special report – military messaging and secure information exchange software

Military Messaging and Secure Information Exchange Software

S p e c i a l R e p o R t

Collaboration, Coalition and Interoperability

The Fast Evolving Field of Secure Military Information

Dynamic Information Security

How Secure is Secure? The Role of Encryption

A Secure Future?

Sponsored by

Published by Global Business Media

SPECIAL REPORT: MILITARY MESSAGING AND SECURE INFORMATION EXCHANGE SOFTWARE


Global Business Media Limited 62 The Street Ashtead Surrey KT21 1AT United Kingdom

Switchboard: +44 (0)1737 850 939 Fax: +44 (0)1737 851 952 Email: [email protected] Website: www.globalbusinessmedia.org

PublisherKevin Bell

Business Development DirectorMarie-Anne Brooks

EditorMary Dub

Senior Project ManagerSteve Banks

Advertising ExecutivesMichael McCarthyAbigail Coombes

Production ManagerPaul Davies

For further information visit:www.globalbusinessmedia.org

The opinions and views expressed in the editorial content in this publication are those of the authors alone and do not necessarily represent the views of any organisation with which they may be associated.

Material in advertisements and promotional features may be considered to represent the views of the advertisers and promoters. The views and opinions expressed in this publication do not necessarily express the views of the Publishers or the Editor. While every care has been taken in the preparation of this publication, neither the Publishers nor the Editor are responsible for such opinions and views or for any inaccuracies in the articles.

© 2013. The entire contents of this publication are protected by copyright. Full details are available from the Publishers. All rights reserved. No part of this publication may be reproduced, stored in a retrieval system or transmitted in any form or by any means, electronic, mechanical photocopying, recording or otherwise, without the prior permission of the copyright owner.

ContentsForeword 2 Mary Dub, Editor

Collaboration, Coalition and Interoperability 3 Martin Sugden, CEO, Boldon James

IntroductionMilitary and Intelligence Communications SystemsSystems EvolutionFuture DirectionSummary

The Fast Evolving Field of Secure Military Information 7 Mary Dub, Editor

The Security Legacy of 9/11The Problem Impeding Good Intelligence AnalysisSeven Years Later Significant Progress Has Been AchievedA Shift in Thinking About EncryptionLosing Interoperability Through Leading From Too Far Ahead

Dynamic Information Security 9 Don McBarnet, Staff Writer

Software for InteroperabilityIncorporating Fourth Generation Collaborative Working into Network Centric WarfareSecure Collaborative WorkingMilitary Messaging: A Special Case

How Secure is Secure? The Role of Encryption 11 Mary Dub, Editor

Security LabelingPrivate and Public KeysThe British Codification of ACP 123 (B)The Need for ‘CLEAR’ When Speed Overrides Security

A Secure Future? 13 Don McBarnet, Staff Writer

The Partnership Route to SynergyThe Ministry of Defence in the UK Goes for Additional SecurityThe Report by the British Comptroller and Auditor GeneralThe Operation of Moore’s Law and the Speed of the Commercial Marketplace

References 15

WWW.DEFENCEINDUSTRYREPORTS.COM | 1

Military Messaging and Secure Information Exchange Software

S P E C I A L R E P O R T

Collaboration, Coalition and Interoperability

The Fast Evolving Field of Secure Military Information

Dynamic Information Security

How Secure is Secure? The Role of Encryption

A Secure Future?

Sponsored by


Foreword

SECUrE iNForMATioN exchange within

armed forces and between coalition partners

is a complex and highly political process. The

fundamental concept of network centric warfare

needs to be underpinned by the latest technique

in fourth generation collaborative working including

portability of data, real time messaging and working

together in an environment of trust.

This Special Report opens with an article that

looks at the importance of fast and unambiguous

communications to the success of military

organisations across the world and the role of

Military Messaging Handling Systems (MMHS) –

the infrastructure used to send and receive these

messages. The article goes on to describe the

features of MMHS, which go beyond the normal

commercial requirements of Confidentiality, Integrity

and Availability. The US Department of Defense

led the way in adapting Commercial Off-The-Shelf

(COTS) messaging platforms, selecting Microsoft

Exchange servers for carrying military message

traffic. In turn, Microsoft engaged Boldon James

to develop appropriate plug-ins to provide the user

experience needed by soldiers.

The 21st century threat environment in which

military security must work is described in the second

article. This environment is bedeviled by the need

for clear and codified standards within forces and

coalition members, who need to align their software

and legacy hardware to concurrent systems in an

atmosphere of mutual trust and cooperation. The

speed and volume of the current threat is surprising

and the modern and practical approach outlined by

General Bowman is salutary.

The third piece looks at the codification systems

agreed within NATO and some of their implications.

The fourth article looks at the knotty world of

encryption. While not having access to classified

information, it is almost impossible to make

judgments on the processes currently used. It is left,

however, to the Generals in command to lower levels

of encryption to enable greater access to needed

information in the battlefield.

