|
Security Domain
A security domain is the determining factor in the classification of an enclave of servers/computers. A network with a different security domain is kept separate from other networks. For example, NIPRNet, SIPRNet, JWICS, and NSANet are all kept separate. A security domain is considered to be an application or collection of applications that all trust a common security token for authentication, authorization or session management. Generally speaking, a security token is issued to a user after the user has actively authenticated with a user ID and password to the security domain. Examples of a security domain include: * All the web applications that trust a session cookie issued by a Web Access Management product * All the Windows applications and services that trust a Kerberos ticket issued by Active Directory Active Directory (AD) is a directory service developed by Microsoft for Windows domain networks. It is included in most Windows Server operating systems as a set of pr ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
NIPRNet
The Non-classified Internet Protocol (IP) Router Network (NIPRNet) is an IP network used to exchange unclassified information, including information subject to controls on distribution, among the private network's users. The NIPRNet also provides its users access to the Internet. It is one of the United States Department of Defense's three main networks. The others include SIPRNet and JWICS. History NIPRNet is composed of Internet Protocol routers owned by the United States Department of Defense (DOD). It was created in the 1980s and managed by the Defense Information Systems Agency (DISA) to supersede the earlier MILNET. Security improvements In the year leading up to 2010 NIPRNet has grown faster than the U.S. Department of Defense can monitor. DoD spent $10 million in 2010 to map out the current state of the NIPRNet, in an effort to analyze its expansion, and identify unauthorized users, who are suspected to have quietly joined the network. The NIPRNet survey, which use ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
SIPRNet
The Secure Internet Protocol Router Network (SIPRNet) is "a system of interconnected computer networks used by the U.S. Department of Defense and the U.S. Department of State to transmit classified information (up to and including information classified SECRET) by packet switching over the 'completely secure' environment". It also provides services such as hypertext document access and electronic mail. As such, SIPRNet is the DoD's classified version of the civilian Internet. SIPRNet is the SECRET component of the Defense Information Systems Network. Other components handle communications with other security needs, such as the NIPRNet, which is used for nonsecure communications, and the Joint Worldwide Intelligence Communications System (JWICS), which is used for Top Secret communications. Access According to the U.S. Department of State Web Development Handbook, domain structure and naming conventions are the same as for the open internet, except for the addition of a second ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
JWICS
The Joint Worldwide Intelligence Communication System (JWICS, ) is the United States Department of Defense's secure intranet system that houses top secret and sensitive compartmented information. JWICS superseded the earlier DSNET2 and DSNET3, the Top Secret and SCI levels of the Defense Data Network based on ARPANET technology.MARCORSYSCOM – Website Temporarily Suspended . Marcorsyscom.usmc.mil. Retrieved on 2014-04-12. . Fas.org. Retrieved on 2014-04-12. The system deals primarily with intelligence information and was one of the networks accessed by |
NSANet
The National Security Agency (NSA) is a national-level intelligence agency of the United States Department of Defense, under the authority of the Director of National Intelligence (DNI). The NSA is responsible for global monitoring, collection, and processing of information and data for foreign and domestic intelligence and counterintelligence purposes, specializing in a discipline known as signals intelligence (SIGINT). The NSA is also tasked with the protection of U.S. communications networks and information systems. The NSA relies on a variety of measures to accomplish its mission, the majority of which are clandestine. The existence of the NSA was not revealed until 1975. The NSA has roughly 32,000 employees. Originating as a unit to decipher coded communications in World War II, it was officially formed as the NSA by President Harry S. Truman in 1952. Between then and the end of the Cold War, it became the largest of the U.S. intelligence organizations in terms of person ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Kerberos (protocol)
Kerberos () is a computer-network authentication protocol that works on the basis of ''tickets'' to allow nodes communicating over a non-secure network to prove their identity to one another in a secure manner. Its designers aimed it primarily at a client–server model, and it provides mutual authentication—both the user and the server verify each other's identity. Kerberos protocol messages are protected against eavesdropping and replay attacks. Kerberos builds on symmetric-key cryptography and requires a trusted third party, and optionally may use public-key cryptography during certain phases of authentication.RFC 4556, abstract. Kerberos uses UDP port 88 by default. The protocol was named after the character '' Kerberos'' (or ''Cerberus'') from Greek mythology, the ferocious three-headed guard dog of Hades. History and development Massachusetts Institute of Technology (MIT) developed Kerberos in 1988 to protect network services provided by Project Athena. The protocol is ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Active Directory
Active Directory (AD) is a directory service developed by Microsoft for Windows domain networks. It is included in most Windows Server operating systems as a set of processes and services. Initially, Active Directory was used only for centralized domain management. However, Active Directory eventually became an umbrella title for a broad range of directory-based identity-related services. A server running the Active Directory Domain Service (AD DS) role is called a domain controller. It authenticates and authorizes all users and computers in a Windows domain type network, assigning and enforcing security policies for all computers, and installing or updating software. For example, when a user logs into a computer that is part of a Windows domain, Active Directory checks the submitted username and password and determines whether the user is a system administrator or normal user. Also, it allows management and storage of information, provides authentication and authorization mec ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
