Security of Data-in-Motion

Security of Data-in-Motion

Military mission system data can be vulnerable to attack if not properly secured. As data travels through an Ethernet network, it can potentially fall into the wrong hands. This is as true for network data at a forward operating base for local networks on board vehicles and aircraft, both manned and unmanned. The sensor data you collect during a mission may be some of the most critical and sensitive assets you have. Data-in-motion, also called data-in-transit, is the digital information transferred between locations within or between network computer systems. Once the data is stored on a hard drive or network-attached storage (NAS), it is considered data-at-rest. This white paper highlights how innovative commercial security standards and technologies can help protect data-in-motion.

Red/black concept

A common principle of encryption is to convert plain text data (also known as “Red data”) into ciphertext data (also known as “Black data”). Red data can be read by ordinary means, as it is not protected and is vulnerable to exploitation by an adversary if obtained.

This can happen if a deployed system in a vehicle, such as a fighter, helicopter, or tank, is lost during a mission. Everyday use for encryption of data-in-motion is a virtual private network (VPN). VPN encryption secures the data within a VPN tunnel to ensure it can’t be exploited by anyone on its way to its intended receiver. It does this by taking Red data and encrypting it to create Black data before sending it.

Some users keep separate Red and Black networks to segregate sensitive and encrypted data. There are many best practices for Red-Black architectures, such as electromagnetic interference (EMI) shielding (per TEMPEST specifications) and physical distance requirements for spacing of the Red wire lines and the Black wire lines.

Log in and download the white paper to learn more.