Software suite allows message traffic across domains, security levels.
Sharing classified and sensitive information during coalition operations such as this joint U.S. and Peruvian naval exercise is difficult because of differing security protocols. The Cross Domain Collaborative Information Environment (CDCIE) is
a software architecture with a bundled suite of applications that allows secret- and nonsecure-level text and database information to be transmitted between different national computer networks.
The Cross Domain Collaborative Information Environment (CDCIE) is designed to meet combatant commanders’ near-term needs to share data with a variety of networks operating at the secret level and below. Created by the U.S. Joint Forces Command’s (JFCOM’s) Joint Futures Laboratory,
While the CDCIE was developed to overcome difficulties in multinational information sharing between coalition partners, the software also eases data transfer between the various branches of the U.S. Defense Department, U.S. government civilian agencies, state and local emergency responders and nongovernment organizations. “We need to share information in the way we’re expected to conduct operations with all of those partners,” relates Lt. Col. Edward McLarney,
Security is a key challenge to sharing data between organizations because information resides on a variety of classified and unclassified networks. Transferring classified messages in a multinational environment is especially difficult because of differing national security protocols, says Skip Hiser, technical director, capability engineering, J-9.
The CDCIE is a guard and gateway technology that provides an interface between networks of varying classifications. In November 2006, the program completed its first phase by receiving a National Security Agency (NSA) certification for a collaborative text chat capability. This application includes a language translation system that allows text communications between different multinational networks.
Hiser says that the program’s follow-on phases will provide a Web services guard, assured file transfers, a whiteboard capability and e-mail with attachments. The CDCIE also will include a redaction tool that will scrub documents to remove any hidden information. He cites the example of the track changes capability in Microsoft Word. “When you exchange documents, you want to make sure all the tracked changes are eliminated from a document so there isn’t any sensitive information left. This redaction tool that we’ve developed actually scrubs that information out of the document so that you have a clean file,” he says.
With the NSA certification, Col. McLarney notes that the chat capability now can be deployed to warfighters in the field. In the 2007 fiscal year, the CDCIE program will begin certification testing and evaluation for the whiteboard capability that will be bundled into the text chat function. The colonel explains that the whiteboard application will allow users to circle and illustrate information collaboratively on maps across networks while communicating via text.
JFCOM also plans to evaluate the Web services capability this year. The colonel explains that this capability allows different types of database and other application data to be transferred between networks. “As long as you can define the information that you want to send in a well-defined XML [extensible markup language] format, the Web services format will allow information to go from one network to another,” he shares.
The CDCIE guard format differs from traditional proprietary point solutions because it allows for a set of core capabilities that can have additional applications added to them. Instead of maintaining a variety of security applications, the CDCIE provides a suite of tools built around a common technology. It also uses open standards based interfaces to provide enhanced interoperability. Col. McLarney notes that this plug-and-play capability prevents end users from having to purchase a software-specific client tool.
An advantage of using open standards, such as XML, is interoperability with software built on the same architecture. The CDCIE chat tool was recently used in the Strong Angel III disaster response exercise (SIGNAL Magazine, November 2006) in
JFCOM is coordinating with several organizations to ensure that the suite meets a variety of standards and interoperability requirements. The program is working with U.S. Forces Japan to demonstrate text chat with language translation between
The CDCIE is designed as an architectural framework that allows users to plug and play among different applications. “It’s not a single-box solution,” Hiser says. As the technology evolves, the various guards, gateways and applications can be replaced or updated. For example, he notes that if there is a significant need for collaborative applications such as Groove or Microsoft Live Meeting, the architecture can alter the chat clients to interface with the gateways and guards. Hiser adds that the CDCIE’s focus is to develop a capability based on nonproprietary standards, which allows the system to evolve to meet changing needs.
|Because it is a suite of software tools, the CDCIE can be employed by individual application. These applications will be issued to warfighters as soon as they are ready. Able to work across national networks, the CDCIE will help speed communications and collaboration during multinational exercises such as this joint U.S.-Australian event.|
The Web services application allows data to be moved between networks of different classifications, such as the nonsecure Internet protocol router network (NIPRNET) and the secret Internet protocol router network (SIPRNET). The colonel says the advantage of this system is that it is no longer necessary to maintain two separate databases, often requiring the same information to be manually entered in both systems. The colonel notes that synchronization issues can occur if new or updated data is loaded into one network but not the other.
Another application under development is a chat tool designed specifically for Web browsers. The CDCIE’s current client system, which is ready for deployment, can be downloaded easily and used on any computer. The idea behind the browser-based tool is to enhance ease-of-use by permitting browser-to-browser communications without the need for installing additional software. However, he emphasizes that the CDCIE’s core is its guards and gateways, not the client applications.
The CDCIE’s current focus is to share information at the levels of secret and below. The package will allow users to share information between systems such as the NIPRNET and the SIPRNET. Hiser notes that there are administrative processes designed to clear information shared between domains, but that the CDCIE is focusing on the technology to expedite data transfer.
JFCOM is working with several open-source operating systems such as secure Linux to provide enhanced interoperability. Hiser explains that the open-source architecture also provides the CDCIE’s designers with greater flexibility to meet user requirements.
Because it is a suite of software applications, the CDCIE is designed for hosting on many military servers where warfighters can download the tools to their computers. Col. McLarney explains that the guarding and gateway capabilities would reside in certain key computing facilities around the world, and the client applications such as the chat and whiteboard tools could be downloaded via a user registration process.
JFCOM is working with the combatant commands and the Defense Information Systems Agency to allow them to use the core CDCIE technology as an enterprise service across their domains. The colonel notes that a key to the success of the chat function is the partnership with the NSA. He explains that the agency was involved in the technology’s development from the beginning to help determine the necessary security components and system design. A key result of this partnership is that the chat tool passed its evaluation tests without difficulty.
The program is working out additional security issues by participating in coalition exercises and events. Hiser explains that this interaction gives Defense Department designers an understanding of security crime issues from the perspective of coalition partners. “We not only have to meet our security requirements, but to collaborate successfully with our allies and coalition partners, we also have to understand their security requirements,” he says.
To maintain security interoperability, JFCOM is coordinating with several multinational security working groups as part of its experimentation and development efforts. The program also is participating in the U.S. Navy’s Trident Warrior exercise, which includes coalition and allied partners. Hiser explains that in Trident Warrior, the software must communicate across several multinational domains and that all the participants must be aware of each other’s requirements for collaboration.
Col. McLarney notes that the Web services guard and the whiteboard application will go through NSA certification evaluation in the summer and are scheduled to be ready for deployment in the fall. The colonel anticipates additional tools such as assured file transfer and e-mail with attachments to begin entering service in 2008.