Kellogg: Build trust in networks, data
- By Dawn S. Onley
- Apr 22, 2004
SALT LAKE CITY'If the Defense Department is serious about fighting terrorism, officials must start enforcing the Common Criteria software certification program to give warfighters confidence in the data they receive.
Such a move also would convince Americans that they, too, can trust the information the government receives, said a retired Army general who spent the bulk of his career pushing command and control and interoperability issues across military agencies.
Retired Army Lt. Gen. Keith Kellogg, former director of command, control, communications and computers for the Joint Chiefs of Staff and now the senior vice president of Homeland Security Solutions for Oracle Corp., said the country is grappling with the tension of balancing privacy and security issues.
The matter boils down to a distrust of the networks and the data they contain, an issue that's especially difficult to overcome among federal agencies dealing with security, law enforcement, intelligence and military operations, which have been charged with sharing data better in the war against terrorism, Kellogg said.
"They'll share the information if they trust it," Kellogg told a lunch audience yesterday at the Systems and Software Technology Conference. "They won't share it if they don't trust it. Information is the weapon in our war on terror. It's not bigger guns. It's bigger bytes."
Information is the enemy of terrorism, Kellogg said, and part of the reason the terrorist attacks of Sept. 11 occurred was because "we didn't have a lot of good information."
The Common Criteria, a set of standards for evaluating security software, needs to be used more frequently, he added. The program is run by the National Institute of Standards and Technology and the National Security Agency.
"A lot of people don't want to put a lot of stuff on the Internet because they are very concerned about privacy. When we talk security, you also need privacy," Kellogg said. "You've got to have the security so people can talk to each other."
The issue could mean the difference between winning a war or losing soldiers to the enemy, he said.
"If we don't share information, we're not going to be able to fight," he said. "If we don't share information, I guarantee that the next time there's a terrorist attack, we're going to be asking each other, 'How did that happen?''
Kellogg said DOD had made a mistake in issuing too many waivers on the Common Criteria program. He urged the government to force users to make software comply with the Common Criteria .