It is always taxing to look over the horizon in any field.

To hazard a guess in the field of security is risky. What

is becoming clearer is that using COTS systems is a

strong trend and that developing bespoke software

in consortiums and partnerships, as always, can

provide cost effective synergy. While the commercial

market moves forward at a punishing pace, the cash

strapped military market must endeavor to make the

effort to keep pace and lower risk.

Mary DubEditor


2 | WWW.DEFENCEINDUSTRYREPORTS.COM

Mary Dub has covered the defence field in the United States and the UK as a television broadcaster, journalist and conference manager.



Secure Information

Exchange

www.boldonjames.com

Command Email

The Modern MMHS COTS Products Modern Standards Modularity Interoperability

Collaboration, Coalition and interoperabilityMartin Sugden, CEO, Boldon James

IntroductionFor the world’s military and Civil defence organisations, the last decade has been dominated by a series of major disasters, such as Hurricane Sandy, and the need to respond to the growth in Global Terrorism by coalitions of Defence forces and their associated Civil and Intelligence organisations. This heightened level of interoperability has meant that Warfighters and Intelligence experts have been faced with the difficulty of deciding what information they can safely share and then deploying systems that enable them to share it.

As large corporates communicate efficiently around the globe every day, the uninitiated user sees such interoperability as a simple task. “Don’t they just use Outlook?” is a common misconception; but in practice, it is extremely complicated.

This Paper will identify some of the key problems in providing Secure Information Exchange (SIE) and examine how these are being overcome.

Military and Intelligence Communications Systems Fast, unambiguous communication is critical to the success of military organisations across the

world and the infrastructure used to send and receive these messages is often referred to as a Military Messaging Handling System (MMHS).

Military communication is a 24/7 process, where the sender and receiver (or list of recipients) often do not know each other. User communities are deployed across a variety of different operational environments, each with unique characteristics: for example Low Bandwidth or Radio Silence. Failure is not an option, so, as requirements developed in the late 90s and commercial systems were deemed not to be up-to-scratch, system architects responded by developing standards to enable interoperability based on tried and tested technology such as X400. For example: • NATO standard STANAG 4406 covers

standard military messaging• Allied Communications protocols 145

defines international communications between NATO defence organisations as an X400 communication

In common with all IT systems, MMHS need to address data Confidentiality, Integrity and Availability; however an MMHS requires strengthened controls. Specifically, as a message is created, labels are applied to the message

Secure Information Exchange between Defence and Civil Organisations



Military communication

is a 24/7 process, where

the sender and receiver

(or list of recipients)

often do not know

each other.

based on the importance of the information being transferred and the speed with which the information needs to be actioned. Further descriptors are added providing details about the sender and the recipients. The system will then:• Prioritise delivery based on importance • Monitor response to high priority messages

to ensure that they are dealt with promptly or redirect that message to the recipient’s alternate (known as Flash messaging)

• Satisfy itself that the sender is allowed to send messages of that importance and that the recipient is also cleared to receive such information

• Check that the delivery mechanism has been accredited to the level of the data included in the message. This may often require encrypted networks to ensure that no outside party can read the message

• Decide if the data needs to be encrypted both in transit and whilst in the message store

• Ensure, normally by using digital signatures, that the recipient can be certain that the message has not been tampered with in transit and the sender can be sure that the recipient has received and read the message and cannot claim that they did not (termed Non-repudiation)

• Adapt the message to be communicated over the recipient’s system, for example a radio network or low bandwidth environment

All of this system activity must take place without user intervention; it must be a true ‘Fire and Forget’ environment. As mentioned earlier, messages are usually addressed to a particular role rather than to a person, partly because, in a 24 hour operation, a role is carried out by more than one person, but also because, in an intelligence environment, the identity of the sender and recipient may be secret. The receiver must be comfortable that they can trust the information, even though they do not know how or in which operational environment the intelligence was gathered.

As the sender and the receiver are disconnected, the system interrogates the message and decides which roles in the receiving organisation should receive that information. This is referred to as Profiling.

Systems EvolutionGiven this background, many countries historically chose to build bespoke solutions based on the traditional standards, but then quickly realised that the cost of maintaining and upgrading one-off solutions was prohibitive. In comparison, as commercial offerings (such as Microsoft Outlook) gained market share, their costs reduced and the functionality they provided expanded. Messaging

systems became specialised with dedicated communications centres and little integration with day-to-day business. Interoperability between bespoke solutions both inside an organisation and to other militaries or government departments required significant investment to convert data from one stove-pipe communications mechanism to another.

