Possible war, terrorist threats shape Defense IT agenda
- By Dawn S. Onley, Wilson P. Dizard III
- Jan 10, 2003
As the Bush administration and civilian agencies finesse the government's citizen-centric focus, the Defense Department this year will continue to push forward with leading-edge technology initiatives.
The prospect of war with Iraq also is defining the department's 2003 plans. U.S. soldiers on the front lines are preparing to use the latest technologies'including wireless communications and high-end cryptography tools'being tested and deployed by DOD, senior department officials said.
In the coming months, DOD's technical focus will be squarely on security, boosting projects to develop antiterrorism tools, creating a DOD-wide public-key infrastructure, expanding IT training and beginning biometric pilots.
At the Defense Advanced Research Projects Agency, for instance, one team will spend the year developing a massive database to monitor consumer purchases in an attempt to better track terrorist activities. Under the direction of retired Rear Adm. John Poindexter, DARPA is pursuing data-mining techniques to develop the Total Information Awareness System.
Meanwhile, DOD's Information Assurance Division is putting the finishing touches on a departmentwide strategic plan for data safety. Robert Lentz, DOD director of information assurance, said PKI, increased interoperability, IT training and biometrics pilots will keep his staff hopping. By October, all 3.5 million Defense employees must use the department's PKI.
'We need to have the capability and to use it for communications [and] access control,' Lentz said. 'Encryption over e-mail is becoming a day-to-day, normal event. PKI gives us a higher level of assurance that these people logging on are who they are supposed to be. PKI will allow you to go back and monitor logs.'
On the war front, DOD will place a greater emphasis on interoperability with the systems used by coalition and allied forces. And Defense brass this year plan to release a departmentwide policy that sets guidelines for the use of the latest wireless devices for tapping military networks. Current interim polices limit their use.
But, as was true during the Gulf War, some technologies could get their first live use on the battlefield, officials said. In a conflict, a senior security official said, military commanders could request the use of pilot cryptographic products, mostly hardware devices used to encrypt information, to help speed the distribution of information.
'I think there's going to be an increased reliance on secure wireless capabilities,' Lentz said. 'It is important that we have as much of that available so that when warfighters say we need this capability, we can support those needs.'
And although DOD has pulled back on any quick expansion into wireless technologies, its efforts to set a policy for using them could prompt other agencies to follow suit.
Admittedly, security concerns are slowing widespread adoption by agencies, said Ed Roback, chief of the Computer Security Division at the National Institute of Standards and Technology.
Agencies need to understand that maintaining a secure wireless network requires more work than other networks do, he said.
'Agencies have to form a security policy and then look at their purchases to make sure they are consistent with the policy,' Roback said. The policies will need to be multilayered in approach, he added, to accommodate different types of users, which run the gamut from office workers to soldiers.Hold back
'The problems with 802.11 security are widespread,' Roback said. 'In some cases, we think it makes sense for agencies to hold back on deployment until more secure solutions are available.'
Nonetheless, he added, the adoption of wireless technologies 'is seen as one of these inexorable tides because of the cost efficiencies you get from wireless.' As to data-sharing efforts to respond to IT-based attacks, DOD plans to go the route of the FBI, which partnered with federal, state and local agencies, and industry to create the National Infrastructure Protection Center. The department wants to work with other government agencies, as well coalition forces and other global allies, to strengthen its two-year-old computer emergency response plan.
Lentz said the plan calls for a higher degree of information sharing during computer emergencies, such as widespread virus attacks.
'We are developing more and more information partnerships with more and more nations,' he said. 'It allows us to increase and enhance our detection capabilities.'