• Home
  • Resources
    • Find Resources by Topic Tags
    • Cybersecurity Policy Chart
    • CSIAC Reports
    • Webinars
    • Podcasts
    • Cybersecurity Digest
    • Standards & Reference Docs
    • Journals
    • Certifications
    • Acronym DB
    • Cybersecurity Related Websites
  • Services
    • Free Technical Inquiry
    • CAT Program
    • Subject Matter Experts
    • Training
    • Contact
  • Community
    • Upcoming Events
    • Cybersecurity
    • Modeling & Simulation
    • Knowledge Management
    • Software Engineering
    • Cyber COI
  • About
    • About the CSIAC
    • The CSIAC Team
    • DTIC’s IAC Program
    • DTIC’s R&E Gateway
    • Inquiries & CAT’s
    • FAQ’s
    • DTIC STI Program
  • Skip to primary navigation
  • Skip to content
  • Skip to primary sidebar
  • Skip to footer
Login / Register

CSIAC

Cyber Security and Information Systems Information Analysis Center

  • Resources
    • Find Resources by Topic Tags
    • Cybersecurity Policy Chart
    • CSIAC Reports
    • Webinars
    • Podcasts
    • Cybersecurity Digest
    • Standards & Reference Docs
    • Journals
    • Certifications
    • Acronym DB
    • Cybersecurity Websites
  • Services
    • Free Technical Inquiry
    • CAT Program
    • Subject Matter Experts
    • Training
    • Contact
  • Community
    • Upcoming Events
    • Cybersecurity
    • Modeling & Simulation
    • Knowledge Management
    • Software Engineering
    • Cyber COI
  • About
    • About the CSIAC
    • The CSIAC Team
    • DTIC’s IAC Program
    • DTIC’s R&E Gateway
    • Inquiries & CAT’s
    • FAQ’s
    • DTIC STI Program
  • Cybersecurity
  • Modeling & Simulation
  • Knowledge Management
  • Software Engineering
  • Cyber COI
/ Journal Issues / Focus on Air Force Research Laboratory’s Information Directorate / Cross-domain Transfer: Information Support Server Environment (ISSE)

Cross-domain Transfer: Information Support Server Environment (ISSE)

Published in Journal of Cyber Security and Information Systems
Volume: 4 Number: 1 - Focus on Air Force Research Laboratory’s Information Directorate

Authors: Alex Gwin and Richard Barrett
Posted: 03/08/2016 | Leave a Comment

C. Evolving Systems

When it was first accredited in 1995, ISSE was purely point-to-point and served one data transfer method, e.g. email or file drop, per installation. Version 3.4 enabled multiple organizations to transfer between two domains, and version 3.6.1 enabled multiple organizations to transfer between two or more domains. It is this v3.6.1 which is considered to be “enterprise” in today’s terms. At its highest point, ISSE was fielded in 160 operational locations. Since the advent of the enterprise construct, this number has been reduced, as expected. By counting the total number of threads, we can arrive at a realistic estimate of the capabilities delivered by ISSE systems. An inventory in September 2015 placed ISSE operating on an impressive 734 threads in 73 systems worldwide. This represents 46 percent fewer systems while supporting the flow of 298 percent more data.

ISSE has evolved from its first use as a point-to-point solution to be compatible with the enterprise construct which is prevalent today. This approach to the crossdomain business makes sense for financial reasons. For an organization with cross-domain needs, being incorporated into an enterprise system saves money by reducing the installation costs and manpower costs associated with system administration. Organizations housing the enterprise systems can charge user fees to the tenant organizations and staff one or more full-time administrators who oversee the operations of the system. The major disadvantage of the enterprise construct is that many organizations are tied into one system; if that system fails, the operational consequences are farther reaching than if the organization hosted its own CDS. Despite this concern, albeit a minor one, the enterprise construct is expected to become even more prevalent as new customers come online and some existing customers transfer to enterprise.

As an example of the conversion to enterprise, one such organization migrated from 18 point-to-point systems among seven sites to three enterprise systems among three sites. This major effort resulted in real cost savings in engineering support, licensing costs, power, administrative overhead, and 50 percent less hardware, while increasing the availability of mission critical data. The organization also upgraded their ISSE systems, and the improved transfer rates from the synergistic effects of combining upgrades and enterprise consolidation resulted in more than one billion files annually, not to mention the added security and connectivity to additional security domains.