The US Department of Defence led the way in adopting Commercial Off-The -Shelf (COTS) messaging platforms, selecting Microsoft in preference to Lotus Notes as Microsoft Exchange servers provided the baseline X400 interoperability required for carrying military message traffic. Microsoft engaged Boldon James to develop appropriate plug-ins to give the user experience that soldiers needed. By 2004, military users could have a COTS solution that gave them the ability to carry out their normal business activities and send and receive military messages from the same desktop client

Standards setters have responded: NATO STANAG 4406, Annex F and the UK Defence standards (JSP457) require MMHS solutions to provide a graduated range of secure messaging sophistication, low to high, and in recent initiatives accreditors have allowed different grades of service on a common framework, assisting interoperability and helping to reduce costs. There is still the need to communicate in an agreed protocol (and that remains X400) but this requirement has been moved to the boundary of organisations and is carried out by Gateway devices that operate at the industrial speed required. Inside the organisation, users are really “just using Outlook”. The benefits of this change are that:• Total Cost of Ownership (TCO) is minimised

and reliability and robustness not available in bespoke solutions is achieved. Commonly-available applications such as Microsoft Outlook and Exchange server provide a rich vein of readily-available user and administrator knowledge and these systems can then be customised (with value-added 3rd party components) with minimal training for users and administrators. With defence programmes spanning 5-10 years, upgrade



Secure Information

Exchange

www.boldonjames.com

EMAIL LABELLING

Modular architecture High, Medium & Basic Grade Messaging Supports the latest Microsoft platforms Integrates with EDRMS systems Supports conformance to formal 'High Grade' military messaging standards

paths and solution ‘future proofing’ become far simpler, helping realise significant savings over a project’s lifespan

• Integration with other desirable technologies such as Digital Rights Management, Electronic Document and Records Management Systems and Document Management Systems such as SharePoint can be more easily achieved

• When all users operate in a single environment, with device controls that ensure that secret information is not shared with lower grade staff, the whole organisation can benefit from the enhanced management control achieved from labelling data.

As the user goes about their day-to-day business, archiving and data loss prevention tools can be configured to apply automatically the approved business rules. As a result, the organisation produces far less unstructured data.

One by-product of this move to COTS is that commercial and other government organisations have started to realise that adopting protective marking as part of their Data Management capability has reduced their costs and reduced their risk of Data Loss. The same plug-ins that help the military achieve their objectives are configured to help large commercial organisations apply their business processes.

Future DirectionGlobal austerity measures imposed in NATO countries mean IT systems are likely to have to do more for less for the foreseeable future. Part of the solution is sharing infrastructure and IT resources between organisations and departments whilst maintaining data security.

NetworksStove-pipe military networks will be subsumed into a Network of Networks. Examples are already materialising in the UK such as U.K. Public Services Network (PSN – http://www.cabinetoffice.gov.uk/content/public-services-network).

Network ProtocolsMMHS systems will fully adopt the SMTP protocol plus extensions described in RFC6477: ‘Registration of Military Message Handling System (MMHS) Header Fields for Use in Internet Mail’, resulting in a COTS SMTP based messaging backbone (readily supported by COTS email servers e.g. Microsoft Exchange Server).

Instant Messaging and chat systems will be utilised within an MMHS context. However, whilst technologies will evolve, security requirements will not; mobility requirements and features will also create additional challenges.

Authentication and Access ControlAuthentication and authorisation systems will support user access from any terminal, anywhere, on an approved network, possibly the Internet. Depending on level of assurance authentication,



The receiver must

be comfortable that

they can trust the

information, even though

they do not know

how or in which

operational environment

the intelligence

was gathered.

Attribute based Access Controls (ABAC) will determine what a warfighter can see based on credentials, location and access device. From a low side, network with a simple username/password combination will provide one view on the MMHS. A smartcard, from a coalition network will provide an enhanced view. Biometric devices may be used.

Consolidated SystemsWarfighters will have a single “dashboard” representing Command and Control (C2) systems, MMHS inboxes, EDRM systems, Instant Messaging chatrooms and conversations, all geo-location aware. It will be possible to search across all systems and they will ‘know’ about each other. For example, a Medical Evacuation request received via the messaging system will automatically update the Common Operational Picture with the location. An Emergency Responder not at their desk will receive an alert on their mobile devices. Such an approach is described in the Gartner Report – “The Emergence of Fourth Generation Collaboration Services” (http://www.gartnerinfo.com/pcc8lg/).

SummaryAs noted in a recent Armed Forces Communications and Electronics Association (AFCEA) article (see http://www.afcea.org/content/?q=node/10191), the emerging ‘digital natives’ are expecting to use mobile devices with all communication using “Everything over IP (EoIP)”.

Stove-pipe MMHS systems will continue for some time and non-government organisations and other government departments are likely to have no alternative communication capabilities available to them. These constraints are breaking down and MMHS are becoming far more integrated with, and based on, COTS pan-government messaging systems. These systems will provide all the inherent commercial and functional benefits thereof, and thus open the door to much closer integration with the C4ISTAR systems.

