SDN Battlefield StudyDownload a PDF version of these web pages
Operators and Stakeholders2 of 5
At the most fundamental level, the operators and stakehodlers in the battlefield or disaster preparedness case are the people in the boots on the ground. Too formal a set of requirements for the devices software as a service will result in subversion. The capacity to isolate the networks that are created by personnel bringing their own devices combines these. For example, requiring that no personnel bring any gaming devices to extended deployments may appear a reasonable policy, particularly to senior officers whose childhood included more Parcheesi than Princess Peach. However, such constraints are likely to be subverted in practice. Individuals in high-stress and high-risk situations are more likely to subvert policy for their own requirements for communication and stress release. Currently, the vast majority of security policy violations are in the theater. By creating the possibility of true isolation between bring-your-own-device networks and the operation networks, SDN offers the ability to set appropriate multi-level requirements. Recognizing individuals in the field with their own devices as legitimate stakeholders can be integrated into a resilient SDN.
A second set of stakeholders are allies who may include less trusted insiders who are working with military personnel. The tragic increase of blue on green violence in 2012 is testament to the limitations of political alliances to ensure allegiances of individuals. Because of the complex interaction of political and military, proximity authentication and requirements are quite distinct from the commercial domain.
At a higher level, stakeholders include the operators of classified and unclassified networks. For military networks this includes identity providers and trusted certificate providers. Included here are those who test, maintain, and upgrade the networks. The short product lifecycle characteristic to information technology exacerbates the conflict of interest between network operator and those responsible for assurance. As new products and methods of communication become available to individuals in the field, those responsible for authentication find the laboratory assumptions no longer hold. A firewall that is secure today may see the creation of a tunnel by a new consumer innovation brought by a member of the National Guard; which then allows an attacker through the network into the less secured interior. An action as simple as upgrading the browser may be necessary for security or may instead introduce a range of vulnerabilities.
Testing and upgrade components are unique and critical to the defense space. Formal auditing expense and difficulty is a critical barrier to adoption and upgrading of military systems. SDN offers the ability, in the production of few core hardware components, to implement a wide range of network functionality while keeping the complexity of the firmware on network hardware relatively simple and static. For example, a new routing protocol can be implemented in the controller and applied to the entire network without any firmware changes to the network hardware.
Battlefield networks have a distinction that may allow for more effective use of SDN: a hierarchical network of distributed authentication tokens or 'cat cards'.