unisys security solutions - · pdf filediretor de programas estratégicos ... –...

Italo Cocentino Diretor de Programas Estratégicos

Unisys Security Solutions

Maio-2015

© 2015 Unisys Corporation. All rights reserved. 2

UNISYS Enterprise Security

We assess, design, integrate and manage mission-critical solutions that secure people, assets, locations or systems and data for governments and businesses who have no room for error.

Cyber Security

• Stealth Solution Suite

• Security Advisory Services

• Cyber Security Operations Center Solution

• Identity and Access Management

• Single-Sign-On and Multi-Factor Authentication

• Managed Security Services

Location, Perimeter and Surveillance Security

• Security Advisory Services

• Intelligent Video Surveillance

• Command and Control

• Physical Access Control

• Border Security Solutions

• Supply Chain Security / In-Transit Visibility / RFID

Public Safety and Justice

• Integrated Justice and Interoperability

• Secure Image Management Solution (SIMS)

• Unisys Law Enforcement Application Framework (ULEAF)

• Integrated Courts Management

• Entity Analytics and Targeting Solutions

• Inmate Communications Services

Identity Solutions

• Identification and Credentialing

• Library of Electronic Identity Artifacts Framework (LEIDA)

• Border Crossing Solutions

• Biometric Authentication Solution

• Mobile Biometric Solutions


Atuação Mundial

ID Systems and Travel Docs • Mexican National ID

• Australia ePassports

• Malaysia MyKAD Smartcard

• Angola National ID card

• South Africa HANIS

• Canada CATSA Airport Worker

• US Port of Los Angeles TWIC

• New Zealand Supergold Card

• EU Schengen Visa consultancy

• US Registered Traveler

• Philippines NSO Births

• Qld Drivers License Facial Biometrics

& Case Management

• New Zealand Drivers License

• Morocco ID Programs

Border Control • Australian Immigration DIAC

• Canada CIC Visa Field Trials

• Chile Immigration

• US WHTI / LBI

• EC Border Security & LE

• Hungary, Lithuania Visa SIS II

Voter Registration • Dominican Republic

• Panama

• Brazil

Video Surveillance • SBInet

• Philadelphia

• Minneapolis Safe Zone

• London Ring of Steel

Transportation Security • Port of Halifax Access Control

• Beijing , Guangzhou, and Delhi

Airport Operations Management

Systems

• TSA Airport Access Control Pilot

Programs

• TSA Air Cargo Integrity Program

• Singapore Airport Infrastructure

• Port of LA Security Roadmap

• Mexico Seaports Security

• Colombia DIAN Ports Security

• BARA – Bureau of Airport

Representatives Australia

• AENA – Aeropuertos Españoles y

Navegación Aérea (43 airports)

• LAWA – Los Angeles World Airports

(3 airports)

Justice/Public Safety • Western Australia Courts

• Hong Kong Judiciary

• Dutch Prosecutors

• EU Criminal Records System

• Georgia Justice Network

• US Bureau of Prisons

• UK Metropolitan Police

• New York State Inmate Telephone

System

• DHS/TSA Law Enforcement

Message Systems

• Northern Territory Dept of Justice

• US CODIS DNA Indexing

Defense/Homeland Security • US-VISIT Air and Sea Exit

• UK Disaster Victim Identification

• US Defense Multimodal Biometrics R&D

• Canada Defense IS Architecture

• International Thermonuclear Experimental

Reactor (ITER) Security Services

• US CBP Automated Targeting System

• Federal Protective Service Radio Program

• Pakistan Counterterrorism (FIA, Karachi Airport)


LBI Framework (Land Border Integration)

• Proporcionar informação oportuna em tempo real

• Intercambio de informações basado em serviços de

mensagem.

• Capacidade de supervisionar as operações de forma

remota.

• O LBI facilita a implementação, operação e manutenção

por meio de monitoração e acesso remoto.

• Ofrece tecnología integrada, processos sob medida, e

um enfoque interoperável através de cada área de

missão crítica.

• Incorpora tecnologias e processos que abordam os

desafíos particulares dentro e fora das fronteiras dos

Estados Unidos.

