Download - Government Related Presentation
![Page 1: Government Related Presentation](https://reader031.vdocuments.us/reader031/viewer/2022020717/54655a3eaf7959c04e8b4572/html5/thumbnails/1.jpg)
Government Roadmap
Tom ClarkDelta Wave Communications, Inc.
Broadband for a mobile Broadband for a mobile planetplanetTMTM
![Page 2: Government Related Presentation](https://reader031.vdocuments.us/reader031/viewer/2022020717/54655a3eaf7959c04e8b4572/html5/thumbnails/2.jpg)
BGAN and information assurance
![Page 3: Government Related Presentation](https://reader031.vdocuments.us/reader031/viewer/2022020717/54655a3eaf7959c04e8b4572/html5/thumbnails/3.jpg)
Requirements in the government sector
• Information assurance implies that– The content cannot be altered or intercepted by an
uninvited parties.– The confidentiality (identity and location of the end user)
is protected– Statistical analysis of the data transfers is prevented
• Security has to be deployed at two levels to cover these requirements:– At the Transport mechanism level (or Network levelNetwork level)– A the Data exchange level (Ciphering the data Ciphering the data
contentcontent)
![Page 4: Government Related Presentation](https://reader031.vdocuments.us/reader031/viewer/2022020717/54655a3eaf7959c04e8b4572/html5/thumbnails/4.jpg)
BGAN network: Built-in protection BGAN network: Built-in protection (1)(1)
IP Core Network
Burum SAS
DP POP
InternetInternetInternetInternet
WWW Server
Customer
HQ
Air InterfaceAir Interface Data and signaling ciphered in accordance
with UMTS standards (TS33.102) Position report encrypted Temporary IDs used to maintain anonymity of
the terminal user (SIM). Satellite control is US Type-1 Encrypted
![Page 5: Government Related Presentation](https://reader031.vdocuments.us/reader031/viewer/2022020717/54655a3eaf7959c04e8b4572/html5/thumbnails/5.jpg)
BGAN network: Built-in protection BGAN network: Built-in protection (2)(2)
IP Core Network
Burum SAS
DP POP
InternetInternetInternetInternet
WWW Server
Customer
HQ
Satellite Access StationSatellite Access Station Joint military/commercial Satellite Earth Stations in the
Netherlands and Italy. Fully Redundant SAS sites Data communications network protected by firewalls
![Page 6: Government Related Presentation](https://reader031.vdocuments.us/reader031/viewer/2022020717/54655a3eaf7959c04e8b4572/html5/thumbnails/6.jpg)
BGAN network: Built-in protection BGAN network: Built-in protection (3)(3)
IP Core Network
Burum SAS
DP POP
InternetInternetInternetInternet
WWW Server
Customer
HQ
Typical DP PoP InterconnectTypical DP PoP Interconnect Routed over leased lines or VPN over IP networks Redundancy - backup links: VPN over public IP
network or ISDN Firewall protected IPSec encryption applied between Inmarsat and
DP POPs
![Page 7: Government Related Presentation](https://reader031.vdocuments.us/reader031/viewer/2022020717/54655a3eaf7959c04e8b4572/html5/thumbnails/7.jpg)
BGAN network: Built-in protection BGAN network: Built-in protection (4)(4)
IP Core Network
Burum SAS
DP POP
InternetInternetInternetInternet
WWW Server
Customer
HQ
Typical DP / Customer InterconnectTypical DP / Customer Interconnect VPN over IP networks:IPSec encryption Firewall protected
![Page 8: Government Related Presentation](https://reader031.vdocuments.us/reader031/viewer/2022020717/54655a3eaf7959c04e8b4572/html5/thumbnails/8.jpg)
BGAN network: Built-in protection BGAN network: Built-in protection (5)(5)
IP Core Network
Burum SAS
DP POP
Customer
HQ
Leased Line
Dedicated DP / Customer InterconnectDedicated DP / Customer Interconnect Private dedicated links IP Sec encryption Firewall protected
![Page 9: Government Related Presentation](https://reader031.vdocuments.us/reader031/viewer/2022020717/54655a3eaf7959c04e8b4572/html5/thumbnails/9.jpg)
Protecting the content over IP networks
IP Core Network
Burum SAS
DP POP
InternetInternetInternetInternet
WWW Server
Customer
HQEnd-to-end Application LayerEnd-to-end Application Layer
COTS VPN (e.g. Cisco, Checkpoint, Nortel, Netscreen)
Government standard encryption including Type-1/Top Secret
Leased Line
![Page 10: Government Related Presentation](https://reader031.vdocuments.us/reader031/viewer/2022020717/54655a3eaf7959c04e8b4572/html5/thumbnails/10.jpg)
Protecting the content over circuit-switched
Circuit Switched
Core Network
Burum SAS Customer
HQ
International International PSTN/ISDNPSTN/ISDN
International International PSTN/ISDNPSTN/ISDN
STU
STU
ISDN Encryption - STE
Serial Bulk Encryption – KIV-7
Analogue Encryption – STU-IIb/III
End-to-end Application LayerEnd-to-end Application Layer
![Page 11: Government Related Presentation](https://reader031.vdocuments.us/reader031/viewer/2022020717/54655a3eaf7959c04e8b4572/html5/thumbnails/11.jpg)
Focus on encryption devices Focus on encryption devices 64Kb Circuit Switched Data - 3.1Khz Audio • STU-III Motorola/ATT/GE• Sectera Wireline (FNBDT/PSTN) General Dynamics• OmniXi L3• STE (via STU interface) L3
Circuit Switched Data - ISDN UDI/RDI • STE L3• KIV-7 Mykotronics• OmniXi L3• Brent, Brent 2, Hannibal, Thamer