Contact:Boldon James 1 Westmere CourtWestmere DriveCrewe Business ParkCrewe, Cheshire CW1 6ZEUnited Kingdom

Tel: +44 (0) 1270 507800 Fax: +44 (0) 1270 507801http://www.boldonjames.com/



Secure Information

Exchange

www.boldonjames.com

LABELLING FOR OUTLOOK

WEB APP Enforce information assurance policies Raise user awareness of security policies Enhance data loss prevention (DLP) measures Prevent internal and external data leakage High level of browser compatibility

The Fast Evolving Field of Secure Military information Mary Dub, Editor

ThE CyBEr threat to 21st century secure information is dynamic and fast changing

as the quote from General Kehler illustrates. And there are other threats on the web. opposing forces use commercially available internet services and protocols to further their own interests. Extremists can and do use chat rooms, dedicated servers and websites. They use social networking tools as propaganda machines or as a means of recruitment and organization. And of course, the internet is used for significant fund-raising through cybercrime. These websites and other internet services are run by international terrorist groups, transnational cybercrime organizations, or individual extremists.2

The Security Legacy of 9/11These cyber threats are taking place in the context of significant changes in thinking about information security engendered by the 9/11 Commission. The review of evidence and weaknesses in the American security establishment advocated the replacing of the “need-to-know” information culture with a “need-to-share” culture. In order to transition to an intelligence information environment that emphasized the “need-to-share,” development of new procedures had to be matched with the development of a technical infrastructure that enabled actual information sharing.3 The commission took the concept further and pressured the President to take measures to improve information security handling. “The president should lead the government-wide effort to bring the major national security institutions into the information revolution. He should coordinate

the resolution of the legal, policy, and technical issues across agencies to create a ‘trusted information network.’”

The Problem Impeding Good Intelligence AnalysisThe purpose of secure information exchange was effective war fighting and critically, good intelligence analysis to defeat potential threats. So the 9/11 Commission highlighted what it considered to be significant impediments to comprehensive intelligence analysis: the “‘need-to-know’ culture of information protection,” rather than the need to share. What the commission highlighted was an organizational culture, prevalent across agencies, that supports disincentives to information sharing. As the report stated: “There are no punishments for not sharing information.” Finally, the report highlighted that the emphasis on security had led to the “over classification and excessive compartmentalization of information among agencies.”

Seven Years Later Significant Progress Has Been Achieved“This is not the same J-64 that existed before,” said Maj. Gen. Mark S. Bowman, USA, director

“Threats in cyberspace are anything but static, and a useful defensive strategy or

capability existing one moment may be ineffective mere seconds later, and improved

relationships and technical capabilities allow us to better understand the dynamic

cyber environment. Gaining this awareness and then acting quickly and effectively

requires improving the complex interagency and international relationships; we must

constantly evaluate relationships and operational constructs to address constantly

evolving threats”.

General C. Robert Kehler, USAF, Commander, U.S. Strategic Command1



The review of evidence

and weaknesses in

the American security

establishment advocated

the replacing of

the “need-to-know”

information culture with a

“need-to-share” culture.

of command, control, communications and computers (C4), J-6, and chief information officer (CIO), the Joint Staff. “It is very different.”5 What has changed? Interoperability is the general’s top priority, both across the services and among coalition partners. At the heart of this effort is the Joint Information Enterprise (JIE) program, which General Bowman says is making significant strides. “It’s not something that’s nice to have; it’s something we must have,” he declared. “We have to have interoperability baked in from the beginning in what we do.” How is this going to happen? The enterprise effort will see an increased emphasis on commercial off-the-shelf (COTS) equipment “that is interoperable from the get-go,” Gen. Bowman declared. “We have to be willing to accept 80 percent solutions today, implement them today, and then gradually evolve them over time, and we will end up with capabilities that we never dreamed of in the past.”

A Shift in Thinking About EncryptionGeneral Bowman agrees that different degrees of encryption may provide the best security for the fully interoperable coalition network. He points out that significant moves have been made to establish network security where not everything is given Type 1 encryption. For example, the general said commercial encryption may be good enough for perishable data. “If I get a call for fire or a

troops-in-contact report, why would commercial encryption not be good enough there?” he asks. “It’s all perishable data. If the bad guy is able to decrypt it in two weeks and figure out what the request was, that mission is long over [by then]. Whereas, the true benefit of commercial encryption is that we can give a radio to one of our coalition partners going out on a mission ... and we can coordinate intelligence as we go through an operation with a coalition partner. If we receive intelligence that changes the situation on a battlefield, we can get that information to partners so that they can change the way they are going to approach their particular operation.”

Losing Interoperability Through Leading From Too Far AheadAn important issue with coalition interoperability is for the United States not to modernise and therefore exclude coalition allies with less up-to-date equipment and smaller modernisation budgets. General Bowman’s approach is to include the interoperability idea from the beginning: standard setting must be done carefully, the general warns. “If we decide a standard, and coalition partners procure equipment [accordingly] to be interoperable, and then we decide to change the standard tomorrow, that causes us not to be interoperable and [a partner country] to have to play catch- up with a much smaller budget and a much longer reaction time.”



