Protecting Global Information Grid requires new strategy.The cornerstone of future defense programs is information technology, but that foundation may contain cracks that endanger the entire effort, according to according to prep. 1. As stated or indicated by; on the authority of: according to historians. 2. In keeping with: according to instructions. 3. security experts within the government. Ensuring that future information exchange in and out of the Global Information Grid The globally interconnected, end-to-end set of information capabilities, associated processes and personnel for collecting,processing, storing, disseminating and managing information on demand to warfighters, policy makers, and support personnel. will be done safely will require a new way of viewing the problem, according to J. Michael Johnson Michael Johnson or Mike Johnson may refer to:
The National Security Agency is developing the information assurance component of the GIG, with support from the Defense Information Agency and each military service. The GIG will resemble the Internet, but with more dependence on space-based and mobile systems to send and receive information. Those connections will be configured based on the situation. "This goes beyond the Defense Department. We have to have the ability to share information across the U.S. government." Responding to a weapon of mass destruction weapon of mass destruction (WMD) Weapon with the capacity to inflict death and destruction indiscriminately and on a massive scale. The term has been in currency since at least 1937, when it was used to describe massed formations of bomber aircraft. attack will require providing information to government users besides the military and outside of the federal government, such as local responders to international players. Each of these new players will come to the situation with varying levels of trust, but with a pressing need for information. So the GIG has to be flexible enough to allow access, but designed to maintain security. Currently, there are clear divisions between networks of varying security levels, with the perimeters protected by software, hardware and protocols. Keeping intruders and other unauthorized people out of sensitive areas was a matter of denying them access at known points, he said. In the event a new entity needs access, secure holes have to be punched in that perimeter and those breaches guarded by programming, routers and firewalls. In the more dynamic GIG model, information is flowing between security levels more seamlessly, with new partners added in an ad hoc For this purpose. Meaning "to this" in Latin, it refers to dealing with special situations as they occur rather than functions that are repeated on a regular basis. See ad hoc query and ad hoc mode. fashion. The concept of perimeter security is not adequate to police such a model of information exchange, Johnson said. The shift in strategy must: * Ensure that a single point of failure will not spread. * Augment perimeter monitoring with ways to police activity from within. * Build forensic abilities into the system to quickly trace the origin an attack. * Make every information node a sensor that can relate security information to those tasked with securing the network. "If we don't do this, we will build significant vulnerabilities into the GIG which will be very costly to fix," Johnson said. One key area of the NSA's strategy is a Cryptography Transformation Initiative, meant to design tools to protect sensitive information transmitted across the network and protect the network from attack. An investment of nearly $5 billion has been allocated between 2004 and 2009 for this project. The military services also are working on new technologies to beef up information assurance, such as Internet protocol See Internet and TCP/IP. (networking) Internet Protocol - (IP) The network layer for the TCP/IP protocol suite widely used on Ethernet networks, defined in STD 5, RFC 791. IP is a connectionless, best-effort packet switching protocol. encryption, advanced firewalls, intrusion detection systems This article is about the computing term. For other uses, see Burglar alarm. An intrusion detection system (IDS) generally detects unwanted manipulations of computer systems, mainly through the Internet. and enhanced biometrics. Another effort, pending Defense Department approval as of press time, is configuring three secure networks to share information outside their narrow range of users if the need arises. The highly secure Secret Internet Protocol Router Network Worldwide SECRET level packet switch network that uses high-speed internet protocol routers and high-capacity Defense Information Systems Network circuitry. Also called SIPRNET. See also Defense Information Systems Network. or SIPRNET will be the first to adopt the new strategy, making it easier for trusted international allies to access the system. The tentative timeline for this project's completion ranges from 2008 to 2012. The second increment will allow access, when needed, of SIPRNET information to the less secure Joint Capabilities Integration and Development System, or JCIDS JCIDS Joint Capabilities Integration and Development System (US DoD; replaces Requirements Generation System, RGS) . Lastly, the unclassified un·clas·si·fied adj. 1. Not placed or included in a class or category: unclassified mail. 2. but sensitive Internet protocol router network, called NIPRNET NIPRNET Unclassified but Sensitive Internet Protocol Router Network (US DoD) NIPRNET Non-Classified Internet Protocol Router Network (US DoD) NIPRNET Non-Secure Internet Protocol Router Network , will be configured for new users. A recent report by the Government Accountability Office The Government Accountability Office (GAO) is the audit, evaluation, and investigative arm of the United States Congress, and thus an agency in the Legislative Branch of the United States Government. highlights some of the policy-level confusion about the GIG and its development. "First, the Defense Department has yet to determine how much information should be posted on the network, when it should be posted and how and where it should be used," the report stated. "Once these factors are determined, it must develop rules of operation to ensure the network can work as intended without precluding the benefits ... Currently, various offices within the Defense Department are working through questions on whether unlimited amounts of data should be made available through the GIG, including unprocessed intelligence, surveillance and reconnaissance Intelligence, Surveillance and Reconnaissance may refer to:
Tools would have to be made available to steer users towards the best available information, assisting users to pluck pluck 1. an abattoir term for the thoracic viscera plus the liver, after separation from the esophagus and the diaphragm. Includes the larynx, trachea, lungs, heart and liver, plus the spleen in sheep. 2. out useful data amid the flow of information from sensors, weapon systems, intelligence officials and other soldiers. Part of the solution is empowering the network to autonomously identify who can be allowed to scan data, Johnson said. "GIG must be able to recognize and make access control decisions," he said. At the core of the GIG's infrastructure are communications satellites, next-generation radios and an installation-based network with significantly expanded bandwidth. Still, legacy systems must be hardened, because of financial constraints do not allow for a network to be built from scratch, Johnson noted. "This would be easier if we had a clean sheet." |
|
||||||||||||||||||
Printer friendly
Cite/link
Email
Feedback
Reader Opinion