Mobile Ad Hoc for Enterprise Level Security

October, 2018
IDA document: D-9113
FFRDC: Systems and Analyses Center
Type: Documents
Division: Information Technology and Systems Division
William R. Simpson, Kevin E. Foltz See more authors
Threat intrusions to enterprise computing systems have led to a formulation of guarded enterprise systems. The approach was to put in place steel gates and prevent hostile entities from entering the enterprise domain. The current complexity level has made the fortress approach to security implemented throughout the defense, banking, and other high trust industries unworkable. The alternative security approach called Enterprise Level Security (ELS) is the result of a concentrated fourteen year program of pilots and research. The primary identity credential for ELS is the Public Key Infrastructure (PKI) certificate, issued to the individual who is provided with a Personal Identity Verification (PIV) card with a hardware chip for storing the private key. All sessions are preceded by a PKI mutual authentication and a Transport Layer Security (TLS) 1.2 communication pipeline is established. This process was deemed to provide a high enough identity assurance to proceed. However, mobile ad hoc networking allows entities to dynamically connect and reconfigure connections to make use of available networking resources in a changing environment. These networks range from tiny sensors setting up communications based on a random or unknown configuration to aircraft communicating with each other, the ground, and satellites. Scenarios have differing requirements in terms of setup, reconfiguration, power, speed, and range. This paper presents an adaptation of the ELS principles to the mobile ad hoc scenario.