Secure Information

Exchange

www.boldonjames.com

SHAREPOINT LABELLING

Classify any type of file or document Raise user awareness of security responsibilities Enforce information assurance policies Improve data loss prevention (DLP) measures

Dynamic information Security Don McBarnet, Staff Writer

NATo STANDArD agreements, STANAGs, have been developed to confront the

daily need to maintain security against a vigorous cyber at tack, yet ensure interoperability with coalition partners. They are regularly updated. STANAG 4406 is the NATo Standard for formal military messaging, replacing the older ACP 127 specification. Used for both Strategic and Tactical messaging, STANAG 4406 has a number of special protocols to support tactical messaging, in particular to support very low bandwidth links such as hF radio (STANAG 4406 Annex E) and to support receivers in Emission Control (EMCoN) mode who can receive but not send data7. Some of the leading providers of STANAG 4406 compliant equipment and software partner to produce both secure, but interoperable CoTS-based equipment for maximum interoperability and security and ease of application across coalition partners. For example, isode recommends the SAFEmail.mil MM-UA product from its partner Boldon James, which is based on Microsoft outlook. This product includes an X.400 P7 plug-in for outlook, which enables it to connect directly to M-Store X.400, and function according to the STANAG 4406 architecture. The Boldon James outlook client solution also includes Enterprise Address Book, which enables secure client access over LDAP to data isode’s ACP 133 directory.

Software for InteroperabilityThe market for software and systems to ensure interoperability and security across recent installed, but not current systems is robust. National variants on the ACP (Allied Communications Publication) 123 and STANAG 4406 specifications have led to a situation where interoperability between national MMHS

(Military Message Handling Systems) systems is not guaranteed. ACP 145 has been defined in order to overcome this problem, and is a complete protocol definition for international inter-working. The ACP 145 specification has led to a requirement for “ACP 145 gateways”, which convert between the national variants of MMHS and ACP 145. M-Switch can be deployed as an ACP 145 Gateway, including support for Security Labels and Message Digital Signatures. Isode’s ACP 145 solution can also be deployed in conjunction with MIXER, to enable a national network using SMTP and S/MIME to be connected using ACP 145.

Incorporating Fourth Generation Collaborative Working into Network Centric WarfareThe military adoption of fourth generation online-networked collaborative working is a natural communication environment for today’s younger soldiers, though perhaps not for the senior officer corps. What does this mean for network centric warfare? Using over simplistic language, everything is connected to enable all players to communicate and share information. A wide mix of technologies and components is involved. High-speed data links are utilized where possible. Many applications are used, from core traditional components such as formal messaging and situational awareness, to new applications such as Video Teleconferencing, Voice over IP, Instant Messaging and Presence. Most significant is the move to IP (Internet Protocol), which is used everywhere. IP is the single network technology to be used throughout.

Secure Collaborative WorkingA strong example of secure collaborative working is the use of multi user chat rooms (MUC) and federated multi user (FMUC) rooms. These allow

“The current situation, where DOD computers receive some 6 million threatening

probes each day, is like a missile being fired into U.S. airspace with no radars to see it.

Today, we are in the forensics mode. When an attack occurs, we are told about it after

the fact.”

Army Gen. Keith B. Alexander, Director, National Security Agency (DIRNSA),

Chief, Central Security Service (CHCSS) and Commander, United States Cyber

Command (December 2012)6



With ordinary email

there is a very low

level of assurance that

a message has been

received whereas in

military messaging that

level of assurance is

much higher and often

needs to be guaranteed.

instant messaging between platforms in theatre where other modes of information exchange are slow or outdated. The core FMUC works in a completely symmetrical and distributed manner, which is highly efficient and supports operation over network breaks. One consequence of this is that MUC users in different locations may see messages arrive in a different order. Where FMUC is deployed over fast reliable networks, it can be operated in a “Single Master” mode, where one FMUC node is treated as the master. All messages must flow to the master and then back to the other nodes. This mode increases traffic and prevents disconnected operation. However, the single master enables message ordering such that all clients will see messages in the same order. This mode of operation may be preferable for some deployments over fast networks.8

