Collaborative Tool Buddy-Lists Coalition Partners
Instant messaging technology speeds communication, synchronizes situational awareness.
International military partners are signing on and interfacing with each other instantaneously by using a prototype system that merges real-time chat capabilities with a language translator to enable cross-domain information exchange. The project addresses the need for collaboration and interoperation at the command level in allied environments.
Because military operational success depends on partnerships with other countries, researchers are developing a concept called Collaboration Techniques for Coalition Teams (CT2). Many organizations already have collaborative capabilities in the form of e-mail and material published on Web pages. What they do not have is a secure real-time capability other than telephones. The MITRE Corporation, with headquarters in McLean, Virginia, and Bedford, Massachusetts, is developing the CT2 technology.
“On the U.S. side there are quite a few tools being fielded that are being stretched over into coalition environments or bilateral environments and aren’t working because of security-related issues,” says Cynthia K. Sturm, principal staff member, Joint Operations–Southeast, MITRE. Action reports from several U.S. and European commands say that coalition partners need to interface more dynamically using existing networks versus bringing a new network to everyone, she says. “It is much better if everyone can work in their native environments but be able to touch base with their international liaisons.”
The CT2 team started by reviewing current acceptable U.S. and foreign security architectures to determine what capabilities are allowable additions to these networks. The solution had to be manageable within diverse security environments. The group decided on a basic tool, instant messaging, for the client-server technology because it is text-based, requires a limited number of commands and can be inspected electronically. “Team members wanted to develop the pieces of a prototype architecture that would receive accreditation, so they selected the simplest tool,” Sturm says.
The approach uses the simple instant messaging and presence protocol (SIMP), which MITRE developed and has submitted to the Internet Society’s Internet Engineering Task Force as a proposed instant message standard. The Internet Society, based in Reston, Virginia, is an international nonprofit organization that focuses on standards, public policy, education and training.
Because language is often a barrier in a coalition environment, project investigators decided to augment the instant messenger with a translation feature based on translingual instant messenger technology—called TrIM—that was developed under a separate MITRE research initiative. The technology can translate English, Spanish, French and German and can be expanded to cover other languages.
The final element and one of the main objectives of the prototype development is a security guard component specifically dedicated to collaborative information exchanges. A guard is a set of controls that mediates trusted transfers across security boundaries. Christine L. Eliopoulos, principal information security engineer, MITRE, notes that in the United States, security guard technology often is used as a vehicle for connecting networks of different security classification levels. “Therefore, the use of security guard technology was pretty natural for our CT2 effort,” she says. “What does not exist at this time is a security guard specifically for use with collaborative tools.”
Eliopoulos and her colleagues were tasked with engineering a “collaboration” security guard with the appropriate features. In support of a recent NATO exercise, they submitted their work to accreditation reviewers along with documentation that defines and limits exactly how the guard will be used. A configuration and testing process is performed, and the guard technology is authorized for use as specified.
Team members also incorporated public key infrastructure technology in concert with their unique security guard. The CT2 prototype uses digital signatures for message authentication so that senders are able to apply digital signatures to messages and receivers can determine whether the message came from someone they know and trust.
Technical issues include the electronic-age-old problem of bandwidth. “This is a real issue in a lot of places such as the European theater where we’re deploying,” Eliopoulos relates. Something as simple as an instant messenger application, when placed on top of an already full network load, could mean that the application now is running slower than it did in the MITRE laboratory or even on a U.S. network.
Additionally, the team found that security is a big impediment in collaboration, so it looked at security capabilities and features required to facilitate multinational collaboration. Most of CT2’s security features can be found within the guard that the project engineers are creating. A number of layers of security are built-in and inspect instant messages going both directions across the guard. Layers include digital signature requirements, access control and software checks. For example, the guard can be configured to block a message that does not contain a signature.
Additionally, access control allows administrators to implement a number of message release policies at the guard. “You could have a very restrictive policy that says that the only person I’m going to let collaborate on the French side is the French liaison officer,” Eliopoulos explains.
