One of the most critical challenges faced in a congested and contested battlefield is the ability to connect and securely communicate across all domains. In order to achieve mission objectives, the defence community need the ability to access and share information seamlessly across the battlespace, to the headquarters in a secure and protected manor.
Defence computing networks and systems are a notorious and complex set of problems, limited by factors that do not exist in other use cases under normal day to day operations. To respond to these challenges, there is a need for a more integrated, digitalised and collaborative operating environment using cloud-based technologies.
However, when it comes to adopting cloud computing for defence, a number of factors must be taken into consideration.
Maintaining trust in Defence
More often than not, sovereign deployments take place in secure locations where physical access is tightly controlled for devices and people. Trust is essential in defence, as is the ability to remove it from people, equipment and systems. To maintain trust in defence solutions, identities need to be checked through caching, nodes and other unconventional approaches.
In defence, rapid deployment of systems with 24/7/365 access is crucial, however can be limited by technology, operations and circumstances. In some cases, extreme conditions are endured by systems in deployment, often across multiple environments whether in space, on land, at sea or in air. These conditions can mean that availability and other performance indicators cannot be complied with, leading to limitations in analysis.
Confidentiality, Integrity and Availability in Defence solutions
In defence, security is much tighter than commercial, or even CNI systems; accreditation has to be achieved and maintained in order for systems to be used, and resources must have mandated security clearance. Systems operate with limited or no interoperability, in separate domains with widespread use of encryption, and backhaul of data, operational and management to a third party is not acceptable.
Confidentiality, Integrity and Availability are key factors in defence solutions and in order to address these, a comprehensive security framework must be in place early on to manage the entirety and consistency of approach. Not only this, but accreditation must be mandated, achieved and maintained.
All domains whether unclassified, restricted/official or secret, have their uses and rules. Transition from domain to domain is a requirement for defence solutions but must be controlled as dictated by policy and accreditors. As such, sub domain multiple models for data is required. The same can be said for bearers where a layered approach must be used with differing requirements, needs and availability.
Cloud deployment for operations management
Schedules for operations and missions require stringent management; if a system is dependent upon an element, then outages are not acceptable to a much more rigorous level, and for some systems, server-less computing will not be acceptable.
Threats against cloud computing in defence impact more than the aspects of a typical computing system; for example, an attack on the management system will cause widespread disruption. While unlikely in the civilian domain, blended attacks of cyber and physical nature are inevitable in defence, occurring simultaneously. To prepare for this, risk models will require updates as circumstances change, leading to changes in mitigations and ultimately, technology.
Interconnects in defence systems are diverse and bearers include satellite, radio link, fixed, commercial and as well as many others; each with its own characteristics and availability all of which need to be taken into consideration in the deployment of cloud infrastructure.
Adopting cloud computing for defence
When it comes to adopting cloud computing for defence, security should be initiated and maintained from conception, with elements such as authentication, encryption at rest and transit mandated and maintained. This does not mean that a standard, one size fits all approach should be the method employed; for defence cloud the ability to assimilate comparable systems should be pragmatically employed, otherwise progression will be slow and subject to failure.
Through addressing the security and deployment requirements, incorporation of cloud computing for defence allows for collaboration and innovation across a secure, connected and shared platform equipping defence organisations with the ability to switch technology according to workloads, networks and applications, whilst ensuring applications and services remain available to meet requirements.
With these requirements in mind, the Multi-Domain Combat Cloud is enhancing defence power through its connectivity of nodes, a dot-based elaboration of a cloud environment, providing unmatched information superiority and operational agility. Find out more about the Airbus Multi-Domain Combat Cloud here.
About the author
Jeff Farr is a Principal Engineer at Airbus specialising in security architectures and solutions for Military, Government and High Assurance systems.
Read his latest articles here: