Monday, August 31, 2009

Pentagon Reviews Unisys Stealth

According to a Newtworkworld.com article, the United States Joint Forces Command (USJFC) is currently evaluating Unisys Stealth technology at the Joint Transformation Command for Intelligence (JTC-I) in Suffolk, Virginia.

"Unisys Stealth Solution for Network lets an organization set up “communities of interest” through a group policy using Microsoft Active Directory, with session-specific encryption keys scrambling data that can only be decrypted by those belonging to each group. Stealth works to “bit-split” data into multiple packets and re-assemble it to authorized users, which alone can decrypt it."

A Unisys press release further states that USJFCOM will be testing "cryptographic bit-splitting" as a way to converge DoD Global Information Grid networks operating at different security levels into a single network infrastructure.

"This technology can address a longstanding challenge for the Department of Defense and other government agencies: how to simplify their networks without sacrificing security, while delivering significant cost savings," said Jim Geiger, managing partner, Department of Defense, Unisys Federal Systems. "Unisys will draw upon its extensive experience with the Unisys Stealth Solution for Networks to support the Joint Forces Command and the Joint Transformation Command for Intelligence in this pioneering effort to promote secure data and information sharing among various communities within the DoD. This solution is now the double-encryption security mechanism protecting the Unisys Secure Cloud solution."

In my December 2008 post I described cryptographic bit splitting as a new approach for securing information. Its advantages inclue:
  • Enhanced security from moving shares of the data to different locations on one or more data depositories or storage devices (different logical, physical or geographical locations
  • Shares of data can be split physically and under the control of different personnel reducing the possibility of compromising the data.
  • A rigorous combination of the steps is used to secure data providing a comprehensive process of maintaining security of sensitive data.
  • Data is encrypted with a secure key and split into one or more shares
  • Lack of a single physical location towards which to focus an attack
My company, Dataline LLC, is also leveraging this technology during the Trident Warrior '10 fall lab experimentation period. As I posted in US Navy Experiment With Secure Cloud Computing, the Secure Cloud Computing experiment has been designed to explore the use of a commercial Infrastructure as a Service (IaaS) platform as a viable means of supporting a specified subset of US Navy mission requirements for global connectivity, server failover and application access. Goals for the experiment include:
  • Demonstrating the establishment and use of trusted communication paths on a global public computing infrastructure; and
  • Demonstrating dynamic, mission driven, provisioning of information via trusted communication paths on a global public computing infrastructure
I'll keep you posted on the outcome of both DoD activities.

( Thank you. If you enjoyed this article, get free updates by email or RSS - KLJ )

Monday, August 24, 2009

"Cash for Clunkers" Should Have Used the Cloud!

Rich Bruklis wrote an excellent essy on how the government missed a perfect opportunity to use cloud computing. In "Cloud Opportunity Missed" he writes:

"It appears that the voucher system set up to handle dealer claims was crushed by unusual high demand. Now 'unusual high demand' to me is synonymous with cloud computing."

He also cited three drivers that caused the problem:

- The high popularity surprised the auto industry which forecasted that the program wouldn't have a major effect on sales.
- The dealer sales people ‘pre-sold' the program to customers causing an initial rush to the Cash for Clunkers web site and crashed the system.
- The Transportation Department officials were presented with just 30 days to get the program up and running.

As Rich also noted, it seems that the Government instictively relied on less automation, not more, by adding 700 more human claims processors to the original 300 midway through the program.

Why didn't they consider cloud computing !! SCRATCH THAT!!

Update: Apparently they did use cloud computing !! According to a Washington Post article, Oracle OnDemand application was used:

"Administration officials said the On Demand program, produced by Oracle, allowed Cash for Clunkers to keep running even as consumer interest in it rose in the initial days by more than 10 times the government's projections."

( Thank you. If you enjoyed this article, get free updates by email or RSS - KLJ )

Thursday, August 20, 2009

US Navy Experiments With Secure Cloud Computing


This week in San Diego, CA the US Navy held the initial planning conference for Trident Warrior '10. The Trident Warrior series is the premier annual FORCEnet Sea Trial Event sponsored by Naval Network Warfare Command (NETWARCOM). FORCEnet’s experimental results are incorporated into a definitive technical report used to develop Military Utility Assessment (MUA) recommendations. This report is provided to the Sea Trial Executive Steering Group (STESG) for consideration and acquisition recommendations.

The primary goal of FORCEnet experimentation is to influence accelerated fielding of improved Command and Control (C2) capabilities to the fleet through Program of Record (POR) acceleration or transition of new technologies into PORs. Additional goals include evaluating Tactics, Techniques, and Procedures (TTP) that best exploit, promote, expand, and incorporate new FORCEnet capabilities in support of optimizing execution of Naval operations; increasing warfighter effectiveness through discovery and development of enhanced capabilities; and encouraging Government, industry, and academia use of experimentation to advance new concepts and capabilities.

