elib
DLR-Header
DLR-Logo -> http://www.dlr.de
DLR Portal Home | Impressum | Datenschutz | Kontakt | English
Schriftgröße: [-] Text [+]

A Standardized Approach for Providing Information Security to Space Projects

Richter, Dorothea und Kling, Wolfgang (2016) A Standardized Approach for Providing Information Security to Space Projects. In: 14th International Conference on Space Operations, SpaceOps 2016. SpaceOps 2016 - 14th International Conference on Space Operations, 16.-20. Mai 2016, Daejeon, Südkorea. doi: 10.2514/6.2016-2393.

[img] PDF - Nur DLR-intern zugänglich
473kB

Kurzfassung

Over the last years, information security became more and more important for space operations. Widely available connectivity provided by modern communication technology not only resulted in an increasing threat for attacks on the infrastructure but also offered possibilities like teleworking leading to new challenges in respect to system security. A variety of space projects is being operated from our multi-mission control center (GSOC), each having its own requirements regarding information security. As cost-reduction is also a key factor for space operations these days, there is a need for being able to provide information security to all of these projects in an organized and standardized way so that synergies can be used wherever possible - both in the implementation and in the operational phases of the mission. Nevertheless both the methods and processes used as well as the implemented controls must not be too rigid in order to be able to respond to mission-specific requirements resulting e.g. from different classification levels or special needs of a customer. In order to realize the aspects mentioned above, we chose the ISO/IEC 27001 standard as the baseline, guaranteeing - in contrast to national standards - international publicity and acceptance. This standard allows management of information security on a risk oriented basis. Furthermore this approach offers the opportunity to obtain a certification. In this paper we will describe how the information security management system at GSOC (ISMS) was designed and how general information security guidelines covering important aspects like secure operations, user management, secure network and much more have been developed based on ISO 27001, taking into account important processes for space operations. Using the example of the EDRS mission, we show how these general guidelines can be used to set up security concepts for upcoming space missions while taking benefit from already implemented systems. In addition to that, we explain how project-specific processes collude with the general guidelines and how special requirements can be incorporated. We will show the procedures which were evolved for managing the complete ISMS and for identifying gaps quickly, giving the opportunity to space projects to take corrective measures in order to be compliant with the security policies. Due to its flexibility, the ISMS also showed to be able to bear with the changes caused by the update of the ISO 27001 in 2013.

elib-URL des Eintrags:https://elib.dlr.de/110528/
Dokumentart:Konferenzbeitrag (Vortrag)
Titel:A Standardized Approach for Providing Information Security to Space Projects
Autoren:
AutorenInstitution oder E-Mail-AdresseAutoren-ORCID-iDORCID Put Code
Richter, Dorotheadorothea.richter (at) dlr.deNICHT SPEZIFIZIERTNICHT SPEZIFIZIERT
Kling, WolfgangWolfgang.Kling (at) dlr.deNICHT SPEZIFIZIERTNICHT SPEZIFIZIERT
Datum:2016
Erschienen in:14th International Conference on Space Operations, SpaceOps 2016
Referierte Publikation:Nein
Open Access:Nein
Gold Open Access:Nein
In SCOPUS:Ja
In ISI Web of Science:Nein
DOI:10.2514/6.2016-2393
Status:akzeptierter Beitrag
Stichwörter:Information Security Space Missions
Veranstaltungstitel:SpaceOps 2016 - 14th International Conference on Space Operations
Veranstaltungsort:Daejeon, Südkorea
Veranstaltungsart:internationale Konferenz
Veranstaltungsdatum:16.-20. Mai 2016
Veranstalter :SpaceOPS Organisation
HGF - Forschungsbereich:Luftfahrt, Raumfahrt und Verkehr
HGF - Programm:Raumfahrt
HGF - Programmthema:Technik für Raumfahrtsysteme
DLR - Schwerpunkt:Raumfahrt
DLR - Forschungsgebiet:R SY - Technik für Raumfahrtsysteme
DLR - Teilgebiet (Projekt, Vorhaben):R - Raumflugbetrieb / Kontrollzentrums-Technologie (alt)
Standort: Oberpfaffenhofen
Institute & Einrichtungen:Raumflugbetrieb und Astronautentraining
Hinterlegt von: Richter, Dorothea
Hinterlegt am:16 Jan 2017 10:46
Letzte Änderung:18 Jul 2023 16:22

Nur für Mitarbeiter des Archivs: Kontrollseite des Eintrags

Blättern
Suchen
Hilfe & Kontakt
Informationen
electronic library verwendet EPrints 3.3.12
Gestaltung Webseite und Datenbank: Copyright © Deutsches Zentrum für Luft- und Raumfahrt (DLR). Alle Rechte vorbehalten.