Managing GIG policy and privileges will require technology leaps

Managing GIG policy and privileges will require technology leaps

The National Security Agency's new technical reference model for securing data on the Global Information Grid is going to be entrenched at the Defense Department and should spread to other agencies and industry, Defense Department speakers said today at an interoperability conference in Washington.

'We are on a very, very fast path of power to the edge, and there are things I never imagined'1-Gbps encryptors and an aggressive [tactical] satellite program,' said Robert F. Lentz, information assurance director in the office of the assistant secretary of Defense for networks and information integration. 'Get information to the edge users and let them use it to advantage.'

Lentz and others spoke at a conference sponsored by the Institute for Defense and Government Advancement of Little Falls, N.J.

Brooks Emrick, who tracks data-sharing projects for DOD's Information Assurance Directorate, said existing security methods 'have become passe' with net-centricity. The old ways of isolating the three classification domains with bulk encryption and cross-domain 'guards' will give way to authentication by the Common Access Card and the department's public-key infrastructure. There are more difficult hurdles coming to manage access privileges and policies, she said.

DOD envisions Extensible Markup Language metadata and a special search engine to help users find information in a 'metacard catalog,' Emrick said. 'That's not hard in a single security domain, but between domains you must invoke rights and privileges.' The metadata tags will incorporate classification labels and guide encryption and decryption across domains.

The Northern Command will test cross-domain classified data sharing around December 2005, she said. Another pioneer effort, the Transatlantic Security Collaboration Program, is sharing controlled, unclassified information.

Paul Grant, information assurance executive for the departmental CIO, said 3.5 million CAC cards have been issued to DOD personnel. The credential will not go to external partners but, he said, 'their credentials must be interoperable with ours,' which means cross-certifying bridges will be necessary.

'There is no alternative to PKI bridges yet,' Grant said. 'We need more' in addition to the Federal Bridge Certification Authority. 'We need more external-facing trust policies and audits.'

Featured

  • Records management: Look beyond the NARA mandates

    Pandemic tests electronic records management

    Between the rush enable more virtual collaboration, stalled digitization of archived records and managing records that reside in datasets, records management executives are sorting through new challenges.

  • boy learning at home (Travelpixs/Shutterstock.com)

    Tucson’s community wireless bridges the digital divide

    The city built cell sites at government-owned facilities such as fire departments and libraries that were already connected to Tucson’s existing fiber backbone.

Stay Connected