Technology Today - Home
Enabling Information Sharing:
Balancing Need to Know With Need to Share
Since Sept. 11, 2001, the traditional information security approach of restricting access to information has faced the challenge of balancing need to know with the necessity of sharing information to achieve Mission Assurance. Two demonstrations at the 2008 U.S. Department of Defense (DoD) Coalition Warrior Interoperability Demonstration (CWID) established Raytheon's commitment to providing state-of-the-art, secure, interoperable information sharing. The demonstrations also laid the groundwork for developing new collaboration systems for use in the field by U.S. and coalition partners.

New Information-Sharing Paradigm
The 9/11 Commission Report published in July 2004 recommended a network-based information-sharing system that transcends traditional government boundaries to unify the many agencies involved in countering terrorism. Our military faces a similar need-to-share challenge as it increasingly participates in combat operations with multinational partners. Coalition forces can gain an advantage by providing timely access to relevant data on the Global Information Grid (GIG), which is composed of tactical-edge networks and higher-echelon sanctuary networks, all of which need to securely interoperate with each other.

At the surface, it would appear that tactical networks require less protection than sanctuary networks. For example, the threat duration and the risks versus rewards of data sharing can be substantially different under the fog of war. Targeting data may be extremely sensitive during mission planning, but become news on CNN in a matter of minutes after mission execution. The risks associated with temporarily sharing classified data with coalition partners may be outweighed by the opportunity to enhance mission effectiveness and/or save lives. In contrast, the duration of the threat against sanctuary networks is measured in years.

Military networks can benefit from adaptive security policies that can flex to conditions and force composition, and incorporate the user's needs into the information-sharing decision — rather than relying solely on the pre-judgment of the data originator.

Compartmented High Assurance Information Network
In order to more quickly field emerging technologies that could meet the necessary criteria, the DoD established the CWID, an annual event that aims to engage cutting-edge information technology to enhance warfighter information-sharing capabilities. Each technology trial is evaluated using a scripted scenario involving coalition participation, and each receives focused feedback in terms of its user interface, operational utility, interoperability issues, and information assurance (IA).

In 2008, Raytheon demonstrated its Compartmented High Assurance Information Network (CHAIN) as a secure information-sharing solution at CWID. The 2008 scenario described notional coalition task force operations applicable to any global crisis, with scripted terrorist and natural-disaster events.

The need to quickly share information with the right partner at the right time is traditionally solved with stove-piped systems and "sneaker nets." CHAIN was designed to overcome stove pipes and provide a scalable, dynamic capability to support multinational operations.

CHAIN is a commercial-off-the-shelf-based security solution that allows for data sharing and collaboration between communities of interest and personnel of varying clearance levels, security caveats, and needs to know. It provides secure services such as e-mail, document control and collaboration, VTC, chat, and white-boarding. CHAIN also provides user-level authentication and role-based authorizations, along with the central management of security policies, which allows the system to quickly change security levels to adjust to the operational situation. Other security features include labeling and control of classified documents and e-mails, content validation, anti-virus protection, and data in-transit/at-rest protection.

At CWID 2008, CHAIN successfully provided a secure collaboration environment that exceeded the warfighter's expectations. Warfighters used CHAIN to coordinate missions, review intelligence data, and securely chat about current operations, as well as for mission planning (white-board function). While some warfighters were experienced computer users, several were not. Even in those cases, CHAIN's intuitive features (similar to the standard DoD desktop environment) enabled all users to quickly learn and use the IA features.

The CWID final report stated that CHAIN had met or exceeded warfighter objectives for secure coalition information-sharing, and rated CHAIN as one of the "most promising technologies." CHAIN is currently operational and is deployed to DARPA, accredited at Protection Level 3.

CHAIN laid the foundation for Raytheon's winning proposal submission for the Defense Information Systems Agency's Multinational Information Sharing (MNIS) Design, Transition and Operate (DTO) contract, valued at more than $135 million. Focused on providing enhanced secure collaboration networks for coalition operations, the MNIS DTO contract is the vehicle for developing and fielding new collaboration capabilities for our warfighters. MNIS will collapse existing coalition stove-piped networks into a single fabric enabled by CHAIN's IA services and features.

