Secure Architecture for the Range-Level Command and Control System of a National Cyber Range Testbed

/ Secure Architecture for the Range-Level Command and Control System of a National Cyber Range Testbed

Secure Architecture for the Range-Level Command and Control System of a National Cyber Range Testbed

Michael Rosenstein attended this year’s USENIX conference on August 6th, 2012 to deliver a paper written by himself and Frank Corvese on the work they completed for National Cyber Range. The paper, “A Secure Architecture for the Range-Level Command and Control System of a National Cyber Range Testbed” was selected for EXTRA time during presentations at the CSET ’12, 5th Workshop on Cyber Security Experimentation and Test held in Bellevue, WA.


Publication information:

Rosenstein, M., & Corvese, F. (2012, August). A Secure Architecture for the Range-Level Command and Control System of a National Cyber Range Testbed. In CSET.

Abstract: In recent years, cyber security researchers have become burdened by the time and cost necessary to instantiate secure testbeds suitable for analyzing new threats or evaluating emerging technologies

[1]. To alleviate this, DARPA initiated the National Cyber Range (NCR) program to develop the architecture and software tools needed for a secure, self-contained cyber testing facility. Among NCR’s goals was the development of a range capable of rapid and automated reconfiguration of resources, broad scalability, and support for running simultaneous experiments at different security levels [2].

In this paper we present our architecture for the Range-level Command & Control System (RangeC2) developed as part of the Johns Hopkins University Applied Physics Laboratory’s implementation of the NCR [3]. Our discussion includes the RangeC2’s functional and non-functional requirements, the rationale behind its partitioning into layered subsystems, an analysis of each subsystem’s fundamental mechanisms, and an in-depth look at their processing paradigms and data flows.

To meet the demands of this range, the RangeC2 was required to perform three primary jobs: 1) management of all range resources; 2) management of numerous concurrent experiments; and 3) enforcement of each experiment’s resource security and perimeter isolation. Our discussion of the architecture will show how these requirements were met while overcoming the RangeC2’s most critical challenges.

Read the full paper


The slides are also available:
https://www.usenix.org/sites/default/files/conference/protected-files/rosenstein_cset12_slides.pdf

Read more about the conference:
https://www.usenix.org/conference/cset12

Review the papers from the conference here:
https://www.usenix.org/conference/cset12/tech-schedule/workshop-program

2017-05-12T10:23:23+00:00 Aug-2012|Categories: Cyber Experimentation and Simulation, News, Publications|