The Three Tenets
System vulnerability is defined by the ATSPI Technology Office's threat model to be the intersection of a system susceptibility or flaw, access to the flaw (threat accessibility), and the capability to exploit the flaw (threat capability). Implementation of the Three Tenets reduces vulnerabilities by reducing any or all of these areas.
The capacity of a system to be affected by a threat is reduced by the application of Tenet 1.
Tenet 1: Focus on what's critical
- Define mission needs
- Enumerate system access points and associated security elements
- Reduce access points to only those necessary to accomplish the mission (reduce the attack surface)
Access to the Flaw
The ability of a threat to gain access to a system, either physically or logically (e.g., over the network), is mitigated by the application of Tenet 2.
Tenet 2: Move it "Out of Band"
- Make critical access points and associated security elements less accessible to adversary
Capability to Exploit the Flaw
The ability of the threat to employ the knowledge and tools necessary to exploit the system to achieve the desired goal is reduced by the application of Tenet 3.
Tenet 3: Detect, React, Adapt
- Use countermeasures
- Impose appropriate penalties when attack is detected
- Reaction occurs inside the threat's OODA loop
- Fight through the attack!
The Threat, Environment, and Use Case
- Nation State
- Logical ("over the wire") access
- Physical (insider) access
- Critical servers
- End nodes, including desktops
- Mobile devices
- Use Case
- Protect DoD critical application software and data
The Need for TENS's Application of Intellectual Property Centric Security
- Deliberate targeting of DoD technology is ongoing
- Network/OS security is a hard problem
- Insecure end nodes
- Patch management problems and zero day exploits
- Insider threat and theft continues
- Commercial solutions fall short of DoD requirements
- Allow the exploration of cyberspace without fear
- Prevent malware from infecting user systems
- Provide strong encryption for data at rest and in transit
- Provide safe collaboration using technology
- Allow secure connections from potentially insecure end-nodes
- Mitigate the insider threat through technology not policy