Trusted Enterprise Service Bus
Raytheon partnered with the World Wide Consortium of the Grid (W2COG) to help advance technology for dynamic security policy. The W2COG established a multinational-coalition scenario that required finding and engaging a covert maritime threat thought to be bringing ashore a weapon of mass destruction. Raytheon contributed a Web service for unmanned aerial vehicle sensor data. The capability allowed an occasionally connected UAV sensor suite to provide data via an open-source lightweight service bus to authorized users over the command and control (C2) network. The project successfully "flattened" coalition networks and enabled data and service discovery via semantic interoperability.

The team developed a prototype Web service stack designed to enhance information processing efficiency and to execute dynamic "protect versus share" security policies. The prototype was composed of a trusted enterprise service bus (T-ESB) at the server end, and a trusted C2 Web portal on the service-consumer end. In this case, trusted meant that T-ESB assured authentication and authorization at Protection Level 4 (PL-4). The Web service stack included PL-4 government-furnished authentication and authorization services, UAV sensor services, and intelligent software agents that provided a valued information at the right time service. The VIRT service issued a browser pop-up message when geospatially enabled software agents detected predefined critical conditions.

The server was deployed at Hanscom Air Force Base in Massachusetts, and provided all of the services used during the demonstration. The coalition watch officers deployed to various international sites. Using registered single sign-on credentials to authenticate, users consumed authorized Web services transparently via Microsoft Internet Explorer® and Mozilla Firefox® Web browsers.

Authorization depended on attributes, such as national identity, mission role and emergent situation.

At the beginning of the demonstration, each of the participants was issued sign-on credentials. Separately, a command authority predefined which information resources could be made available to which categories of consumers through a set of policies. The policies recognized several operational states (normal, emergency and self defense) and established different rules for each state. Participants accessed C2 resources through a Web site set up for the exercise. The Web site hosted authentication and authorization services, and governed user access based on the user's credentials and the policy for the prevailing operational situation.

Definitions of Operational Security Policies
As the trial scenario unfolded, intelligent software agents within the VIRT service looked for suspicious activity by monitoring ship tracks, meteorological and oceanographic (METOC) warnings, and UAV sensor data. If a ship's track data indicated a sudden course change, or a change with respect to national flag, or increased speed as it approached the three-mile limit of the U.S. West Coast, the VIRT service delivered a pop-up message to the appropriate watch officer's browser.

In response to this notification of an emergency situation, the watch officer immediately used a point-and-click menu to set emergency security policy. Because the situation demanded that non-U.S. coalition platforms interdict the threat, the policy authorized specific non-U.S. platforms to access the C2 portal to view local track and sensor data — data that would be withheld under normal conditions.

During the interdiction, intelligent software agents noticed a coalition interdiction platform in imminent danger of entering a mine field depicted on a SECRET NOFORN METOC warning. Accordingly, the VIRT service delivered a pop-up message. The alert triggered the U.S. national watch officer to authorize the endangered foreign vessel for self-defense level of access. When the interdicting vessel avoided the hazard and intercepted the threat vessel, the coalition watch officer reset the security policy to normal.

In a June 2008 memorandum titled "Role-player after-action comments and observations," CWID sponsor feedback on the demonstration was overwhelmingly positive. "Each time the security policy was set to a different level, all users whose operating-picture views were supposed to change did see the appropriately updated picture … The VIRT concept combines the best features of 'smart push' and 'demand pull' information management processes to provide probably the best shared, managed, situational awareness we can create right now … Helped forward the development of access controls."

A logical next step was to test the capability with live data feeds — a test that took place in late February 2009 at the Naval Postgraduate School-SOCOM Exercise at Camp Roberts, Calif. The team successfully executed a follow-on experiment using Raytheon's Cobra UAV to demonstrate dynamic access control of the UAV's full motion video. As before, the dynamic policy engine provided secure authorization of network services based on user-provided, preapproved credentials, and successfully demonstrated emerging access-control technology.

The W2COG and Raytheon demonstrated their commitment and know-how to provide combatant commanders with state-of-the-art, secure, interoperable coalition data sharing.

Jerry Pippins
Contributors: David Minton, Paul Barré