Abstract
This thesis contributes to the understanding of issues in secure information exchange between organisations within environments such as the Government arena. It seeks to improve contemporary practice through enhancing the understanding of issues influencing the design, implementation and use of encryption services, secure traffic forwarding methods and Virtual Private Networks (VPNs) within this context.
The thesis contains a literature review of relevant subjects including full
- mesh encryption systems, security controls such as Domain Name System (DNS) security mechanisms and the Common Criteria (CC) Evaluation Scheme as used by
Governments worldwide in the selection of information security products. Within
this complex environment an analysis of common encryption and VPN technologies
and topologies is presented. It is argued that these technologies are flawed for use in many-to-many topologies when deployed inter-Agency rather than intra-Agency. This is because the underlying solutions are largely prefaced around the concept of a single and unified trust domain.
It is shown that the use of such arrangements can require the need for participating organisations to trust each other or third parties to
an extent beyond that implied by the need to exchange sensitive information.
The thesis builds upon the literature review by examining aspects of the Australian Government FedLink encryption service. This provides an example that crystallises the application of the various components of the literature review, and highlights complexities that occur in developing large collaborative inter - organisational encryption services. As part of this, aspects of the relevant Government policies are reviewed and discussed, including how those policies compare to those applied by partners such as allied foreign Governments. In this regard, the thesis argues that existing approaches to information security classification and their associated controls are inconsistent across organisations. This represents a significant challenge in developing technology or technical controls that can facilitate and manage the dissemination of information of differing security value.
Enhancements to the FedLink service are proposed that increase both the utility and security of the service. These enhancements leverage the exiting FedLink
infrastructure to deploy capability including:
Communities of interest within the encryption service;
Centralised mitigation against malicious hosts; and
Better enforcement controls relating to the secure forwarding of traffic at different security classifications.
It is demonstrated that these can be accomplished using existing infrastructure and hardware, representing a low cost, scalable and achievable set of enhancements. It is asserted that similar enhancements and the underlying concepts upon which they are developed could be applied to other, similar secure collaboration arrangements. This is because the processes and methods used in the enhancement are demonstrated to exist in contemporary data communications equipment. At the same time, the method used to mark traffic to indicate security value is not specific to any one Government or regulatory standard, and therefore lends itself to adoption in multiple security models or environments where there may be a need for traffic marking to indicate information security value.
The main contributions of the research are:
The creation of a number of discrete security and utility enhancements
applicable to full-mesh inter-organisational encryption services such as
FedLink;
Expanding upon existing research in to the CC Evaluation Scheme by providing an example of a system built using evaluated products;
Identification of the lack of standardisation in the way that classified information is marked; and
Providing insight into technical, legal, and procedural complexities associated with a Government IT environment.
The thesis contains a literature review of relevant subjects including full
- mesh encryption systems, security controls such as Domain Name System (DNS) security mechanisms and the Common Criteria (CC) Evaluation Scheme as used by
Governments worldwide in the selection of information security products. Within
this complex environment an analysis of common encryption and VPN technologies
and topologies is presented. It is argued that these technologies are flawed for use in many-to-many topologies when deployed inter-Agency rather than intra-Agency. This is because the underlying solutions are largely prefaced around the concept of a single and unified trust domain.
It is shown that the use of such arrangements can require the need for participating organisations to trust each other or third parties to
an extent beyond that implied by the need to exchange sensitive information.
The thesis builds upon the literature review by examining aspects of the Australian Government FedLink encryption service. This provides an example that crystallises the application of the various components of the literature review, and highlights complexities that occur in developing large collaborative inter - organisational encryption services. As part of this, aspects of the relevant Government policies are reviewed and discussed, including how those policies compare to those applied by partners such as allied foreign Governments. In this regard, the thesis argues that existing approaches to information security classification and their associated controls are inconsistent across organisations. This represents a significant challenge in developing technology or technical controls that can facilitate and manage the dissemination of information of differing security value.
Enhancements to the FedLink service are proposed that increase both the utility and security of the service. These enhancements leverage the exiting FedLink
infrastructure to deploy capability including:
Communities of interest within the encryption service;
Centralised mitigation against malicious hosts; and
Better enforcement controls relating to the secure forwarding of traffic at different security classifications.
It is demonstrated that these can be accomplished using existing infrastructure and hardware, representing a low cost, scalable and achievable set of enhancements. It is asserted that similar enhancements and the underlying concepts upon which they are developed could be applied to other, similar secure collaboration arrangements. This is because the processes and methods used in the enhancement are demonstrated to exist in contemporary data communications equipment. At the same time, the method used to mark traffic to indicate security value is not specific to any one Government or regulatory standard, and therefore lends itself to adoption in multiple security models or environments where there may be a need for traffic marking to indicate information security value.
The main contributions of the research are:
The creation of a number of discrete security and utility enhancements
applicable to full-mesh inter-organisational encryption services such as
FedLink;
Expanding upon existing research in to the CC Evaluation Scheme by providing an example of a system built using evaluated products;
Identification of the lack of standardisation in the way that classified information is marked; and
Providing insight into technical, legal, and procedural complexities associated with a Government IT environment.
Original language | English |
---|---|
Qualification | Doctor of Information Technology |
Awarding Institution |
|
Supervisors/Advisors |
|
Award date | 31 Jan 2018 |
Publisher | |
Publication status | Published - 2018 |