Use of a Secure Portable Application Device as a Component of Network Centric Operations

ABSTRACT

Network Centric Operations (NCO) allows an organisation to structure its people, processes and technology to gather and process information to ensure the right information gets to the right person at the right time in and the right form. NCO enables an organisation to achieve information superiority, and hence gain a competitive advantage.

A secure Portable Application Device (PAD) provides a safe and secure method of loading a trusted application into a host PC and then executes the application. A secure PAD is characterised as a USB storage device containing a trusted application which is stored in a protected partition to ensure the application is separated and protected and its integrity is preserved. The device will typically provide strong authentication to only allow an authorised user to load the trusted application into the host PC and full storage encryption to protect the confidentiality of the contents of the device. A secure PAD can be issued by an organisation to an individual to perform a secure transaction on an available host PC. The secure PAD will reduce the risk to the organisation that neither malicious software (resident on the host PC) will infect the secure PAD, nor sensitive data remnants (resulting from the transaction) will remain on the host PC hard disk drive after the secure PAD has been removed.

This paper considers how secure PADs can be utilised in a network centric organisation. The characteristics of NCO are identified and the functionality and capabilities of secure PADs are described. Using the characteristics of NCO and a specific use scenario an analysis is performed to determine whether a secure PAD is a suitable tool for a network centric organisation.


AUTHORS

Secure Systems Limited (and Edith Cowan University), Osborne Park
Western Australia

Peter James is the Managing Director and Chief Technology Officer of Secure Systems Limited, an Australian company specialising in the design and development of secure portable storage and execution environments for high assurance applications. Peter has over twenty five years experience in the design, development and deployment of security critical and business critical systems. He has also held a number of executive management positions in large IT services and security product companies. Peter has a BSc. (Hons) in Computer Science from the University of Hertfordshire, an MSc. in Systems Design from the University of Manchester and a GradDip in Business Administration from Manchester Metropolitan University. He completed the International Executive Program at INSEAD and is a Fellow of the Australian Institute of Company Directors. Peter is currently completing a PhD in Information Security at Edith Cowan University.

Journal of Information Warfare

The definitive publication for the best and latest research and analysis on information warfare, information operations, and cyber crime. Available in traditional hard copy or online.

Quick Links

View the latest issue of JIW.

Latest Edition

Purchase a subscription to JIW.

Subscribe

Keywords

C

C2
C2S
CDX
CIA
CIP
CPS

I

IA
ICS

S

SOA

X

XRY

Quill Logo

The definitive publication for the best and latest research and analysis on information warfare, information operations, and cyber crime. Available in traditional hard copy or online.

SUBSCRIBE NOW

Get in touch

  • Journal of Information Warfare
    114 Ballard Street
    Yorktown, VA
    23690
  • 757.871.3949
  • jiw@gbpts.com