GCSS boosts security with off-the-shelf app

SAFE brings new features to GCSS

  • Provisioning Manager, which uses automation to reduce the time and costs of allowing new users access and removing users who no longer are allowed access

  • Password Manager, which lets users manage their passwords

  • Identity Broker, which maintains consistent identity profile information across enterprise business applications, including customer relationship management, human resources and enterprise resource planning applications

  • Audit and Reporting, which offers identity auditing capabilities to detect security risks.
  • The Defense Information Systems Agency is using a commercial application on its Global Combat Support System that provides identity, account management and enhanced security with a single sign-on.

    DISA is upgrading its GCSS servers to Version 3.3 with the new tool, Secure Authentication Framework for the Enterprise (SAFE). Northrop Grumman Information Technology of Herndon, Va., and Waveset Technologies of Austin, Texas, developed the framework for DISA and began rolling it out last month.

    GCSS collects logistics data from various combat support information systems and feeds the data to joint warfighters in a fused combat picture that lets military planners manage and monitor everything from personnel to equipment.

    'One of the key challenges in deploying such a highly integrated and data-centric 'system of systems' is the management of user security, including account permissions, credentials and profile data,' said Russ Riva, manager of systems development for Northrop Grumman IT's Defense Mission Systems.

    What's needed

    To secure the data effectively, a system must guarantee data protection, accurate transactions, and user authentication and privacy'capabilities that SAFE provides, Riva said.
    Deploying SAFE increases security on the integrated systems that make up GCSS, said Lt. Col. Elliott Cruz, program manager of GCSS.

    'What happened was, as GCSS came into the picture in the early stages, we had a requirement to provide an underlying security architecture,' Cruz said. 'GCSS uses a DOD public-key infrastructure on the Secure IP Router Network. As we were developing our Web app, a requirement to manage this became a difficult thing to solve. There were differences between different types of administrators, different types of users.'

    DISA found the solution to the quandary in SAFE, a merged software tool.

    Earlier versions of GCSS used government software developed by DISA with Northrop Grumman. 'To enhance our security features, all this information is being cross-linked and cross-utilized,' Cruz said.

    Martin Gross, chief of combat support systems at DISA, said the network-centric vision of Defense leaders has been the driving force behind the addition of extra layers of security.

    'We have to have security mechanisms in place, authentication to control that information,' Gross said. 'This provides us with that solution to meet that customer-driven requirement.'


    • Records management: Look beyond the NARA mandates

      Pandemic tests electronic records management

      Between the rush enable more virtual collaboration, stalled digitization of archived records and managing records that reside in datasets, records management executives are sorting through new challenges.

    • boy learning at home (Travelpixs/Shutterstock.com)

      Tucson’s community wireless bridges the digital divide

      The city built cell sites at government-owned facilities such as fire departments and libraries that were already connected to Tucson’s existing fiber backbone.

    Stay Connected