Camus: Mapping Cyber Assets to Missions and Users
Camus is a proof of concept that enables cyber impact assessment by modeling and automatically mapping cyber assets to the missions and users that depend on them. Camus collects from various sources data that describe the organization and the activity between users and cyber assets, such as traffic captures and people directories, and fuses the data into a comprehensive model that reveals relationships between cyber assets and the users and missions that rely on them. By automatically mining existing data to create contextual information, Camus provides an up-to-date picture of what an organization really looks like, who uses what asset, and what they are using it for. This information improves risk assessments by identifying critical assets and single points of failure for critical processes, and enhances situational awareness by providing an improved context for the decision-making process. Additionally, with no manual maintenance to update dependencies, and no client software install required, Camus saves time and labor.
Camus was funded by the Office of the Secretary of Defense, and managed by the Air Force Research Laboratory through a two-year Phase II Small Business Innovative Research contract that commenced in May 2008.
To learn more about Camus, please review the Camus Datasheet or read our paper Camus: Automatically Mapping Cyber Assets to Missions and Users. For more information about Camus or the general topic of mapping cyber assets to missions and users, please send a note to Camus@securedecisions.com.
Underlying the Camus technology is a cyber asset-to-mission ontology, which was developed with a multidisciplinary group of leading subject matter experts and operational practitioners. The ontology uses Resources (entities) and Properties (relationships) to build a model of the domain. The Resources define specific concepts in the domain, while the Properties define the relationships between the Resources. We defined this ontology based on the concepts of User, Mission, Capability, and Asset.We developed a Foundation Ontology that defines the core Resources and Properties for Camus and an Extension Ontology that can extend the Foundation Ontology for a specific implementation.
As part of the Camus project, Secure Decisions conducted a workshop on mapping cyber assets to missions and users. The workshop addressed how to map the relationships between cyber assets such as network devices and the users, missions, business processes and other entities that depend on those assets. The 30 participants included individuals with operational responsibility is to assure the availability of cyber assets for critical missions, researchers in areas related to the mapping of cyber assets to missions, and developers of technology that can be used in this mapping. The group exercises yielded insight into the information requirements for mapping cyber assets to missions and users, and the participant’s presentations summarized the state-of-the-art of this topic.
If you would like additional information about the Camus workshop, please see the Camus Workshop Summary and the related report, Mission Impact of Cyber Events: Scenarios and Ontology to Express the Relationships between Cyber Assets, Missions, and Users. Download the workshop goals here.