Military Messaging: A Special CaseMilitary messaging has many parallels to civilian operations, but the safeguards required are of a higher order and therefore more formal. The New Zealand procurement of a new system

makes the point. Defence forces use Military Message Handling Systems for a number of reasons. Military Messaging is a more formal communications process than email and with it comes a higher service element. For example, with ordinary email there is a very low level of assurance that a message has been received whereas in military messaging that level of assurance is much higher and often needs to be guaranteed. Military Message Handling Systems are used for correspondence between allied countries, in both operational (deployed) and non-operational environments. Squadron Leader Paul Drysdale, Project Manager for the Military Messaging System said, “The solution which Fujitsu presented was exactly what we were looking for. Fujitsu re-located personnel from the UK, who had worked on the UK Ministry of Defence project, to architect the system and train staff locally.”9 As Major Paul Foster (UK) makes clear in his codification of ACP123 (B) a formal military message is a message sent on behalf of an organization, in the name of that organization, that establishes a formal commitment on the part of that organization, and that has been formally released in accordance with the policies of the originating nation. This has a number of additional consequences where there are requirements for Non-receipt Notification Request Indication. This MM (Military Message) element of service allows the originator to ask, on a per-recipient basis, for notification if the message is deemed unreceivable. It is also necessary to convey the level of military precedence of a message. For example, commonly used categories are deferred (0) routine (1) priority (2) immediate (3) flash and (4) override (5).



Secure Information

Exchange

www.boldonjames.com

STANAG 4406 COMPLIANT MESSAGING

Role Based Fire & Forget: Assured email delivery Proven in military environments worldwide Extends to low bandwidth SMTP and /or X400

how Secure is Secure? The role of Encryption Mary Dub, Editor

ThE CoNCEPT of security is both nebulous and relative. The balance between security

and access has to be negotiated. As the 9/11 Commission pointed, out there are costs in terms of access and analysis of intelligence to excessive inappropriate security and, as Gen Bowman10 points out, there is value in the battlefield, to using simple commercial encryption methods for time-restricted data that only needs limited encryption. The military has its own standard iSo/iEC 27001. This standard requires that organisations systematically examine their information security risks, taking account of the threats, vulnerabilities, and impacts. it also designs and implements a coherent and comprehensive suite of information security controls and other forms of risk treatment (such as risk avoidance or risk transfer) to address those risks that are deemed unacceptable.

Security LabelingWriting as a generalist in a complex and classified area, some of the information used in this article may be simplified or reflective of the recent past. Many encryption systems employ a process of access control using security labels and security clearance. How does this work? The basic mechanism of security labels is familiar. Documents are labeled with a classification, such as “Confidential”, “Secret”, or “Top Secret”. This security label will be clearly visible on the document. People are given a clearance, using the same scheme. For example, someone may be cleared to “Secret” level, meaning that they can read documents “Secret”, but not a document labeled “Top Secret”. Security labels on documents are just one aspect of the model, as a security label can apply to any information. In discussions, generic information such as the role of a person can be labeled as “Secret”. Security labeling is a practical scheme. There are three types of labeling: restrictive, where the user must have clearance for all values of the category set in the label. This is useful to apply a number of additional controls. Secondly, there is permissive, where the user must have a clearance for one of the categories set in the label. This could be used

where information is cleared for several countries (indicated in the label) and a user needs to be cleared for at least one of these. Finally, there is the informative category. The information in the label is made available to the user, but is not checked against clearance. Of course the security policy defines how security labels are matched against security clearance. Security policy is defined by two standards. These standards are: X.841.”Security techniques – Security information objects for access control”, published by the ITU (International Telecommunications Union). There is also SDN.801. “Access control concept and mechanisms”, published by the US National Security Agency. These two standards have broadly similar capabilities, but are not compatible. The benefit of using a standardized SPIF (Security Policy Information File) is that it enables Security Policy information to be shared between implementations from different vendors.

Private and Public KeysAs a generalist writer working in the field of encryption, it would be a mistake to talk in specific terms about how encryption works. But I can note a technique called “asymmetric cryptography”. The central components of asymmetric cryptography are public and private keys. The key pair system comprises a ‘public key’ and a ‘private key’, which are both very large numbers.

The key pair is generated using special techniques from two very large randomly generated prime numbers. There can be a high level of confidence that every key pair is unique. A private key can be used by the owner to create digital signatures that are unique to the owner of the private key. A private key can also be used (typically employing a complex mechanism) to decrypt documents, and it can be guaranteed that only the holder of the private key can decrypt the document. The public key can be published and shared widely. There is no requirement to keep it secret. This is the unique and useful property of asymmetric cryptography. A public key is used to verify the digital signature created by the associated private key. A public key can also be used by anyone to encrypt a document, such that only the holder of the private key can



decrypt it. Underpinning the whole debate about encryption and security and related also to the private and public key debate is the looming issue of trust. Trust is integral to any type of joint and coalition warfare, but under stress is often marked by its absence. Trust between established allies for example, the English speaking nations of Canada, the United States, the United Kingdom, Australia and New Zealand is frequently more pronounced and practiced than among the newer NATO members who may bring language difficulties and Soviet legacy equipment into the trust and encryption balance.

