Defense will promote wide use of NSA's secure data model

The National Security Agency's new technical reference model for securing data on the Global Information Grid is going to become entrenched at the Defense Department and should spread to other agencies and industry.

That's the belief of Robert F. Lentz, information assurance director in the office of the assistant secretary of Defense for networks and information integration. He spoke last month at an interoperability conference sponsored by the Institute for De- fense and Government Advancement of Little Falls, N.J.

'We are on a very, very fast path of power to the edge. There are things I never imagined'1-Gbps encryptors and an aggressive [tactical] satellite program,' he said. 'Get information to the edge users and let them use it to advantage.'

Brooks Emrick, who tracks information-sharing projects for DOD's Information Assurance Directorate, said existing security methods are pass' under network-centricity.

The old ways of isolating DOD's three classification domains via bulk encryption and cross-domain guards will give way to authentication by the Common Access Card and the department's public-key infrastructure, she said.

'Can I trust this information? Where did it come from and has it been tampered with?' Emrick asked. Beyond the CAC and PKI, however, 'databases of roles and privileges will be a lot harder' to create and use.

She envisions Extensible Markup Language metadata and a special search engine to help users find information in a metacard catalog.

'That's not hard in a single security domain, but between domains you must invoke rights and privileges,' Emrick said.

The metadata tags will incorporate classification labels and guide encryption and decryption across domains, she said. Other components likely will include biometrics, tokens and
personal identification numbers.

Paul Grant, information assurance executive in Defense's CIO Office, said DOD will not issue Common Access Cards to external partners but, he said, 'their credentials must be interoperable with ours,' which means cross-certifying bridges will be necessary.

'There is no alternative to PKI bridges yet,' Grant said. 'We need more external-facing trust policies and audits' in addition to the Federal Bridge Certification Authority.


  • Records management: Look beyond the NARA mandates

    Pandemic tests electronic records management

    Between the rush enable more virtual collaboration, stalled digitization of archived records and managing records that reside in datasets, records management executives are sorting through new challenges.

  • boy learning at home (Travelpixs/

    Tucson’s community wireless bridges the digital divide

    The city built cell sites at government-owned facilities such as fire departments and libraries that were already connected to Tucson’s existing fiber backbone.

Stay Connected