This year, for the first time, the event has been expanded to include a lab-based venue designed to experiment with lower Technology Readiness Level (TRL) candidates. The goal of this added activity is to demonstrate technologies that have the potential to fill mid- and far-term warfighting gaps. One of these lab-based experiments is secure cloud computing.

Sponsored by Dataline, LLC, the Secure Cloud Computing experiment has been designed to explore the use of a commercial Infrastructure as a Service (IaaS) platform as a viable means of supporting a specified subset of US Navy mission requirements for global connectivity, server failover and application access. Goals for the experiment include:
  • Demonstrating the establishment and use of trusted communication paths on a global public computing infrastructure; and
  • Demonstrating dynamic, mission driven, provisioning of information via trusted communication paths on a global public computing infrastructure
Working with Amazon Web Services and Security First Corporation, the Dataline-led team will explore the ability of cloud computing technologies to support humanitarian assistance and disaster relief military missions. As currently planned, the test scenario will simulate the secure use of a cloud-based collaboration environment. Both synchronous and asynchronous collaboration technologies will be leveraged. Information and data access among multiple operational groups will be dynamically managed based on simulated ad-hoc mission requirements. Expected mission advantages of this new approach include:
  • Increased IT infrastructure resiliency through the use of dynamic and automatic provisioning of compute and storage resources;
  • The ability to provide virtually unlimited IT infrastructure scalability through the elastic nature of an infrastructure-as-a-service platform; and
  • Increased mission flexibility through a globally distributed and accessible IT infrastructure that is also open to use by Non-Government Organizations (NGOs), civilian first responders and non-US military forces.
The use of a government sponsored "Red Team" is also being requested as a means of validating the security of the proposed infrastructure.

For further information on the Trident Warrior lab based experiments, please contact LCDR Caroline Lahman ( caroline.lahman@navy.mil )

For further information on the Dataline Secure Cloud Computing experiment, please contact Kevin Jackson (kevin.jackson@dataline.com)

( Thank you. If you enjoyed this article, get free updates by email or RSS - KLJ )


TRIDENT WARRIOR '09

Thursday, August 13, 2009

GSA To Present On Cloud Initiative at NCOIC Plenary

A General Services Administration (GSA) representative is now scheduled to provide a briefing on the agency's cloud computing initiative during a "Best Practices for Cloud Initiatives using Storefronts" session on September 21, 2009 in Fairfax, VA. The session, part of the Network Centric Operations Industry Consortium (NCOIC) Plenary, is expected to foster an interactive dialog on interoperability and portability standards for Federal cloud computing deployments.

Through the recent release of a Infrastructure-as-a-Service (IaaS) Request for Quote (RFQ), the GSA has positioned itself as a significant participant in the federal government's move toward the use of cloud computing technologies. Casey Coleman, GSA CIO, has previously stated that cloud computing is the best way for government technology to move forward. To support this effort, the agency is encouraging an active dialog with industry on possible future
standardization issues such as:
  • Interfaces to Cloud Resources supporting portability of PaaS tools and SaaS applications;
  • Interfaces to Cloud Resources supporting interoperability across Clouds;
  • Sharing and/or movement of virtual computational resources across Clouds;
  • Data sharing and movement across Clouds;
  • Authentication and authorization across Clouds;
  • Messaging to and from Clouds; and
  • Metering, monitoring and management across Clouds.
Although responses to the current RFQ are expected to have been submitted by the plenary session date, changes in the GSA IaaS procurement schedule could result in the postponement of the GSA briefing.

The NCOIC is a unique collaboration of premier leaders in the aerospace, defense, information technology, large-scale integrator and services industries. The Consortium works in tandem with customers from around the world, each with a specific mission, to provide a set of tools that enable the development of network centric capabilities and products. An example of the consortium's unique capabilities the recent agreement between NCOIC and the U.S. Federal Aviation Administration (FAA) to advance the Enterprise Architecture of NextGen, FAA’s national airspace (NAS) transformation program. The NCOIC will analyze and evaluate NextGen’s enterprise architecture views, products, plans, net-centric patterns and operational concepts. Working collaboratively, its members will develop “voice of industry” recommendations about applying net-centric standards to the NextGen procurement, as a way to achieve interoperability in the NAS and, potentially, the skies beyond U.S. borders.

Registration for the plenary is now available at https://www.ncoic.org/events/plenaries_council/ .