• Extender e aumentar os investimentos existentes, como

soluções de leitura de placas de veículos (LPR)

• Habilita identificação por rádio frequência (RFID)

http://206.241.31.129/ImageCache/cgov/content/newsroom/photogallery/inspectors_5flandports/highresimage/lp_5fphoto_5f21_2ejpg/v1/lp_5fphoto_5f21.jpg


Ponto Tático Local – Pista: Análise móvel não intrusiva em 14 segundos

LPR dianteiro

• O veículo ingresa na pista, e o sistema se prepara para a transação.

Câmera do conductor Perfilador Câmera ambiental

• O veículo é detectado, câmera LPR dianteira, câmera ambiental, câmera do condutor e

perfilador capturam imagens.

• Se detecta veículo em posição para câmera traseira LPR e captura imagens.

• Resultados e imagens são transmitidos pela rede privada para o operador.

• Veículo chega ao semáforo fiscal , verifica sinalização, abre a cancela e avança.

LPR traseiro

1 2 3 4 5 6 7 8 9 10 11 12 13 14 Seg.


Departamento de Defesa dos EUA Maior rede RFID do mundo

Mais de 125.000 “pallets” de carga aérea e containeres marítimos monitorados em 25 países

Mais de 15.000 etiquetas RFID gravadas por semana

Acesso instantâneo a informações sobre equipamentos e sobre entrega

Integrado ao Google Earth

Cadeia de suprimentos transparente e responsiva

Classes de rastreamento: alimentos, medicamentos, materias de construção, suprimentos, veículos e equipamentos

Projeto, implementação e operação da maior cadeia de suprimentos baseada em tecnologia de rastreamento RFID


PASSIVO ATIVO + GPS PASSIVO

Habilita

Nó de Remessa

Habilita

Nó de Recebimento

TAV / ITV

Supply Chain - Transporte

Fabricante Distribuição Export Import Distribuição Entrega

Departamento de Defesa dos EUA Cadeia de Suprimentos RFID


Ramp

Interrogator

Truck Gate

Interrogator

Departamento de Defesa dos EUA Nós RFID Fixos / Permanentes


Departamento de Defesa dos EUA Nós RFID Temporários


DEFINIÇÃO: Soluções integradas (1) integrar sensores, (2) fundir os dados, (3) proporcionar um quadro operativo

comum, e (4) suporte analítico no backoffice, para a proteção de locais, pessoas, tecnología e ativos

.

Nosso enfoque Estratégico - Integração


Enrollment Transmission Processing Production Distribution Delivery Use

UNISYS LEIDA Open Framework Biometric Solution

Business Integration

Verify

Issue Credential

Manage Case

Examine

Identify

Quality Assure

Enroll Identity documents

Border security

Video surveillance

Access control

Law Enforcement

Defence

Intelligence

People Identity

LEIDA Library of

Electronic Identity

Artifacts


Unisys SOC: Segurança Integrada Missão Crítica com Abrangência Global

Blue Bell, PA Reston, VA

Sao Paulo, Brazil

Amsterdam, Netherlands

Bangalore, India

Shanghai, China

Hong Kong, China

Wellington, NZ

SLC, UT

MK, U.K.

• Proactive, 24x7 monitoring, management, configuration and response services

• ISO27001 certification SSAE16 Type 2

• ISO20000 certification

• ISO9001 certification

• 100+ SOC staff worldwide

• 8 SOCs

• Customer dedicated security consultants

Bogota, Colombia

13 © 2015 Unisys Corporation. All rights reserved. 13

2014 FIFA World Cup in Brazil

Estádio Nacional Mané Garrincha, photo by Kelly Sato (via AC Moraes) © 2014 https://creativecommons.org/licenses/by/2.0/deed.en


Secretaria Extraordinária de Segurança para Grandes Eventos

A SESGE desenhou um Sistema Integrado de Comando e Controle

(SICC) para a Segurança Pública, composto de 14 Centros

Integrados de Comando e Controle (CICC).

- 12 Centros Regionais, um em

cada cidade sede da Copa do

Mundo.

- 2 Centros Nacionais

implantados em DF e RJ em

modo de contigência.


