A re-usable architecture for embedded INFOSEC applications

As the Department of Defense (DoD) reduces in size, and the DoD supplier base consolidates, the number of organizations that maintain high assurance information security (INFOSEC) expertise will decrease. As this occurs, the demand for embeddable security features in new and diverse products, including commercial products, will increase. In addition, increasingly limited resources at the National Security Agency (NSA) will result in fewer DoD approvals. An effective method of addressing these conflicting trends is to develop a highly transportable and hierarchical INFOSEC architecture. To be successful, an autonomous subsystem would be required which meets the DoD/NSA current and future standards. Harris Corporation has made a long term R and D investment into developing such an architecture, internally called the Common INFOSEC Module (CIM). The CIM architecture addresses the need for a National Security Agency (NSA) endorsed, embeddable technology that can be tailored to communications platforms to provide type I communications and transmission security (COMSEC and TRANSEC), along with advanced key management. In addition, CIM accommodates cryptographic solutions that support NATO interoperability, sensitive but unclassified requirements, and selected export requirements. This paper presents the technical approaches developed and the benefits provided to military communicators