Architecture for Cyber Command and Control: Experiences and future directions

Today, enterprises deploy sets of information assurance (IA) tools-firewalls, intrusion detectors, vulnerability assessors, and so forth-to protect information assets. Each tool operates independently and may be individually useful; however, issues of representation, management, and maintenance, make it difficult to integrate a set of independent tools to create an effective IA Command and Control (C2) system. The Cyber Command System (CCS) was developed under DARPA funding as a prototype to act as a single integration point for C2. This paper explores the lessons learned throughout the course of Integration Feasibility Experiments conducted at the Technology Integration Center. This paper concludes with future approaches that will propel the fundamental CCS architecture into a new generation of agent-based, distributed solutions. In particular, since the discipline of IA is in its infancy, it makes sense to consider reactive agents and emergent behavior as means of discovering and evolving essential functionality.