Skip to content

Security in Platform OneπŸ“œ

Core TenetsπŸ“œ

  • Secure the DoD
    • Security first approach, while keeping timelines in mind.
  • Automation
    • Avoid manual processes by automating whenever possible.
  • Standards/Continuous Monitoring
    • Continuous monitoring of compliance.
  • Multi-Party Validation
    • Have multiple engineers check products as they come through the pipeline. P1 promotes pair programming to help with this.

For more detailed information see DoD Enterprise DevSecOps Fundamentals

PlatformOne - Security OfferingsπŸ“œ

  • IronBank Registry
    • IB registry for hardened container images (registry1.dso.mil)
  • IronBank VAT
    • Vulnerability Assessment Tracker (vat.dso.mil)
    • GUI with APIs access to evidence to speed up accreditation of images
  • Weekly IronBank Onboarding, AMA (Ask Me Anything), and get unblocked sessions

    Note

    Only vendors can harden vendor images

  • CNAP

    • Cloud Native Access Point (Advanced perimeter firewall, that enables secure access to IL2, IL4, and IL5 Resources from the public internet, P1 SSO managed by CNAP team)
  • Various other services
    • Onboarding, pen testing, and more.

Automating SecurityπŸ“œ

  • IronBank rebuilds & rescans their images every 12 hours. This ensures fixes to the upstream base image can be added.
  • Big Bangs releases cycle every 2 weeks, makes it easy to pull in the latest version of images.

    • In ~/Desktop/bootstrap/dev/kustomization.yaml there’s a reference to the version of the Big Bang helm Chart. When you update that it cases a cascading effect that updates the versions of all images maintained by Big Bang.

ATO vs cATOπŸ“œ

ATOπŸ“œ

  • Based on RMF (Risk Management Framework) and Security Controls and their implementation for an iteration
  • Places focus on the system
  • Works better with the traditional Waterfall/Spiral SDLC (Software Development Life Cycle)
  • Changes to the system might warrant a re-evaluation of the ATO cycle
  • Traditionally ATO is issued to the system as whole
  • Does not lend to easier Reciprocity across platforms

cATOπŸ“œ

  • Also based on RMF and Security Controls but focused on the development process that spans multiple iterations rather than the system itself
  • Better fit for the modern agile methodologies
  • Allows teams to develop and deploy continuously without having to re-evaluate ATO for each change
  • Swapping out the layers (Infra and Platform) with equivalent ATOs arguably helps preserves cATO and CtF (Certificate To Field) of the Application which lends to Easier Reciprocity across platforms

Continuous AuthorizationπŸ“œ

C-ATO

C-ATO Overview

PlatformOne Security ObjectivesπŸ“œ

Security is core to P1’s Mission

β€œServe cyber mission application teams in their journey to deliver rapid mission capability with technical expertise and services”

  • Provide secure, resilient and robust development environment
  • Facilitate CtF - Certificate To Field
  • Secure development - focus on high quality code practices, automation, monitoring and compliance
  • Secure deployment - rely on the ATO of the infrastructure and platform layers

Security Objectives

ProcessπŸ“œ

1.0 Authorize the PlatformπŸ“œ

Step 1.0

2.0 Authorize the PlatformπŸ“œ

Steop 2.0

3.0 Authorize the ProcessπŸ“œ

Step 3.0

Continuous MonitoringπŸ“œ

Continuous Monitoring

P1 and cATOπŸ“œ

Big Bang clusters are capable of receiving a cATO.

IronBank, PartyBus, and other P1 services are hosted on top of Big Bang Clusters. P1’s AO was able to sign off on P1 services receiving a cATO, because of people, processes, and technology. In addition to the Big Bang Platform Technology, trained, approved, and vetted people are developing and maintaining the services and are following processes that have been approved by the AO.

EX: PartyBus has a process called CTF (Certificate to Field) through which images are approved to run in production on their cATO’d environment.

Quiz QuestionsπŸ“œ

What is missing from this list of the Core Tenets for security in Platform One? Secure the DoD, Automation, Multi-Party Validation

Standards/Continuous Monitoring

What does CNAP stand for?

Cloud Native Access Point

How often does IronBank rebuild & rescan their images?

IronBank rebuilds & rescans their images every 12 hours. This ensures fixes to the upstream base image can be added.

What is the difference between ATO and cATO?

ATO

  • Places focus on the system

  • Works better with the traditional Waterfall/Spiral SDLC

  • Changes to the system might warrant a re-evaluation of the ATO cycle

  • Traditionally ATO is issued to the system as whole

  • Does not lend to easier Reciprocity across platforms

cATO

  • Better fit for the modern agile methodologies

  • Allows teams to develop and deploy continuously without having to re-evaluate ATO for each change

What is ChatOps?

ChatOps is project collaboration for real-time interactive coordination among team members