About Us Our Work Employment News & Events
MITRE Remote Access for MITRE Staff and Partners Site Map
edge top

February 2001
Volume 5
Number 1

Information
Assurance Issue

Securing Enterprise Resources with PKIs

How Does PKI Work?

Cyberspace Detectives Employ Intrusion Detection Systems and Forensics

Correct Cryptographic Protocols Provide Authentication and Confidentiality

Secure Infrastructure Management

Network Management System for Base Information Protection

Helping Secure United States Transportation Command Data

Defense in Depth

Information Assurance Highlights

CVE Continues to Grow

 
Home > News & Events > MITRE Publications > The Edge >
Information Assurance Highlights

Director of Central Intelligence Directive (DCID) 6/3

MITRE supported a United States Intelligence Community working group in producing a successor document to the master information security requirements document for the Intelligence Community. MITRE served as editor and process facilitator of the draft successor document. MITRE's responsibilities involved participating in all working group discussions and reflecting the consensus of those discussions in various drafts of the document. In many cases this involved totally rewriting existing sections or adding new sections of the document. The final version of the document, referred to as DCID 6/3, was signed off by the Director of Central Intelligence in April 1999. Given the nature of this document, it will have a significant impact on the information security operations of the Intelligence Community. Moreover, the impact of the document is being felt even outside of the intelligence community. Both the IRS (Customs) and the Department of Energy have used excerpts in their revised non-intelligence security documents. As a result of the work on this task, the MITRE personnel on the task received a letter of commendation from John Dahms, chief information officer of the Intelligence Community, praising MITRE's "outstanding contribution and support" to the working group. Among other points, Dahms praised the "exceptional dedication" of the MITRE personnel, as well as praising the participants' "professionalism and extensive knowledge in information systems security and technology."

Internet Service Provider (ISP) Security Summit

In March, MITRE hosted the Internet Service Provider Security Summit. The summit brought together a working group of technical experts from companies that provide the backbone of the Internet, as well as vendors supplying products for the Internet. Among those participating were the Department of Defense, ATT, Bell Atlantic, Cable & Wireless, GTE Internetworking, UUNET, CISCO, Lucent, Juniper, and the SANS Institute.

The group shared their knowledge of network vulnerabilities, focusing on the recent denial of service attacks experienced by several major Internet sites. The summit's goal was to pull the Internet community together to develop technical solutions that will prevent future service interruptions.

A major outcome of the summit was the development of simple guidance that can be followed by every organization connected to the Internet. It is now available at the "Cyber Resource Center" on MITRE's web site, and on the SANS web site (www.sans.org). Specifically, it addresses the two most common techniques used in denial of service attacks on the Internet today: an attackers' ability to hide by using a spoofed Internet Protocol (IP) address, and an attacker's ability to use your site as an unwitting participant in amplifying the original attack. In addition, MITRE developed a tool, Egressor, for use by system administrators to test whether their point of present router is properly configured to stop a spoofed IP address from originating within there enterprise network. We have made this tool freely available on the Cyber Resource Center web site.

Common Criteria

MITRE, in cooperation with National Information Assurance Partnership (NIAP), has had a leading role in the development of the common criteria for information technology security evaluation (i.e., the CC) and its adoption as an international standard for the description and evaluation of IT security products and systems. The CC will be used by the signers of the Common Criteria Recognition Arrangement (CCRA) to permit products evaluated within one country to be accepted by other countries. Our role also included an accompanying common evaluation methodology (CEM). Through the use of the CC, the CEM, and the CCRA, 15 nations currently recognize the certificates issued by each other. MITRE is now supporting the transition from government IT security evaluations to commercial evaluations conducted under the NIAP.

D-IART

With OSD(C3I) sponsorship and inputs from across the community, MITRE developed an Information Assurance (IA) red team methodology for use DOD-wide. The Defense-Information Assurance Red Team (D-IART) methodology lays out a consistent but tailorable step-by-step approach for planning and implementing IA red teams. The methodology also includes red team metrics for data collection and analysis, a checklist of the steps, and a taxonomy of red team attacks, making for a comprehensive red team reference guide.

