DISA Delivers Capabilities to the Warfighting Edge
The Defense Information Systems Agency (DISA) continues to add capabilities available to warfighters and to the broader Defense Department community.
The agency has created a lot of buzz in recent months with a number of initiatives involving cloud capabilities, mobility and biometrics. Officials serving on a DISA panel continued that trend at the AFCEA TechNet Augusta 2019 conference in Augusta, Georgia.
Maj. Nikolaus Ziegler, USA, military director for the DISA Emerging Technologies Directorate, described a future in which a wide range of biometric data is used along with common access card (CAC) data on a mobile device so that users can connect to the Defense Department network at any time or anywhere.
He noted that the agency is driving CAC credentials onto mobile devices and using biometric identity metrics to unlock those credentials. “This isn’t the land of unicorns. … We have an OEM [original equipment manufacturer] stepping up and integrating this into their offering currently,” Maj Ziegler said. “We see a future where that mobile device will not replace your CAC card. It will be an enhancement to your current capability. You’ll have a faster and more agile experience with a higher rate of security.”
The biometric data involved could range from the way a person walks to facial and iris recognition. “What I mean by that is how I walk, using my gait, how I look into the device, my iris, my face, my voice all those components, hard biometric factors,” Maj. Ziegler said.
And the biometrics data will be complemented by contextual data. “Contextual factors are what connected network I’m on, what Bluetooth functions I have, accessories, those types of capabilities. Those start to create a rhythm about who you are in your daily life, how you wake up in the morning, what you do. Your device is collecting that stuff. What we’re trying to do is to take that and fuse it with a fusion algorithm and create that trust worth,” he explained. “A low trust score allows me to log into my device. A medium trust score then allows me to log into a DOD environment. A high trusts score allows me to encrypt, decrypt, access a higher level of information.”
He emphasized that the users control their data. "You take all that together and keep everything local. I want to stress that: this is all done at the end point. This is not us sending your stuff out across an … Internet connection where you can be the man in the middle. … The user controls their identity, what they want people to do and how they end up doing it.”
The agency also has made a recent splash with milDrive, which uses cloud computing to provide greater access to the department’s network. “We want to make sure that whether you’re working on your desktop or you’re out in the field, you can access your data regardless of where you are. This gives you that continuous, reliable access,” said Carissa Landymore, cloud storage program manager, DISA. She added that the only two requirements are Defense Department credentials and access to the Nonclassified Internet Protocol Router Network.
Soon, the agency will unveil a milDrive mobile app. "There are multiple ways you can access your data. You can access through your desktop, through the Web, or through your mobile device. We have a web point on the mobile device today, and we have mobile app that will be rolled out in the first quarter of fiscal year 2020,” Landymore reported.
MilDrive offers a number of capabilities to make life easier for warfighters and others on DOD networks. “One of the key ones is that if you’re working on a large file that you need to transfer, most always you’re having to try to zip it, or break it down, figure out how you’re going to get it across. With milDrive, you don’t have to worry about that,” Landymore says. “You can be out in the field and have a large file you need to share over, you can share it with links and access points. You can set permissions for 30 days or up to a year. You have the ability to control that. You can also share it with unlicensed users.”
The agency’s cloud-based Internet browser isolation capability is another recent sensation. “It’s an initiative that essentially looks at the other 90 percent. About 90 percent of our traffic right now is non-.gov or non-.mil. It’s literally looking at Youtube, Facebook, bottlenecking, all that data that we’re using to look at what we’re doing,” Maj. Ziegler said. “We have about 10,000 users loaded into what we’re calling our cloud-based Internet isolation capability. There’s going to be 100,000 user trials. We’ve got every service involved, across Navy, Army, Air Force and Coast Guard.”
Maj. Gen. Garrett Yee, USA, DISA’s individual mobilization augmentee to the director of DISA, said the capability will slow down data being streamed to browser windows that are not being actively used. “If you open up your Internet browser, and you click on a session and then another session and another session, all those sessions are streaming data continuously. They’re eating up bandwidth. What we’re showing is that if you open up three sessions, the two previous sessions go down to a sloooow feed,” Gen. Yee said.
The general also stressed that Internet isolation improves security. “You’re browsing in the cloud, so there’s no endpoint security issue because there is not an endpoint,” he said.
Neil Mazuranic, chief of DISA’s DOD Mobility Program Capabilities Branch, said classified users will soon be able to use Android devices as well. “We’ve partnered with the same company that helped us with the S-7 device that’s out right now. I’m leading that effort. We just kicked it off a couple of weeks ago. We think that by mid-2020, we’re going to have that next-generation Android out there. That will be in a tablet form factor. It will also be in a phone,” Mazuranic said.
He stressed that users will be able to do “real-world work” on the mobile devices. “Our classified users want native email. They want mobile applications on the device so that they can actually do things, and they want data at rest on the device so that they can save files and have those applications and do real-world work.”