Data Security Architecture Considerations for Telemetry Post Processing Environments
AffiliationDXC Technology Company
Hardware Security Module
Format Preserving Encryption (FPE)
MetadataShow full item record
RightsCopyright © held by the author; distribution rights International Foundation for Telemetering
Collection InformationProceedings from the International Telemetering Conference are made available by the International Foundation for Telemetering and the University of Arizona Libraries. Visit http://www.telemetry.org/index.php/contact-us if you have questions about items in this collection.
AbstractTelemetry data has great value, as setting up a framework to collect and gather it involve significant costs. Further, the data itself has product diagnostic significance and may also have strategic national security importance if the product is defense or intelligence related. This potentially makes telemetry data a target for acquisition by hostile third parties. To mitigate this threat, data security principles should be employed by the organization to protect telemetry data. Data security is in an important element of a layered security strategy for the enterprise. The value proposition centers on the argument that if organization perimeter/internal defenses (e.g. firewall, IDS, etc.) fail enabling hostile entities to be able to access data found on internal company networks; they will be unable to read the data because it will be encrypted. After reviewing important encryption background including accepted practices, standards, and architectural considerations regarding disk, file, database and application data protection encryption strategies; specific data security options applicable to telemetry post processing environments will be discussed providing tangible approaches to better protect organization telemetry data.
SponsorsInternational Foundation for Telemetering
Showing items related by title, author, creator and subject.
FLIGHT TERMINATION COMMAND AUTHENTICATION USING BLOCK ENCRYPTIONArce, Dennis; Bourne Technologies, Inc. (International Foundation for Telemetering, 2002-10)Next generation flight termination systems (FTSs) will use digital technologies to verify the authenticity of range safety commands by command receiver-decoders located on each vehicle. This paper will discuss the general principles behind simplex message authentication using a block encryption cipher, and presents examples for demonstration.
ENCRYPTED BIT ERROR RATE TESTINGGuadiana, Juan M.; Macias, Fil; Naval Surface Warfare Center; White Sands Missile Range (International Foundation for Telemetering, 2002-10)End-to-End testing is a tool for verifying that Range Telemetry (TM) System Equipment will deliver satisfactory performance throughout a planned flight test. A thorough test verifies system thresholds while gauging projected mission loading all in the presence of expected interference. At the White Sands Missile Range (WSMR) in New Mexico, system tests are routinely conducted by Range telemetry Engineers and technicians in the interest of ensuring highly reliable telemetry acquisition. Even so, flight or integration tests are occasionally halted, unable to complete these telemetry checks. The Navy Standard Missile Program Office and the White Sands Missile Range, have proactively conducted investigations to identify and eliminate problems. A background discussion is provided on the serious problems with the launcher acquisition, which were resolved along the way laying the ground work for effective system testing. Since there were no provisions to test with the decryption equipment an assumption must be made. Encryption is operationally transparent and reliable. Encryption has wide application, and for that reason the above assumption must be made with confidence. A comprehensive mission day encrypted systems test is proposed. Those involved with encrypted telemetry systems, and those experiencing seemingly unexplainable data degradations and other problems with or without encryption should review this information.
Secure IP Multicasting with Encryption Key ManagementDean, Richard; Maharjan, Nadim; Moten, Daryl; Morgan State University (International Foundation for Telemetering, 2011-10)This paper presents the design for secure IP multicasting in an iNet environment using public key cryptography. Morgan State University has been conducting research to improve the telemetry network by improving network performance, implementing IP (Internet Protocol) multicasting and providing a stronger security system for the iNet environment. The present study describes how IP multicasting could be implemented to provide more secure communication in the iNet environment by reducing traffic and optimizing network performance. The multicast of data is closely tied to the key management center for secure applications. This paper develops a means of delivering keys between two or more parties showing a relationship between the multicast network and the Key Management Center (KMC). The KMC is an element of the system which distributes and manages session keys among multicast members. A public key encryption method is used to address the distribution of session keys in the multicast network. The paper will present a system level design of multicast and key management with dual encryption of session keys for the iNet system.