Skip to content

Security in Platform OneπŸ’£

Core TenetsπŸ’£

  • Secure the DoD
    • Security first approach - but with mindfulness of timelines
  • Automation
    • Avoid manual processes - by automating
  • Standards/Continuous Monitoring
    • Observability layers can continuously monitoring of compliance over time.
  • Multi-Party Validation
    • Have multiple sets of eyes that are checking the products coming through the pipeline. P1 likes to promote pair programming to help with this.

PlatformOne - Security OfferingsπŸ’£

  • IronBank Registry
    • IB registry for hardened container images (registry1.dso.mil)
  • IronBank VAT
    • Vulnerability Assessment Tracker (vat.dso.mil)
    • GUI with APIs access to evidence to speed up accreditation of images
  • Weekly IronBank Onboarding, AMA, and get unblocked sessions
    • https://p1.dso.mil/#/products/iron-bank/
    • Note: only vendors can harden vendor images
  • CNAP
    • Cloud Native Access Point (Advanced perimeter firewall, that enables secure access to IL2, IL4, and IL5 Resources from the public internet, P1 SSO managed by CNAP team)
  • Various other services
    • Onboarding, pen testing, and more.

Automating SecurityπŸ’£

  • IronBank rebuilds & rescans their images every 12 hours. This ensures fixes to the upstream base image can be added.
  • Big Bang’s UHC Pattern and every 2 week release cycle makes it easy to pull in the latest version of images. in ~/Desktop/bootstrap/dev/kustomization.yaml there’s a reference to the version of the Big Bang helm Chart. When you update that it cases a cascading effect that updates the versions of all images maintained by Big Bang.

ATO vs cATOπŸ’£

ATOπŸ’£

  • Based on RMF and Security Controls and their implementation for an iteration
  • Places focus on the system
  • Works better with the traditional Waterfall/Spiral SDLC
  • Changes to the system might warrant a re-evaluation of the ATO cycle
  • Traditionally ATO is issued to the system as whole
  • Does not lend to easier Reciprocity across platforms

cATOπŸ’£

  • Also based on RMF and Security Controls but focus on the process that spans multiple iterations
  • Places focus on the development process instead of the system
  • Better fit for the modern agile methodologies
  • Allows teams to develop and deploy continuously without having to re-evaluate ATO for each change
  • Swapping out the layers (Infra and Platform) with equivalent ATOs helps preserves cATO and CtF of the Application which lends to Easier Reciprocity across platforms (arguably)

Continuous AuthorizationπŸ’£

C-ATO

C-ATO Overview

PlatformOne Security ObjectivesπŸ’£

Security is core to P1’s Mission

β€œServe cyber mission application teams in their journey to deliver rapid mission capability with technical expertise and services”

  • Provide secure, resilient and robust development environment
  • Facilitate CtF - Certificate To Field
  • Secure development - focus on high quality code practices, automation, monitoring and compliance
  • Secure deployment - rely on the ATO of the infrastructure and platform layers

Security Objectives

ProcessπŸ’£

1.0 Authorize the PlatformπŸ’£

Step 1.0

2.0 Authorize the PlatformπŸ’£

Steop 2.0

3.0 Authorize the ProcessπŸ’£

Step 3.0

Continuous MonitoringπŸ’£

Continuous Monitoring

P1 and cATOπŸ’£

Big Bang clusters are capable of receiving a cATO.

IronBank, PartyBus, and other P1 services are hosted on top of Big Bang Clusters. P1’s AO was able to sign off on P1 services receiving a cATO, because of people, processes, and technology.

  • In addition to the Big Bang Platform Technology
  • Trained, approved, vetted people are developing and maintaining the services.
  • and are following processes that have been approved by the AO.

EX: PartyBus has a process for developer built images to be blessed to run in production on the cATO’d environment, they call it the CTF (Certificate to Field).