Managing GIG policy and privileges will require technology leaps

Managing GIG policy and privileges will require technology leaps

The National Security Agency's new technical reference model for securing data on the Global Information Grid is going to be entrenched at the Defense Department and should spread to other agencies and industry, Defense Department speakers said today at an interoperability conference in Washington.

'We are on a very, very fast path of power to the edge, and there are things I never imagined'1-Gbps encryptors and an aggressive [tactical] satellite program,' said Robert F. Lentz, information assurance director in the office of the assistant secretary of Defense for networks and information integration. 'Get information to the edge users and let them use it to advantage.'

Lentz and others spoke at a conference sponsored by the Institute for Defense and Government Advancement of Little Falls, N.J.

Brooks Emrick, who tracks data-sharing projects for DOD's Information Assurance Directorate, said existing security methods 'have become passe' with net-centricity. The old ways of isolating the three classification domains with bulk encryption and cross-domain 'guards' will give way to authentication by the Common Access Card and the department's public-key infrastructure. There are more difficult hurdles coming to manage access privileges and policies, she said.

DOD envisions Extensible Markup Language metadata and a special search engine to help users find information in a 'metacard catalog,' Emrick said. 'That's not hard in a single security domain, but between domains you must invoke rights and privileges.' The metadata tags will incorporate classification labels and guide encryption and decryption across domains.

The Northern Command will test cross-domain classified data sharing around December 2005, she said. Another pioneer effort, the Transatlantic Security Collaboration Program, is sharing controlled, unclassified information.

Paul Grant, information assurance executive for the departmental CIO, said 3.5 million CAC cards have been issued to DOD personnel. The credential will not go to external partners but, he said, 'their credentials must be interoperable with ours,' which means cross-certifying bridges will be necessary.

'There is no alternative to PKI bridges yet,' Grant said. 'We need more' in addition to the Federal Bridge Certification Authority. 'We need more external-facing trust policies and audits.'

Featured

  • 2020 Government Innovation Awards
    Government Innovation Awards - https://governmentinnovationawards.com

    21 Public Sector Innovation award winners

    These projects at the federal, state and local levels show just how transformative government IT can be.

  • Federal 100 Awards
    cheering federal workers

    Nominations for the 2021 Fed 100 are now being accepted

    The deadline for submissions is Dec. 31.

Stay Connected