Addressing security challenges of a common operating environment

Jim Quinn is vice president of C4ISR Systems for Lockheed Martin Information Systems & Global Solutions. He is responsible for the Distributed Common Ground System, among other programs. Quinn recently spoke with Defense Systems Editor-in-Chief Barry Rosenberg about the sharing and security challenges of a common operating environment.

DS: Lockheed Martin and others have been working with the military in recent years on intelligence-sharing development of a common operating environment (COE). What are the challenges that still remain?

Quinn: A couple things come to mind. The first is the infrastructure and the COE efforts that the services are sponsoring, [specifically] what I will call “infrastructure software commonality,” which is standardization of interfaces and how you write data, subscribe to it, etc.

The next challenge, in my view, is what I call the “missionizing” or the operational aspects of achieving virtualization or cloud migration. Let me explain. In industry, virtualization and movement to the cloud is very much on everybody’s mind. Whether it’s Amazon or Wal-Mart, a lot of industry is moving their data repositories and their infrastructure toward the cloud.

The military can derive the same benefit because [such a move results in] consolidation and to a reduced footprint. But the unique challenges that come with the military aspects of this are bandwidth, security and forward deployment.

So, if you think about the security aspects, the services appropriately would be intolerant of a contamination of data that led either to loss of life or a serious [negative] operational impact. So the security overlays, such as cross-domain solutions like the ones that we provide in our systems Radiant Mercury and Trusted Manager, are accredited systems that allow you to downgrade and declassify data, from the highest level down to coalition and unclassified releasable information.

So that’s very important when you think about architecting and a system of systems that may have both a central data repository and perhaps one that’s forward deployed. Considering what the security threats and protections are from cradle-to-grave, [you need a] defense-in-depth architecture that allows you to forward deploy the data and perhaps even to cache it forward.

DS: When you say “forward deploy the data” you’re talking about deploying the data in a secure way to a tactical, mobile device or one installed on an armored vehicle, for example?

Quinn: Right, and it’s actually two pieces. Think of it from an infrastructure perspective. Suppose that data was stored somewhere here in the continental U.S. and we wanted to share that data because it was being aggregated in some way with a CENTCOM area of responsibility (AOR). You have that first link, if you will, into the AOR. Then, just as you described, you have a second link to an enclave, command post or forward operating base. A lot of people talk about the last tactical mile, but it could also be the first tactical mile, depending on your point of view.

You really want to be able to push that situational awareness beyond the command post and the forward operating base to that mobile user who can view that information on a HMMWV, a Stryker or an MRAP vehicle. And then, as you described it, you want that situational awareness to be further pushed out to a quick-reaction team or squad that’s walking through a bazaar or the streets of some forward province. That situational awareness needs to be displayed and available to soldiers at the right level of detail so that it’s useful. But it has to be secured at that device.

Those are unique challenges because someone might drop an iPod or cell phone or there might be casualties and those devices are left unattended. Consideration has to be taken about how to squib or electronically scramble that device and make the data on it go to gray screen.