Classified data-at-rest (DAR) in deployed applications faces both internal and external threats that can subject sensitive data to exploitation.
DAR is particularly vulnerable during missions if the deployed vehicle is lost but is also at risk during transport to and from the vehicle. Adversaries are interested in obtaining any information from lost or captured vehicles. Nation-states and hackers also put networked DAR at risk, while internal threats such as bad actors also threaten sensitive DAR. Such threats typically come from nation-states with significant cipher analysis infrastructure but may include terrorist organizations as well.
The sensitive DAR is also at high risk when transported from the ground (or base) station to the vehicle. After a mission, the DAR will be transported from the vehicle back to the ground station for analysis. More information is usually collected during a mission, making this data even more valuable.
Before or after a mission, the DAR located on networks in the ground station is at risk from internal threats. People motivated by principle or money have previously obtained, leaked, and sold sensitive DAR. While the external threats are unpredictable, they usually can be identified, and corrective action can be taken. With internal leaks, the damage is usually not evident until after the breach event.
For all these reasons, it is critical to protect classified DAR and the devices on which it rests. One element in a multilayered DAR protection approach is to protect the processors within the computer systems and network attached storage (NAS) devices. This white paper briefly discusses a standards-based approach for processor protection: the trusted platform module or TPM. For more information regarding threats to the classified DAR, please see the white paper: DAR Series Part 1: Data Threats and Protection.
Login and download the white paper.
Paul Davis
Director, Product Management (Retired)
Paul Davis began his career for Curtiss-Wright as a Research Manager for the Dayton, OH facility in 1997. Paul has held positions including Director of Engineering managing a staff of 40+ engineers, managers, technicians, and co-op students; Product Manager for the switches, recorders, and various board-level products; and then Director of Product Management. Now retired, Paul worked in engineering and engineering management positions for 19 years.