An unremitting problem for the ISSE PMO is hardware obsolescence. From inception to fielding, a major version of ISSE is several years in the making. By the time a version is fully developed, tested by the engineers, tested by the government, final configurations are made, and certification is completed, several years have passed. (Minor versions can be fielded in several months—if enough manpower is applied to the effort.) Because the new version’s operating system is only compatible with certain hardware, the problem then arises that when hardware is no longer supported, there is a hardware obsolescence problem looming in the horizon. ISSE uses Oracle’s Solaris operating system (OS) which has excellent security attributes. Solaris is used heavily by the bank, stock market, and insurance industries [7]. Despite this solid user base, there exists some concern about Solaris’ diminishing user base and future supportability, a concern that is not necessarily shared by the PMO. A third-party study was completed to investigate whether ISSE should move to another operating system. In order to transfer (“port”) to another operating system, significant funds and manpower would be required to accomplish this effort in parallel with other development and maintenance schedules. Additionally, there was no significantly compelling reason to port to another OS, since hardware obsolescence is persistent for all OSs. The ISSE PMO determined that the best alternative was to stay with Solaris and integrate new OS versions and test with beta versions whenever possible.

There is one other approach to mitigating hardware obsolescence the PMO is currently investigating. This involves placing ISSE on a cross-domain access solution. These are secure systems with virtualized security domains. Each domain is separate and therefore very secure within a small amount of hardware. The advantage of this approach is that x86 hardware can be used for the access solution, which will be supported for the foreseeable future. The Solaris OS is interfaced with a virtual machine of the access solution. As a corollary, if successful, the resultant hybrid ISSE will require fewer pieces of hardware and less power to operate. This effort is currently being completed for three domains and several mission applications on SecureView, which is a program also overseen by the Information Handling Branch of AFRL in Rome, New York.

D. Conclusion

The Information Support Server Environment (ISSE) is a cross-domain transfer solution that is used by numerous U.S. government organizations and coalition partners. It is an electronic capability which securely transfers data between separate networks. Since its initial fielding in 1995, it has become a premier cross-domain solution that has continued to meet users’ needs by evolving to the enterprise construct and providing advanced mission applications. It continues to stay relevant by anticipating the changing cross-domain landscape. For more information about ISSE, please contact the ISSE PMO atrrs.isse.pmo@us.af.mil or 315-330-7838.

Pages: Page 1 Page 2

Previous Article:
« The Junior Force Council: Reaching Out to...
Next Article:
Air Force Research Laboratory / Information Directorate... »

References

[1] Maus, Cathy N. (July 1996). U.S. Department of Energy OpenNet. “Office of Classification: History of Classification and Declassification” [online].https://www.osti.gov

[2] Peters, Gerhard and John T. Woolley (2015). The American Presidency Project. “Executive Order 8381 – Defining Certain Vital Military and Naval Installations and Equipment [online]”. http://www.presidency.ucsb.edu/ ws/?pid=78426

[3] Joseph, Channing (Sep 2007). New York The Sun. “WikiLeaks Releases Secret Report on Military Equipment [online]”.http://www.nysun.com/foreign/wikileaks-releases- secret-report-on-military/62236

[4] Khatchadourian, Raffi (April 2010). The New Yorker. “The Use of Force [online].” http://www.newyorker.com/news/ news-desk/the-use-of-force

[5] Finn, Peter and Sari Horwitz (June 2013). The Washington Post. “U.S. charges Snowden with espionage [online]”.https://www.washingtonpost.com/ world/national-security/us-charges-snowden-withespionage/ 2013/06/21/507497d8-dab1-11e2-a016- 92547bf094cc_story.html

[6] North Atlantic Treaty Organization (May 2014). “More than just information gathering: Giving commanders the edge [online]”.http://www.nato.int/cps/en/natolive/ news_110351.htm

[7] Oracle. “Financial Services: Overview [online]”. http:// www.oracle.com/za/industries/financial-services/overview/ index.html

RELEASE STATEMENT

Distribution A. Approved for Public Release: [88ABW-2015-4666] Distribution Unlimited.

