Introduction
Information assurance (IA) and logistics operations permeate all areas of the Army transformation. IA is critical to distribution-based logistics operations because timelines and pipelines for delivery of logistics packages are increasingly constrained by environmental factors that are rarely under direct Army control. Short timelines are critical to the such cess of OCONUS military operations, but they clearly challenge operational planners more than ever. The convergence of emerging logistics and information technologies, intransit visibility systems, new players and advanced delivery capabilities reflect more complexity than Army logisticians have previously encountered.
The U.S. Army Criminal Investigation Command (CID) is responsible for enforcing three critical factors involved in distribution-based logistics operations: IA, fraud deterrence, and logistics security (LOGSEC). The CID provides law enforcement and criminal investigative support for information assurance and pre- and in-transit delivery of logistics packages, including preconfigured loads. In fact, LOGSEC is a strategic mission for the CID. The command considers it a key force protection capability that it can uniquely offer to the Army.
Although responsible for only three of the factors that add to the complexity of modern logistics operations, the CID is modeling its role and interfaces into the entire LOGSEC knowledge-management process, understanding that criminal investigative support is critical to logistics operations throughout the logistics process. This article examines some initial intersections of the CID's roles and research in IA, knowledge management, and logistics security.
Because of the complexity of the logistics system and its information support systems, and the countless threats to these systems, a new approach by criminal investigators is required. The CID is conducting preliminary research into new areas of modeling and simulation, known as agent-based modeling. This research involves studying the intersections of critical nodes and their linkages to produce insights for those responsible for the direction of logistics and IA operations.
Initially directed at the criminal investigation domain, the CID has initiated research into knowledgemanagement support for advanced network intrusion defense and forensics capabilities for IA. Supported by the Office of the Deputy Under Secretary of Defense for Advanced Systems and Concepts, the CID and the Krasnow Institute for Advanced Studies at George Mason University (GMU) are working jointly to model roles and actions of important players in the IA world.
Findings from this joint research will support logistics operations in at least two important ways. First, any improvement in IA will directly benefit LOGSEC and strengthen the role of the CID in supporting in-transit security of logistics packages. Second, in keeping with the extensibility of new agent-based modeling tools, insights gained from understanding networks of communication nodes will likely have significant application in logistics preparation and distribution. Research will be peripherally directed at the convergence of IA and LOGSEC, both in support of the CID's role in IA and LOGSEC as well as all logistics operations for the Army. Agent-Based Modeling
Agent-Based Modeling (ABM) is an emerging modeling technology for enhancing inference about complex problems. ABM complements deduction and induction as a method of testing what American philosopher Charles S. Peirce called abductions (creative reasoning in uncertainty for which we have little or no probabilistic support). Abductive reasoning enhances the processes of discovery and incorporating theories and explanations about relationships for which we initially have only scant proof.
This new modeling technique encourages visualization of complex relationships and agent interaction. Agents are software manifestations of objects (animate or inanimate) used to represent the components of a problem domain. These agents are typically imbued with constraints (rules) to govern their behavior in an environment, and characteristics that may include movement, selfawareness, and processing capabilities such as learning and memory. Agents typically act on our behalf or sometimes on the behalf of themselves or others.
Using agent-based modeling, analysts and investigators can develop novel strategies for protecting and delivering both informationrich logistics support and the more conventional physical objects such as "beans and bullets." ABM supports transportation planning and operational deployment as well because complex scheduling problems lend themselves nicely to an agent-based modeling environment. (See agent-based modeling resources at http://www.cna.org/isaac/ for more background on these important new modeling techniques.)
Generally, ABM is an excellent starting point to uncover meaningful and often nonlinear relationships among diverse objects in circumstances where planners are not certain where to begin their planning and development efforts. While not explicitly incorporated into the Army acquisition and logistics community's modeling and broad-reaching simulation effort called Simulation and Modeling for Acquisition, Requirements and Training (SMART), ABM clearly has a role in both strategic and tactical applications of logistics operations.
Roles And Research
The CID applies distinct efforts toward protecting and enforcing Army information assurance and logistics operations. Two essential CID units in these efforts are components of the 701st Military Police (MP) Group headquartered at Fort Belvoir, VA. The Computer Crime Investigative Unit (CCIU) is the Army's leading IA enforcement agency and is responsible for investigating felony intrusions of all Army information technology assets. The Major Procurement Fraud Unit, also a 701 st MP Group asset, currently investigates criminal activity associated with the production and delivery of Army materials from manufacturer to points of embarkation. Garrison and deployed CID elements take up LOGSEC responsibilities from the points of embarkation through theater delivery of logistics. Likewise, local and regional CID computer crime coordinators support the CID and CCIU in the IA arena.
The CID began its ABM research with the introduction of the Agent Based Evidence Marshaling (ABEM) model. This model visually reflects the results of interactions among all agents to which a complex crime is only partially visible. Through these interactions, relevant agents build time-space vectors of their existence from the time they were first involved in the crime (either as witnesses or supporting objects otherwise associated in the crime).
The agents share information and learn to infer the importance of other agents' time-space vectors to their own, producing a global visualization of the crime. This results in emergent, self-organized databases capable of producing and testing hypotheses about their existence in the overall environment of the crime. This work has been extended in projects supported by the Defense Advanced Research Projects Agency and the Office of the Secretary of Defense (OSD).
In the ABEM model, each agent has only incomplete local knowledge about the crime. By allowing these agents to interact and build a selforganizing database, the knowledge about the crime dynamically emerges in a time-space relationship. The agents communicate with each other by means of tuples (a messagepassing schema). (See http://www. msiac.dmso.mil/journal/hunt23. html for more information about the ABEM model.)
In August 2001, the CID began collaborating with the Krasnow Institute for Advanced Studies at GMU and Bios Group Inc. to extend the ABEM work by building an agentbased model of network intrusions in support of an OSD advanced concept technology demonstration. This collaboration, known as Advanced Network Intrusion Defense, will involve studying the feasibility of using ABM. The CID-GMU collaboration will create agent-based representations of the major players in a network intrusion activity.
The objects and their interactions studied in this model include computer intruders (e.g., hackers); network assets (routers, switches, and host computers); computer users; law enforcement officials; and the legal/policy environment. A proposal under consideration is a scenario involving a logistics distribution event, further demonstrating the important intersections of IA and LOGSEC.
Future research in this area may also embrace agent-based modeling of fraud cases to study the complex relationships of various animate and inanimate objects associated with such crime. Such a model could aid individuals in visualizing the people, surroundings, equipment, and supporting documents as agents capable of interacting to produce novel behaviors. This will enhance discovery of important relationships. These future agents could interact on their own behalf to build associations that chart the environment of the crime, much as the ABEM model tracks relationships of witnesses to inanimate objects empowered to act on their own behalf.
Summary
The CID plays an important role in securing logistics distribution for the Army as well as enforcing federal laws that protect information assurance. Because IA and LOGSEC are integral components of successful distribution-based logistics operations, the CID's force protection contributions are essential to those emerging logistics processes envisioned in the Army transformation. The CID is studying the role of innovative modeling and simulation support to IA and LOGSEC. This initial research is expected to support the transformation of Army logistics operations, thus resulting in effective and reliable tools for all commanders to enhance their force-protection capabilities.
[Author Affiliation]
LTC CARL W. HUNT is Commander of the U.S. Army Criminal Investigation Command's Computer Crime Investigative Unit. He received his Ph.D. in information technology from George Mason University and can be contacted at carL hunt@us.army.mil.
Комментариев нет:
Отправить комментарий