The guard also supports two types of software checks. One is a series of detailed format checks to ensure that the message being sent is truly an instant message and not a virus or piece of executable code. The second is a dirty-word searching capability used to block instant messages that contain inappropriate language.
To achieve accreditors’ approval on security, CT2 researchers talked to the specialists about their concerns over connecting systems from independent sovereigns’ security regimes. “You will typically find that accreditors say the project can’t be done,” Sturm notes. “What you have to do in the accreditation realm is go out and explore possible strategies and do quite a bit of research to find out what the risk is, how it will be mitigated, then show it to the accreditors.”
According to John C. Hammond, MITRE’s European operations associate department head, commanders and other users indicate that they want to eliminate extra workstations and use one workstation for all security levels. “The security guys of course are quite nervous about that,” he says. “You’re seeing a reluctance to implement new ways of doing things. It’s only through research like this, pushing the envelope, trying to draw out from them what the specific problems are, that you can actually achieve progress with the accreditation community.”
Eliopoulos notes that one of the primary hurdles of the CT2 project is cultural. Some of the users initially did not understand how to integrate the tool into their existing business processes. “You might install the software and start to train the user and he’d say, ‘This is nice, but I don’t really need to use this,’” she offers. “We then engaged him in a discussion of what he currently does. From there we tried to explain ways in which he could use this software to do his job better, more efficiently, in a more timely manner, and do some things he wasn’t able to do before.”
Hammond echoes the idea that when independent sovereigns’ security domains are being crossed, people need to learn how new technology can fit into their business processes. “Every time we throw a new piece of technology out there, what we find is that even though some of us are users, we don’t necessarily always understand how the other guy is going to use it,” he says, “and neither do they. You have to throw it on the table in front of them. Give them some ideas, and they often come up with things you never thought of.”
The best way to get people’s attention is through participation in exercises, Eliopoulos relates. “We say, ‘This is our proof of concept, this is what it does, and this is how it performs during the exercise. There were no grand failures; there was no great security breach,’” she adds. “Then we use this as a baby step for moving forward in the United States and getting approval for a capability like this for something between a U.S. classified network and a NATO network or another type of coalition network.”
The CT2 prototype recently was tested at strong resolve 2002, a major NATO exercise involving the deployment of naval, ground and air forces from NATO’s two strategic commands: Allied Command Atlantic and Allied Command Europe. From the exercise, team members hope to learn how users can further benefit from the use of a collaboration tool that incorporates instant messaging technology. They also will look at how critical a language translation capability is in multinational operations and how many users a translator can support.
“We’ve got lessons to learn about the performance of a security guard,” Eliopoulos shares. “What are the networking obstacles when you’re rolling out a tool like this? If the guard has a fail point, what is it? How often are messages sent cross-domain versus local to a domain?” she asks. The team found that the messages currently take 6 to 8 seconds to be processed through the security guard.
Teammates already have learned that collaboration tools often work best and are better received by users when they are focused on specific operation functions, Hammond reveals. “Secondarily, they have not only a mission but a time constraint, and they have to get a coordinated plan or order or target list out before a certain time,” he says. “When you have these kinds of requirements—people with specific functions and time frames—the collaborative tools are generally well accepted. But if it’s just a matter of talking to Joe Smith, usually you don’t generate a lot of interest. You have to go after it from a functional perspective, and then you can be a winner with these tools.”
Individuals within NATO’s Battlefield Information Collection and Exploitation System Agency are already asking for CT2 to continue beyond the exercise, Hammond shares. “We’ll have to work out some issues, but I fully anticipate that it will be a user requirement. That’s what we’re telling the users: You have to make it a requirement and it will be there.”
The prototype work is funded through September, and officials at The MITRE Corporation anticipate a technology transfer to another organization where the capability will be used as a model for cross-domain collaboration in the future.
Additional information on The MITRE Corporation is available on the World Wide Web at www.mitre.org.