Packet Switched Services • DC2K IP Encryptor Thales• KG-175 Taclane Classic General Dynamics• KG-235 Sectera INE General Dynamics• KG-250 AltaSec ViaSat• KG-240 Red Eagle L3
![Page 12: Government Related Presentation](https://reader031.vdocuments.us/reader031/viewer/2022020717/54655a3eaf7959c04e8b4572/html5/thumbnails/12.jpg)
Interoperability results so far…
– Thales DC2K– STU-IIB/III– STE– Viasat KG-250– Taclane KG-175– Sectera KG-235
• Successfully tested over BGAN
![Page 13: Government Related Presentation](https://reader031.vdocuments.us/reader031/viewer/2022020717/54655a3eaf7959c04e8b4572/html5/thumbnails/13.jpg)
Preliminary results(i)
Without TCP PEP With TCP PEP
Upload(kbps)
Download (kbps)
Upload(kbps)
Download(kbps)
Thales DC2K 109(ii) 172(ii) 215(ii) 252(ii)
Viasat KG-250
76(iii) 128(iii) Not tested Not tested
Taclane KG-175
136(iii) 112(iii) Not tested Not tested
(i) FTP transfer of 1MB file, using T&T explorer 500 and LINUX platform; (ii) Throughput averaged over 10 file transfers(iii) Best Throughput observed over 10 file transfers
Up to 100% improvementUp to 100% improvement
![Page 14: Government Related Presentation](https://reader031.vdocuments.us/reader031/viewer/2022020717/54655a3eaf7959c04e8b4572/html5/thumbnails/14.jpg)
ConclusionsConclusions
• Network Security (TRANSEC)– BGAN uses all of the latest Commercial security measures
to protect itself against service interception, eavesdropping or statistical analysis from third parties.
• Content Security (INFOSEC)– Commercial and Government Grade encryption
mechanisms have been proven to work over BGAN ensuring end-to-end confidentiality and integrity of the data content.
![Page 15: Government Related Presentation](https://reader031.vdocuments.us/reader031/viewer/2022020717/54655a3eaf7959c04e8b4572/html5/thumbnails/15.jpg)
Position reporting in BGAN
![Page 16: Government Related Presentation](https://reader031.vdocuments.us/reader031/viewer/2022020717/54655a3eaf7959c04e8b4572/html5/thumbnails/16.jpg)
BGAN - position reporting• Why is User Terminal position reporting required?
– Regulatory• May require that UT position is known when operating in
certain jurisdictions
– Billing• Allows for zone/country based tariffs
– Expedites call setup process
• BGAN UT contains built-in GPS receiver• GPS position reported (encrypted) to network as part of
registration process• Special circumstances mean that important government
customers may find this facility an obstacle to purchasing the service
![Page 17: Government Related Presentation](https://reader031.vdocuments.us/reader031/viewer/2022020717/54655a3eaf7959c04e8b4572/html5/thumbnails/17.jpg)
Solution – disable position reporting
• Considerations– Minimum level of UT position reporting for network access is
required – spot beam ID– GPS receiver required in UT in order to determine its location
and provide optimised operation
• Solution– Disablement through a SIM feature– UT translates GPS position to a spot beam ID using internal map– Only spot beam ID reported to network
• UT operates discretely within a spot beam (200 - 600 km diameter)
![Page 18: Government Related Presentation](https://reader031.vdocuments.us/reader031/viewer/2022020717/54655a3eaf7959c04e8b4572/html5/thumbnails/18.jpg)
Solution – disable position reporting
Discrete Operation SIM
Position Reporting Disabled
![Page 19: Government Related Presentation](https://reader031.vdocuments.us/reader031/viewer/2022020717/54655a3eaf7959c04e8b4572/html5/thumbnails/19.jpg)
Secure voice over 32kbps streaming IP BGAN Service
![Page 20: Government Related Presentation](https://reader031.vdocuments.us/reader031/viewer/2022020717/54655a3eaf7959c04e8b4572/html5/thumbnails/20.jpg)
• Key application for both Civil and Military Government agencies
• Core Secure Voice traffic is low but stable and expected to remain stable
• Secure Voice is an enabler for BGAN Sales in Government Sector.
• Cost and Functionalities scrutinised by Procurement decision makers in that sector
• Secure Voice over 3.1kHz Audio Channel (64kb/s) does not cater for all markets
• Need for Cost Effective Secure Voice Solutions over BGAN
Secure voice in the government sectorSecure voice in the government sector
![Page 21: Government Related Presentation](https://reader031.vdocuments.us/reader031/viewer/2022020717/54655a3eaf7959c04e8b4572/html5/thumbnails/21.jpg)
Solutions: Technical• The 4kbps Voice service cannot be used for encrypted voice• Secure Voice over IP is the way forward:
The BGAN 32kbps Streaming Class (IP) service can be used as transport mechanism for Encrypted Voice.
Secure Telephone RemoteGateway
BGAN CN
RAN
DP PoP
Gateway Secure Telephone
PSTN
32kb/s streaming IP
IP sessionanalogue analogue
GGSN
Secure Call
Example of architecture
![Page 22: Government Related Presentation](https://reader031.vdocuments.us/reader031/viewer/2022020717/54655a3eaf7959c04e8b4572/html5/thumbnails/22.jpg)
Broadband for a mobile Broadband for a mobile planetplanet
TMTM