GCSS boosts security with off-the-shelf app

SAFE brings new features to GCSS

  • Provisioning Manager, which uses automation to reduce the time and costs of allowing new users access and removing users who no longer are allowed access

  • Password Manager, which lets users manage their passwords

  • Identity Broker, which maintains consistent identity profile information across enterprise business applications, including customer relationship management, human resources and enterprise resource planning applications

  • Audit and Reporting, which offers identity auditing capabilities to detect security risks.
  • The Defense Information Systems Agency is using a commercial application on its Global Combat Support System that provides identity, account management and enhanced security with a single sign-on.

    DISA is upgrading its GCSS servers to Version 3.3 with the new tool, Secure Authentication Framework for the Enterprise (SAFE). Northrop Grumman Information Technology of Herndon, Va., and Waveset Technologies of Austin, Texas, developed the framework for DISA and began rolling it out last month.

    GCSS collects logistics data from various combat support information systems and feeds the data to joint warfighters in a fused combat picture that lets military planners manage and monitor everything from personnel to equipment.

    'One of the key challenges in deploying such a highly integrated and data-centric 'system of systems' is the management of user security, including account permissions, credentials and profile data,' said Russ Riva, manager of systems development for Northrop Grumman IT's Defense Mission Systems.

    What's needed

    To secure the data effectively, a system must guarantee data protection, accurate transactions, and user authentication and privacy'capabilities that SAFE provides, Riva said.
    Deploying SAFE increases security on the integrated systems that make up GCSS, said Lt. Col. Elliott Cruz, program manager of GCSS.

    'What happened was, as GCSS came into the picture in the early stages, we had a requirement to provide an underlying security architecture,' Cruz said. 'GCSS uses a DOD public-key infrastructure on the Secure IP Router Network. As we were developing our Web app, a requirement to manage this became a difficult thing to solve. There were differences between different types of administrators, different types of users.'

    DISA found the solution to the quandary in SAFE, a merged software tool.

    Earlier versions of GCSS used government software developed by DISA with Northrop Grumman. 'To enhance our security features, all this information is being cross-linked and cross-utilized,' Cruz said.

    Martin Gross, chief of combat support systems at DISA, said the network-centric vision of Defense leaders has been the driving force behind the addition of extra layers of security.

    'We have to have security mechanisms in place, authentication to control that information,' Gross said. 'This provides us with that solution to meet that customer-driven requirement.'


    • Russia prying into state, local networks

      A Russian state-sponsored advanced persistent threat actor targeting state, local, territorial and tribal government networks exfiltrated data from at least two victims.

    • Marines on patrol (US Marines)

      Using AVs to tell friend from foe

      The Defense Advanced Research Projects Agency is looking for ways autonomous vehicles can make it easier for commanders to detect and track threats among civilians in complex urban environments without escalating tensions.

    Stay Connected