Bolstering Information Sharing Through The Cross-Domain

November 2005
By Adm. Leighton W. Smith Jr., USN (Ret.)

Data analysis continues to prove difficult in multilevel security realm.

Accredited, tested solutions could allow military decision makers and intelligence analysts to access information and make decisions simultaneously using information that resides in multiple security classifications. However, although the U.S. Defense Department is moving forward to address information-sharing challenges, it has encountered difficulties in proving and certifying these technologies in a testbed environment.

In military command posts today, decision makers and analysts frequently are required to leave their command centers and walk to a different workstation or facility to see all of the data pertinent to their mission. As the amount of relevant, time-sensitive data increases, so too does the need for streamlined data analysis.

The need for on-demand analysis has existed ever since computing technology became a predominant feature in war rooms. In Bosnia, for example, the NATO-led coalition had a variety of partners who had different levels of access to classified information. Further, many of the partner countries, such as Bangladesh and Poland, did not have the information technology assets to facilitate data exchange. The combination of various access levels and lack of equipment created a situation where critical information was not always available to the commander, nor could instructions be sent to units in a timely manner. In several areas, separate facilities were required even though partner countries were co-located.

The resulting delays in getting the information needed to conduct analysis or provide warnings created compromising situations. For instance, a critical information shortfall occurred even before NATO forces went into Bosnia. Just prior to the shoot-down of Capt. Scott O’Grady, USAF, in 1995, information was available at the combined air operations center (CAOC) that could have provided critical warning to the pilots. This information was not immediately available to the CAOC commander because the station that received the information was not co-located inside the center. Because critical information was not passed to the pilots, the United States lost an aircraft and a pilot nearly lost his life.

Although Bosnia and the Capt. O’Grady shoot-down occurred 10 years ago, the required physical separation between decision-making warfighters and their data resources remains. There is no way to access data on the secret Internet protocol router network (SIPRNET) without clearance through a personal computer. The information environment created by the spread of the Internet has led to daily situations where terabytes of data must be processed.

Another factor adding to the information analysis conundrum is the continued reduction of U.S. forces. Cmdr. Michael G. Larios, USN, is the chief of information technology systems operations at the Joint Transformation Command–Intelligence (JTC-I), U.S. Joint Forces Command (JFCOM), Norfolk, Virginia. He explains how he believes force reduction will affect information sharing. “U.S. forces will be increasingly reliant upon allies and coalitions. This greatly increases the vital need not only to share a common operational picture within coalition forces but also to operate in a common operational environment. Against ever-agile threats, it is becoming [necessary] to share operational information quickly across numerous classification domains, contributing to the paradigm shift within the U.S. Defense Department and intelligence communities from need-to-know to need-to-share,” he states.

To address the dynamic information analysis today’s war environment demands, the Department of Defense Intelligence Information System (DoDIIS) community has been tasked with advancing capabilities. Multilevel thin-client enterprise and cross-domain solutions, currently being deployed throughout the Defense Intelligence Agency (DIA) and the nine unified commands, are streamlining intelligence applications to reduce redundancies throughout military operations worldwide. Additional advancements with cross-domain solutions are being tested at the DIA, the JTC-I and the U.S. Pacific Command to create a multilevel secure environment to improve information analysis and dissemination.

One major effort the DoDIIS community has undertaken is the aggregation of the information technology operational centers located in Stuttgart, Germany; Tampa, Florida; DIA headquarters, Washington, D.C.; Colorado Springs, Colorado; and Makalapa, Hawaii. The five regional service centers will be designed to serve defense intelligence communities worldwide and will achieve new levels of redundancy and standardization in information technology infrastructure. Applications will be universal, allowing an analyst to travel around the world and use a universal identification password, which will reduce the time required to get up to speed.

On the cross-domain side, the challenge is more difficult. Information transfers between classified and unclassified networks are still done through some sort of physical method: either using one-way optical connections or “sneakernet.” This was the problem encountered in Bosnia. While physical separation offers information security, it does not scale well as the number of security domains increases. More importantly, data analysis and the delivery of actionable knowledge are often delayed by these physical separation processes.

Michael Pflueger is the chief information officer of the DIA and DoDIIS and has been responsible for streamlining and strengthening the military intelligence information technology enterprise. He says that the major barrier to true cross-domain connectivity is that the Internet is one of the primary information sources. “That’s the biggest barrier. I can build trusted systems. I can accredit them for everything except those things that touch the unclassified world. The threat of the Internet is just so large that we need to figure out how to address it,” he states.

Without a doubt, the next five years will see a dramatic transformation of the U.S. government’s information management and knowledge-sharing capabilities. Organizations such as the DIA and JFCOM will have a hand in this transformation. In many ways, information management and the utilization of technology are the reasons the Defense Department and the intelligence community are keeping pace with the demands of today’s operational tempo.