Authors

Alex Gwin
Alex Gwin
Alex Gwin is currently the deputy program manager of ISSEat Air Force Research Laboratory - Information Directorate(AFRL/RI) in Rome, New York. He is currently a captainin the United States Air Force. He has previously servedas an engineer and executive officer at Kirtland AFB inAlbuquerque, New Mexico, and as a master’s student atWright-Patterson AFB in Dayton, Ohio. Captain Gwinhas a Master of Science in Electrical Engineering from theAir Force Institute of Technology and a Bachelor of Sciencefrom Texas Christian University.
Richard Barrett
Richard Barrett
Richard Barrett is currently the Systems Engineer for ISSEat Air Force Research Laboratory - Information Directorate(AFRL/RI) in Rome, New York. He has over 26 years ofexperience leading systems engineering and acquisitionactivities, plus four years leading U.S. Air Force ICBMoperations. His systems engineering experience includeslaser weapons, avionics, manufacturing equipment,fiber-optics, network communications, and cross-domainsolutions. He is a retired officer from the Air ForceReserves. Mr. Barrett has a Master’s of AdministrativeSciences (MBA-equivalent with Information ManagementSystems emphasis) from University of Montana, and aBachelor of Science in Electrical Engineering (Quantumdevices and Communication Systems emphasis) fromPolytechnic University (now, New York UniversityPolytechnic School of Engineering).

Reader Interactions

Leave a Comment Cancel

You must be logged in to post a comment.

sidebar

Blog Sidebar

Featured Content

The DoD Cybersecurity Policy Chart

The DoD Cybersecurity Policy Chart

This chart captures the tremendous breadth of applicable policies, some of which many cybersecurity professionals may not even be aware, in a helpful organizational scheme.

View the Policy Chart

CSIAC Journal - Launching Innovation Through Medical Modeling and Simulation Technologies

CSIAC Journal Cover Volume 5 Number 4

This Special Edition of the Journal will provide a glimpse into current efforts to improve military medical training with simulation-based solutions.

Read the Journal

CSIAC Journal - Innovation Based Ecosystems

CSIAC Journal Cover Volume 5 Number 4

This issue of the Journal of Cyber Security & Information Systems explores how managing fast adoption modern-based system has more to do with understanding capabilities, interdependency between systems and effectively operating in the new paradigm than it has to do with differentiating product features.

Read the Journal

Recent Video Podcasts

  • What is DevOps? from a tools point of view Series: CSIAC Webinars
  • 5th Generation (5G) Technology Series: The CSIAC Podcast
  • Malvertising Explored Series: The CSIAC Podcast
  • Cybersecurity Arms Race – Modernizing the Arsenal Series: CSIAC Webinars
  • Cyber Situational Awareness Series: The CSIAC Podcast
View all Podcasts

Upcoming Events

Thu 28

BSides Columbus 2019

February 28 - March 1
Columbus OH
United States
Organizer: BSides Columbus
Mar 19

1st NATO – Industry Workshop on Autonomous Cyber Defence

March 19 @ 09:30 - 16:00 EDT
Cranfield Bedfordshire MK43 0AL
United Kingdom
Organizer: Cranfield University
View all Events

Recently Active Members

Profile picture of jburkhart04
Profile picture of Cyberhawk119
Profile picture of CSIACAdmin
Profile picture of cfasolo22
Profile picture of jrice
Profile picture of emuslic03
Profile picture of nmaida
Profile picture of svenditti
Profile picture of aizzo12
Profile picture of jsupino09
Profile picture of scottrill10
Profile picture of sphillips21
Profile picture of ebromley22
Profile picture of jlewis05
Profile picture of aduong29
Profile picture of kellermannrobert
Profile picture of gustavplato
Profile picture of bbarksdale

Footer

CSIAC Products & Services

  • Free Technical Inquiry
  • Core Analysis Tasks (CATs)
  • Resources
  • Events Calendar
  • Frequently Asked Questions
  • Product Feedback Form

About CSIAC

The CSIAC is a DoD-sponsored Center of Excellence in the fields of Cybersecurity, Software Engineering, Modeling & Simulation, and Knowledge Management & Information Sharing.Learn More

Contact Us

Phone:800-214-7921
Email:info@csiac.org
Address:   266 Genesee St.
Utica, NY 13502
Send us a Message
ASD(R&E) LogoUS Department of Defense LogoDoD IACs LogoDTIC LogoTEMS Logo

Copyright 2018, Quanterion Solutions Incorporated

Sitemap | Privacy Policy | Terms of Use | Accessibility Information

This website uses cookies to provide our services and to improve your experience. By using this site, you consent to the use of our cookies. To read more about the use of our site, please click "Read More". Otherwise, click "Dismiss" to hide this notice. Dismiss Read More