Serviços de Missão Crítica: Planejar e Ativar 13 Datacenters em 5 Meses

• Desenho e planejamento da Infraestrura e processo de implementação

– Servidores x86 – 56 Rack/39 chassis/ 178 Blades

– 104 Desktops / 288 Blade PCs/ 720 Thin Clients

– 6 PB de Armazenamento e Backup

– Infraestrutura de SAN e Rede Ethernet

– Virtualização de SAN com vPlex

– Infraestutura de Virtualização de Servidores

– Desktop Virtuais de alto desempenho

– Impressora e Plotters

– Infraestrutura Microsoft (AD,Exchange, Office, etc)

– Desenvolvimento de Políticas e Procedimentos


Solução de Armazenamento de dados Proteção contra desastres... físicos ou lógicos

Storage 1 Storage 2

Nacional-DF


Unisys Smart Client

Integração VideoWall + VDI

Mobilidade

Integração VDI + Radio

Ambiente de Virtualização de Desktops (VDI) de alto desempenho para Vídeos e Gráficos

../../../../Videos/Sesge/IMG_1434.MOV


Ações de

resposta

adaptadas

Correlação &

Análise

Tempo Localização

Severidade Sensores

Centro de Controle

Partes

Interessadas

Remotos

Sistemas

Conhecimento

da Situação Gerenciamento

da Situação

Op 3 Op 2 Op 1 Op 3 Op 1 Op 2

Como

responder? O que está

acontecendo?

Onde está

acontecendo?

Video

Audio

Gerencia-

mento

TI

Fogo e Fumaça

Controle de Acesso

Centro Integrado de Comando e Controle

Drone Images


Identificação e Controle de Acesso


Video Surveillance e Biometrics

Leitura de Iris Segurança de Perímetros

Biometria 3D Track de Pessoas

Google Streetview Border.mpg

Iris Regonition.wmv

Controle de Filas.MPG

3D Face recogntion.wmv

Track de Pessoas.mpeg

Secure Image Management System (SIMS)

SecurityHD.wmv


Gestão de Evidências Digitais

Integração do Reconhecimento Facial

Tatuagems

Integração com Taser-Cams Padronização, Proteção e geração de Metadados


Quantas câmeras seu Sistema Integrado possui? Crime Stoppers Website


Caso de Uso – Crime Stoppers

Electronic Warfare

Stealth for Defense LAAD 14-17 April 2015

You Can’t Hack What You Can’t See

http://www.google.com/url?sa=i&rct=j&q=&esrc=s&source=images&cd=&cad=rja&uact=8&ved=0CAcQjRw&url=http://commons.wikimedia.org/wiki/File:Defense.gov_News_Photo_120307-F-LG216-400_-_U.S._Air_Force_airmen_wait_to_load_a_simulated_aircraft_crash_victim_onto_a_CV-22_Osprey_aircraft_during_Emerald_Warrior_at_Hurlbert_Field_Fla..jpg&ei=0pMQVd-sCIagyASowoHgDw&bvm=bv.88528373,d.aWw&psig=AFQjCNGz8w37ui6IyxFNKVqCja1v_qeaJQ&ust=1427236152650899


You Can’t Hack What you can’t see

Uma inovação em Cybersecurity com nível de segurança militar (FIPS140-2 e

EAL4+), Implementado de forma incremental e sem disrupção de serviços,

que tornando computadores invisíveis, evitando exposição de

vulnerabilidades a ataques de hackers e vírus

Unisys Stealth Solution™ Suite “Não se pode Hackear o que não se vê”

NIAP Common Criteria

NIST National Institute of

Standard Technology


Crypto-Module

JFCOM JIL Testbed IO Range

DIACAP: DoD Information Assurance Certification and Accreditation Process

MAC: Mission Assurance Category (Level 1 is Highest)

DISA: Defence Systems Information Agency

EUCOM : European Command

SOCOM: Special Operations Command

JFCOM: JOINT Forces Command

JIL: Joint Intelligence Laboratory

CWID: Coalition Warrior Interoperability Demonstration

JUICE: Joint User Interoperability Communications Exercise

CECOM: Communications Electronics Command (US Army)

GTRI: Georgia Tech Research Institute

DJC2: Deployable Joint Command and Control

NIST: National Institute of Standards and Technology

NIAP: National Information Assurance Partnership

CWID 08 DISA

CWID 09

DISA

JUICE 09 CECOM

Combined

Endeavour EUCOM

CWID 05 USAF

CWID 10

SOCOM

GTRI DJC2 PMO

SPAWAR

Private Lab SSVT Validation:

