availability ⢠Network interoperability
objectives ⢠Transport interoperability ⢠Physical interoperability
⢠Harmonized strategy or ⢠Data/object model
doctrines interoperability Key Metrics:
⢠Aligned operations ⢠Urgency:
⢠Aligned procedures ⢠Transport lag or delay,
Key Metrics: jitter, packet loss, packet
⢠Knowledge/awareness of ⢠Urgency:
actions by people and errors
⢠Data/topic latency, service ⢠Priority:
processes response time, application ⢠Class of service,
Key Metrics: timeliness differentiated service,
⢠Urgency: ⢠Priority: precedence, preemption,
â˘Timeliness ⢠Precedence of user guaranteed service
⢠Priority: requests, data, and services ⢠Information Assurance:
â˘Degree of cooperation ⢠Information Assurance (IA) ⢠Data Trust: Availability,
⢠Information Assurance (IA) âData Trust: integrity & Connectivity (fixed,
â˘Fluidity of response availability, fault tolerance, mobile)
â˘Clarity of understanding accessibility ⢠Security: encryption,
â˘Ubiquity or extent of âSecurity: data confidentiality, intrusion detection,
influence authentication, non- authentication,
â˘Accuracy repudiation authorization, access 6
control
7. The unique values of NCOIC
ď§ NCOIC is the only organization dedicated to net
centric operations.
ď§ NCOIC provides vendor neutral products &
services.
ď§ NCOIC provides multinational dialog.
ď§ NCOIC provides a multi-discipline cadre of
experts.