The British Codification of ACP 123 (B)Major Paul Foster in his descriptive codification of ACP 123(B) makes the system clearer. He describes how the system works: “This Military Message element of service allows the originator to indicate to the recipient that a particular body part of the message being sent has been encrypted…Bilateral agreements concerning the algorithm used for encryption and decryption must be agreed upon by the originator and recipient(s) before this service is used. Support for originating the encrypted indication shall be optional. However, if the indication is present, it shall be displayed to the recipient.”

The Need for ‘CLEAR’ When Speed Overrides SecurityThe value “CLEAR” in the privacy-mark field of a MM (Military Message), in conjunction with an appropriate military value in the security-policy-identifier field, is used to represent the clear service. The clear service is defined to be messages of any classification except TOP SECRET. This is of value in tactical operations, where the speed of delivery is so essential that time cannot be spared for encryption and the transmitted information cannot be acted upon by the enemy in time to influence current operations. In such cases, transmission ‘in the clear’ must be authorized separately for each message.

A public key is used

to verify the digital

signature created by the

associated private key.

A public key can also

be used by anyone to

encrypt a document,

such that only the holder

of the private key can

decrypt it.

Secure Information

Exchange

www.boldonjames.com

Command Email

The Modern MMHS COTS Products Modern Standards Modularity Interoperability



Secure Information

Exchange

www.boldonjames.com

EMAIL LABELLING

Modular architecture High, Medium & Basic Grade Messaging Supports the latest Microsoft platforms Integrates with EDRMS systems Supports conformance to formal 'High Grade' military messaging standards

A Secure Future? Don McBarnet, Staff Writer

LooKiNG ovEr the horizon in the field of military software is hazardous. it would

be a mistake to underestimate the dynamism and level of complexity involved in constantly updating software to meet the latest challenges of 21st century network security. Coalition military messaging security is subject to rapid change in the face of alterations in theatre or the nature of operations. An operation offering humanitarian assistance requires speed and access to good communications where there may be lack of access to the internet, but where high Frequency radio is available. Conversely operations in Afghanistan or south Asia may require no emissions of messages, but the intelligence information may need to be secure. Software in an age of austerity has to be bought and used in an environment where cost effectiveness is a key priority and well tested commercial systems are preferred, rather than bespoke systems with long lead times and high potential acquisition costs and fail rates. The ubiquitous Microsoft Windows system, for example, which is the standard in much business life, has also become the standard in military communications, because it reduces training time for soldiers and offers easy access to all coalition partners with useful additional bespoke features added by specialist military security partnerships.

The Partnership Route to SynergyFor example, in late December 2012, Boldon James and Egress Software Technologies announced a strategic partnership to address the problem of how to ease access to classified information and provide the relevant level of security to data when exchanged with third parties. Neither the classification nor data encryption concepts were new. However the challenge was to sidestep the issues of interoperability and ease the process of use. How might this work? The new classifier ensures users think about the value of information they manage by requesting that users classify data at the point of creation or send and the classifier adds metadata to documents and/or emails that are created within the organisation. Once data has been classified it is much easier for an organisation to understand the levels of security required when sharing it with third parties.

The Ministry of Defence in the UK Goes for Additional SecurityThe Ministry of Defence in the UK has 300,000 users using over 500 separate software applications. It has recently extended its licence to Boldon James’ SAFE mail for secure information exchange solutions that have been in use over 10 years by the British MoD. The MoD has now extended this capability to cover the



whole of the secure network developed for them by the ATLAS Consortium as part of the Defence Information Infrastructure (DII).

The Report by the British Comptroller and Auditor GeneralWhile secure information is being provided in one part of the British MoD, more rigid thinking about the role of new software and fourth generation collaborative systems is still a hallmark of thinking in various Whitehall ‘silos’. The House of Commons Comptroller and Auditor General Report on “Information and Communications Technology in government”11 illustrates how many leading thinkers in the British Whitehall do not yet understand the dynamic and fast changing nature of the use of the internet and fourth generation collaborative applications. “The ICT profession across both private and public sectors is immature in comparison to traditional professions such as medicine, law or accountancy. There is no core set of recognised qualifications and a very wide variety of entry points into the profession. This has made it harder for those in the senior civil service without ICT experience to understand the full value that the profession can deliver. The Cabinet Office has faced difficulties in professionalising ICT. The introduction of the Skills Framework for the Information Age has been a helpful step forward, but there has been no clear mandate to implement it. Progress has therefore been slow. The lack of management information on the real status, capability and capacity of the government ICT workforce has not helped to develop the case for change.” The pointed phrasing and the distrust and misunderstanding about the nature and use of collaborative Internet applications are glaring.

Similarly, the generation gap between so- called ‘digital natives’ or Generation Y and the non-digital natives who have thought leadership positions in Whitehall is paralyzing. As the report so aptly puts it:”The right balance between wider strategic and business skills, and specialist commercial skills or purely technological knowledge, may not have been achieved. This has affected government’s performance as an intelligent customer of complex ICT systems.”