CyberNotes

MITRE supports the National Infrastructure Protection Center (NIPC) in the production of CyberNotes, a biweekly publication for security and information system professionals. CyberNotes contains timely information on cyber vulnerabilities, intrusion exploit scripts, information security trends, viruses, and other critical infrastructure-related best practices. This information is identified, analyzed, and correlated into one concise document, providing a single-point of reference for users to leverage in their information security efforts. CyberNotes also contains links to Common Vulnerabilities and Exposures (CVE) entries as they become available.

The CyberNotes mailing list currently contains over 3000 recipients, and many others receive it via secondary distribution or by downloading it from the NIPC web site at www.nipc.gov.

The Cyber Assurance National Information Center

In support of the president's Y2K efforts, MITRE (and Veridian) brought together a team of 24 private sector companies into a Cyber Assurance National Information Center (NIC). This Cyber Assurance NIC served as a clearinghouse to the White House and the nation on cyber security information about the health and welfare of national and global critical infrastructures during the Y2K date transition. The Cyber Assurance NIC was established with explicit approval and support from the Y2K Council and Y2K Information Coordination Center (ICC) with strong support from the Critical Infrastructure Assurance Office (CIAO) and the National Security Council (NSC).

The Cyber Assurance NIC represented a broad alliance of providers of information protection tools, Internet Service Providers, semiconductor manufactures, and end-to-end assurance services, as well as information protection integrators and operators (systems administrators nationwide).

This Cyber Assurance NIC was able to track, report, and collaborate on aberrant events or observations about activity within the networks, from a technical perspective, without revealing the identity of the network owner suffering an attack or other difficulty. In particular, MITRE led the effort to identify and track Distributed Denial of Service software and advise the NSC on this emerging threat during the millennium roll-over. In addition, the NIC closely monitored and reported on virus activity. The NIC was also to identify and warn on the introduction on 12 new viruses developed during the roll-over period.

Mobile Code

Under tasking from the Defense Information Systems Agency (DISA), MITRE is participating in the formulation of the Department of Defense (DOD) policy on the use of mobile code in DOD information systems. The Mobile Code Policy was signed as a DOD Policy Memorandum on 7 November 2000. The Policy will transition to a DOD Directive after further testing and initial worldwide operational experience. Mobile code technologies such as Java and ActiveX offer many benefits, including platform-independence and centralized configuration management. However, they also expose DOD to the risks of malicious mobile code. MITRE's role in helping to formulate the policy includes developing configuration guidance for client workstations, applications, and firewalls to implement the requirements of the mobile code policy along with additional recommended countermeasures against malicious mobile code. Following the configuration guidance will protect DOD users against the malicious mobile code downloaded from web sites, delivered via e-mail, or embedded in office documents (e.g., word processing text, spreadsheets, and briefing presentation slides). MITRE also represents DISA on the DOD Mobile Code Working Group, contributes to the development of the policy's requirements, and developed the policy's waiver guidance for chief information officers.

GNAT

MITRE created a tool that assesses the security configuration settings of a Lotus Notes/Domino server. The Lotus [G] Notes Assessment Tool (GNAT), checks the values of several server security settings, reports the results to the user, and suggests configuration changes to augment server security. The tool's novelty and innovation prompted a patent application to be filed for GNAT.

Homeland Security Center Center for Enterprise Modernization Command, Control, Communications and Intelligence Center Center for Advanced Aviation System Development

 
 
 

Solutions That Make a Difference.®
Copyright © 1997-2013, The MITRE Corporation. All rights reserved.
MITRE is a registered trademark of The MITRE Corporation.
Material on this site may be copied and distributed with permission only.
IDG's Computerworld Names MITRE a "Best Place to Work in IT" for Eighth Straight Year The Boston Globe Ranks MITRE Number 6 Top Place to Work Fast Company Names MITRE One of the "World's 50 Most Innovative Companies"
 

Privacy Policy | Contact Us