Security of Data-in-Motion
October 28, 2020 | BY: Mike Southworth
Download PDFMilitary mission system data can be vulnerable to attack if not properly secured. As data travels through an Ethernet network, it can potentially fall into the wrong hands. This is as true for network data at a forward operating base as it is for local networks on board vehicles and aircraft, both manned and unmanned. The sensor data you collect during a mission may be some of the most important and sensitive assets you have. Data-in-motion, also referred to as data-in-transit, is the digital information transferred between locations either within or between network computer systems. Once the data is stored on a hard drive or network attached storage (NAS), it is then considered data-at-rest. This white paper highlights how innovative commercial security standards and technologies can help protect data-in-motion.
A common principle of encryption is to convert plain text data (also known as “Red data”) into cipher text data (also known as “Black data”)
Red/Black Concept
A common principle of encryption is to convert plain text data (also known as “Red data”) into cipher text data (also known as “Black data”). Red data can be read by ordinary means, as it is not protected and is vulnerable to exploitation by an adversary if obtained.
This can happen if a deployed system in a vehicle, such as a fighter, helicopter, or tank, is lost during a mission. A common use for encryption of data-in-motion is a virtual private network (VPN). VPN encryption secures the data within a VPN tunnel to make sure it can’t be exploited by anyone on its way to its intended receiver. It does this by taking Red data and encrypting it to create Black data before sending.
Some users keep separate Red and Black networks to segregate sensitive and encrypted data. There are a host of best practices for Red-Black architectures, such as electromagnetic interference (EMI) shielding (per TEMPEST specifications) and physical distance requirements for spacing of the Red wire lines and the Black wire lines.
Read the full white paper.