Failed to compromise

“Large

Integrator” Tests and fails

to break Stealth

IV&V National Center for

Counter-terrorism and

Cybercrime SOCOM

Export License Dept of Commerce

FIPS 140-2

Certification NIST

NSA EAL4+

Certification NIAP

Stealth

DIACAP MAC-1

Certification CWID 10

Network Risk Assessment

CWID 05 AF Comm Agency

DIACAP MAC-1

Certification JFCOM

SOCOM R&D Prototype

Emerald

Warrior ‘12

SIPRNet

IATT

2005 2006 2007 2008 2009 2010 2011 2012 2013

Independent

Test: Agency -hired

3rd party: Failed to

compromise

2014

American Technology Award Winner Cyber & Software Security

Stealth: Inviolabilidade Comprovada por mais

de 9 Anos : FIPS 140-2, EAL 4+


Criptografia de backbones

Com Stealth

• Simplicity & Ease of change

• Consistent Technology

• “Military-grade” Security


Segregação Criptografica de Ambientes


Stealth para Infraestrutura de Missão Crítica

Internet

Application Server

ERP RTU

Corporate

Firewall

EPA Database Alarm Aggregation

Enterprise Network

Plant

Firewall

Historian CCTV

Server OPC

Server

Domain

Controller

HM

I HM

I

Control

Firewall

Terminal Bus

Control Bus

PLC PLC PLC PLC

Hardwired Instrumentation Field Bus to Instrumentation Hardwired Instrumentation

Plant Bus

EWS

• ICS – Industrial Control System

• SCADA – Supervisory Control and Data Acquisition

• PLC – Programmable Logic Controller

• HMI – Human-Machine Interface

• DLC – Discrete Logic Controller

• RTU – Remote Telemetry Unit

Controles Semafóricos

Energia

Gás

Aeroportos

Sistemas de Video Vigilância


Imagem de Video Drone na Nuvem

Cloud With MissionCaster,

all authenticated users,

regardless of location

have access to live

video through the cloud

Local Storage:

• SD Card

• AES 256 Encrypted

• Up to 512GB

MissionCaster:

• Battery powered

(20 hour battery)

• Local Wi-Fi Streaming

• 4G LTE Streaming

Mobile Users:

• Mobile users can

access the video

directly from the cloud

or from MissionCaster

Wi-Fi if close enough

• Users have access to

archive and live video

Remote Users:

• Remote users can access

the video and sensor data

directly from the cloud

Copyright - KSI Data Sciences, LLC 2015

All Rights Reserved

Equipment Cart:

• Deployed from truck

Contains Various

Hardware Components:

• ROV

• UAV

• Ground Robots

• Ground Station

• Network switch

• Wi-Fi access point

• HDTV

• Must be tethered to power

No Connectivity:

• There is no way

to get the video

out of the

ground station

UAS Ground Station:

• Many hundreds of feet from the cart,

and much farther from truck

• Even if you bring a video encoder,

there is no way to get power this far

out from the truck and the video has

no network to traverse

Imagens aéreas geradas por Drones


Gathering the data:

Flying a drone removes the human element from potentially hazardous

environments such as high power electrical lines - allowing inspection staff to

get detailed images in safety distance, and at a fraction of the cost compared to

helicopters or physical inspection.

Cameras have advanced to the point that high resolution video images can

captured from even moderately priced drones. However up to now those

images have been trapped at the drone’s ground station – locked into an SD

card or hard drive that needs to wait to be reviewed by an expert.

Assessing the data:

That has all changed with a new kind of video encoder – pioneered by KSI

Data Sciences their MissionCaster mobile encoder captures the video or other

sensor data (IR etc.) and associated data direct from the ground station and

broadcasts it securely over any available network to a remote expert or experts

anywhere in the world. By using the cloud (private or public) and capturing

telemetry from the drone the MissionCaster service allows remote analysis,

integration with mapping and analytics tools and opens up a new economic

model for remote inspection.

Infra-Red

Normal Video

Inspection can be divided

into two distinct operations:

MissionCaster

™ Mobile

Encoder

Remote Sensing


Obrigado! [email protected]

DATA CENTER

unisys security solutions - · pdf filediretor de programas estratégicos ... –...

Documents