Towards Data-centric Security for NATO Operations
Providing efficient data protection and information sharing capability across different security domains, belonging to NATO, the Nations and specific Communities of Interest (COI), is of paramount importance for effective execution of NATO operations. Current information protection practices rely to large extent on network-layer mechanism for compartmentalisation of information and separation between different COIs. This leads to segregation of networks into separate network domains and the implementation of perimeter defence at the boundaries of these domains. Data-centric security (DCS) architecture rather than focusing on network perimeter defence focuses on securing access to the data itself. DCS represents a new concept for protection of data within IT systems. It introduces a comprehensive set of security measures, involving both passive and reactive measures, which can be configured to address various data protection and information sharing scenarios relevant to NATO in both short and long term. The proposed generic architecture is based on the NATO C3 Taxonomy and the NATO Communication and Information System Security Capability Breakdown.
This paper is included in the program of the Second Scientific Conference "Digital Transformation, Cyber Security and Resilience DIGILIENCE 2020 and will be published in the post-conference volume.