But there are chinks in the armor when it comes to viewing critical data and numerous cross-domain levels of security. “I don’t believe that we’ll ever get to a multilevel secure system where you can sit down at a workstation and it doesn’t matter what [security] classification you are,” Pflueger says.

The DoDIIS community continues to work toward achieving cross-domain connectivity with its five regional service centers. “I think we can build an architecture—such as the DoDIIS Trusted Workstation [DTW] and more heuristic guards—and make it feel like it’s multilevel secure,” Pflueger adds. “That’s one of our approaches. You log onto a DTW now, and you have five Microsoft Windows up, but you can’t really tell what security domain you are in except for the color of the screen. That’s appealing.”

The DTW (SIGNAL, October 2004, page 21) met a longstanding need within the DoDIIS community for analysts to work simultaneously in multiclassification environments and to move information easily between domains, enhancing information exchange. Although there are now between 6,000 and 8,000 DTWs worldwide, the need to integrate unclassified Internet information into the DTW remains the big challenge for cross-domain integration, and that is where the defense community has focused its attention.

“The global terrorist threat has a large data set that is available on the Internet and can be exploited,” Pflueger says. “I would like to do it from my analyst workstation rather than having to log onto another workstation. We are looking at technologies like IBM’s Webfountain, which sucks up everything on the Web, but we are still forced to do things in one-way transfers from the unclassified world to the all-source analytical world. Right now, they are done through some sort of medium—either using one-way optical connections, dumping the tape to some sort of media or hand sneakernet, and that’s just ugly.”

DoDIIS has contracted the U.S. Air Force Laboratory, Rome, New York, to be the sensitive compartmented information (SCI) cross-domain system oversight. The laboratory’s mission is to find out what technologies exist and report the state of the cross-domain world from the SCI perspective to the DoDIIS community. From there, the JTC-I will run cross-domain solutions to test how they work in a unified command environment.

Currently, two processes govern accreditation. The first is Secret and Below Interoperability (SABI), which falls under Defense Information Systems Agency oversight. SABI is integrated with the Defense Information System Network Security and Accreditation Working Group, the body that accredits multilevel security programs, and follows the Department of Defense Information Technology Security Certification and Accreditation Process. The second process involves Top Secret and Below Interoperability (TSABI), which the DIA oversees. The SABI and TSABI processes are similar except that the latter occurs through the Defense Intelligence Community Accreditation Support Team. The technical requirements for these certifications differ and pose some additional technical issues when used to try to satisfy both worlds.

Small, innovative “tailgater” cross-domain solution companies have an arduous and costly process to overcome when introducing innovations. They must be able to prove themselves to a maze of information assurance and security organizations—far more stringent than Microsoft—so that the cross-domain solution will not compromise critical classified information.

The JTC-I is postured to assess and test joint intelligence solutions for warfighters. Led by Capt. Susan M. Chiaravalle, USN, commander, JTC-I, and Bonnie Cyr, chief information officer, JTC-I, the command’s cradle-to-grave approach of gathering lessons learned, developing or assessing prototypes and testing the solutions then developing training curriculum ensures that joint task forces have relevant doctrine, information technology solutions and communications.

Cmdr. Larios is the JTC-I lead for cross-domain solution evaluation and is plowing new ground in rapidly assessing interfaces between information domains. “The DIA is evaluating several potential solutions to integrate unclassified domains into the DoDIIS trusted workstation today,” Cmdr. Larios says. “There have been several small companies that have focused significant resources toward solving this problem, including Trusted Computer Solutions, Maxim and others. JTC-I is coordinating within JFCOM to evaluate the potential applicability of the technologies to the rest of the Defense Department/joint community. The DIA’s approach also puts the already TSABI-accredited DTW system through National Security Agency testing for SABI accreditation. The DIA will then combine the DTW with one or more of the other SABI accredited technologies, like the Tenix data diode/keyboard switches, and put the resultant SCI-unclassified, multiclassification domain system through the National Security Agency testing for SABI accreditation.”

The good news is that cross-domain innovations that make it through the U.S. government vetting and certification process become integral to how the country defends itself and operates in complex, rapidly changing environments. The faster the DoDIIS community and industry arrive at certified solutions, the better commanders in the field can defeat the enemy.

Success with cross-domain technology will be realized when decision makers can receive a rich mixture of multilevel, all-source classified and unclassified information that can be translated into actionable knowledge and rapid, effective operation time after time. This will be the discriminator, the competitive advantage. In the end, it might well be the difference between rapid victory and an agonizingly protracted engagement.

Adm. Leighton W. Smith Jr., USN (Ret.), is a senior fellow at the Center for Naval Analysis, president of Leighton Smith Associates and vice president of Global Perspectives Incorporated, both international consulting firms.

Web Resources
Joint Transformation Command–Intelligence: www.jfcom.mil/about/fact_jtci.htm
Defense Intelligence Agency: www.dia.mil