The Operation of Moore’s Law and the Speed of the Commercial MarketplaceFor any military procurer of ICT systems or software, it is imperative to keep one eye firmly on the commercial market, with the other on the wallet. The speed of generational change in the commercial world is punishing and it is now an acknowledged truism that insurgents are using cheaply available systems and high quality innovative software and skills rather than the more complex systems. As a recent Gartner report on Fourth Generation computing highlights12 the characteristics of Gen4 services include the mixing of consumer and business collaboration services; the ability to combine premises-based and cloud-based resources; an emphasis on real-time collaboration; the use of social network analysis tools; inherent mobility services; a mixing of personal and business activities; an emphasis on open integration; intra enterprise collaboration; and data portability. This is quite an intimidating list for a non digital native, but for people for whom life is lived on the move with their smart phone, this kind of capability can only enhance the concept inherent in network centric warfare in a radically faster and more immediate way.

The speed of

generational change in

the commercial world

is punishing and it is

now an acknowledged

truism that insurgents are

using cheaply available

systems and high quality

innovative software and

skills rather than the

more complex systems.



references:1 Witnesses at the Senate Armed Services Committee

http://www.iwar.org.uk/cgi-bin/dada/mail.cgi/archive/infocon/20120327214328/Mon Dec 31 18:29:46 2012

2 CRS Report for Congress Received through the CRS Web ‘Information Sharing for Homeland Security: A Brief Overview Updated January 10, 2005’

Harold C. Relyea Specialist in American National Government and Finance Division, Jeffrey W. Seifert Analyst in Information Science and Technology

Policy Resources, Science, and Industry Division

3 CRS Report for Congress Received through the CRS Web Information Sharing for Homeland Security: A Brief Overview Updated January 10, 2005

Harold C. Relyea Specialist in American National Government and Finance Division Jeffrey W. Seifert Analyst in Information Science and Technology

Policy Resources, Science, and Industry Division

4 J-6 is the Directorate for Command, Control, Communications and Computer Systems

5 http://www.afcea.org/content/?q=node/10191 Not Your Father’s J-6 October 1, 2012 by Robert K. Ackerman

6 Witness before the Senate Armed Services Committee

http://www.iwar.org.uk/cgi-bin/dada/mail.cgi/archive/infocon/20120327214328/

Mon Dec 31 18:29:46 2012

7 ISODE website

8 ISODE website

9 Fujitsu New Zealand http://www.fujitsu.com/nz/interaction/archives/2006/200605-03.html

10 MAJOR GENERAL MARK S. BOWMAN, USA, DIRECTOR, COMMAND, CONTROL, COMMUNICATIONS AND COMPUTERS, JOINT STAFF, J6

11 Report by the Comptroller and Auditor General HC 757 Session 2010–2011

17 February 2011 Information and Communications Technology in government

12 (http://www.gartnerinfo.com/pcc8lg/). The Emergence of Fourth-Generation Collaboration Services inby Matthew W. Cain



Defence industry Reports… the leading specialist combined

online research and networking resource for senior military and defence industry professionals.

• UptotheminuteIndustryandTechnologyNewsandothercontentavailable to all site users on a free of charge, open access basis.

• QualifiedsignedupmembersareabletoaccesspremiumcontentSpecialReports and interact with their peers using a variety of advanced online networking tools.

• Designedtohelpusersidentifynewtechnicalsolutions,understandtheimplications of different technical choices and select the best solutions available.

• ThoughtLeadership–Adviceandguidancefrominternationallyrecogniseddefence industry key opinion leaders.

• PeerInput–Contributionsfromseniormilitarypersonnelanddefence industry professionals.

• IndependentEditorialContent–Expertandauthoritativeanalysisfrom award winning journalists and leading industry commentators.

• UnbiasedSupplierProvidedContent.

• Designedtofacilitatedebate.

• Writtentothehighestprofessionalstandards.

Defence Industry Reports….the

leading specialist combined

online research and networking

resource for senior military and

defence industry professionals.

• Up to the minute Industry and Technology News and other content available to

all site users on a free of charge, open access basis.

• Qualified signed up members are able to access premium content Special

Reports and interact with their peers using a variety of advanced online

networking tools.

• Designed to help users identify new technical solutions, understand the

implications of different technical choices and select the best solutions

available.

• Thought Leadership - Advice and guidance from internationally recognised

defence industry key opinion leaders

• Peer Input - Contributions from senior military personnel and defence industry

professionals

• Independent Editorial Content - Expert and authoritative analysis from award

winning journalists and leading industry commentators

• Unbiased Supplier Provided Content

• Designed to facilitate debate

• Written to the highest professional standards

Visit: www.defenceindustryreports.com

special report – military messaging and secure information exchange software

Documents

special casehow secure

information visit

don mcbarnet

r e p o r tcollaboration

british comptroller

staff writersoftware

copyright owner

editorthe security legacy