( Thank you. If you enjoyed this article, get free updates by email or RSS - KLJ )

Wednesday, August 12, 2009

FAA CIO Focuses on Cybersecurity

During this week Federal Executive Forum, FAA CIO Dave Bowen mentioned protection against software vulnerabilities, wireless intrusion and website vulnerabilities as his top cybersecurity priorities.

As the Assistant Administrator for Information Services and Chief Information Officer for the Federal Aviation Administration, Mr. Bowen is the principal advisor to the FAA Administrator on the agency's information technology and directs strategic planning for information technology across the agency. He also oversees the implementation of the FAA's Information Systems Security, E-Government, Shared Services, and Process Improvement Programs.





The entire interview will be broadcast on August 13th, 2009 at 2:00pm during this week's Federal Executive Forum on Federal News Radio. These 1 hour radio and video programs are produced and broadcast monthly in Washington, DC and feature 3-4 Top Government IT Executives discussing mission critical issues. The programs always include some of the top federal government technology leaders. This weeks forum is sponsored by:


( Thank you. If you enjoyed this article, get free updates by email or RSS - KLJ )


Tuesday, August 11, 2009

DHS Asst. Secretary Addresses Cybersecurity Priorities

Greg Schaffer, Assistant Secretary for CyberSecurity & Communications for the US Department of Homeland Security, sees Trusted Internet Connections, EINSTEIN, and front line defense of the nation's networks as top cybersecurity priorities for the department. His views were shared during this weeks Federal Executive Forum.

As Assistant Secretary for CS&C, Schaffer will work within the National Protection Programs Directorate to lead the coordinated efforts of CS&C and its components, including the National Cyber Security Division, the Office of Emergency Communications, and the National Communications System. He will engage the public and private sectors as well as international partners to prepare for, prevent, and respond to catastrophic incidents that could degrade or overwhelm the nation's strategic cyber and communications infrastructure.




The entire interview will be broadcast on August 13th, 2009 at 2:00pm during this week's Federal Executive Forum on Federal News Radio. These 1 hour radio and video programs are produced and broadcast monthly in Washington, DC and feature 3-4 Top Government IT Executives discussing mission critical issues. The programs always include some of the top federal government technology leaders. This weeks forum is sponsored by:

( Thank you. If you enjoyed this article, get free updates by email or RSS - KLJ )


Monday, August 10, 2009

US DoD Chief Security Officer on Cybersecurity Priorities

In a Federal Executive Forum interview, Robert Lentz, Chief Security Officer for the US Department of Defense, highlighted the departments cybersecurity priorities.

Mr. Lentz is the Deputy Assistant Secretary of Defense for Cyber, Identity and Information Assurance (CI&IA) in the Office of the Assistant Secretary of Defense, Networks and Information Integration/Chief Information Officer. Since November 2000, he has been the Chief Information Assurance Officer (CIAO) for the Department of Defense (DoD) and, in this capacity, oversees the Defense-wide IA Cyber Program, which plans, monitors, coordinates, and integrates IA Cyber activities across DoD.

Along with the need to increase network speed and hardening, Mr. Lentz also mentioned efforts to increase the number of "cyber defenders" from the current 45,000. Other priorities include:
  • Insuring that information can flow from the cloud all the way to the edge
  • Helping defense industrial partners increase their cybersecurity posture
  • Implementing a robust identity management infrastructure; and
  • Increasing cybersecurity education, training and awareness



The entire interview will be broadcast on August 13th, 2009 at 2:00pm during this week's Federal Executive Forum on Federal News Radio. These 1 hour radio and video programs are produced and broadcast monthly in Washington, DC and feature 3-4 Top Government IT Executives discussing mission critical issues. The programs always include some of the top federal government technology leaders. This weeks forum is sponsored by:

( Thank you. If you enjoyed this article, get free updates by email or RSS - KLJ )


Thursday, August 6, 2009

Twitter Under Denial of Service Attack

Multiple sources are reporting that Twitter continues to be under a denial of service attack. Some are speculating that this represents the power of a coordinated bot network attack. For the government community it is also a demonstration of what a well organized adversary can do against a major website.

Since Twitter is a cloud application on top of Amazon Web Services, my earlier thoughts explained in Cloud Computing: The Dawn of Maneuver Warfare in IT Security quickly come to mind.

I'm also contemplating that this could have something to do with Twitter effectiveness that I showcased in Iranian Protests Showcase Twitter, Facebook, YouTube (and Cloud Computing)!

The Georgia incident showed the reality of cyberwar. Is this a Cyber terrorist attack?

Update from Reuven Cohen:

If I were a betting man, I'd say that this attack was done using Multi-Stage BGP & DNS Attack Vector. My only real proof is a little common sense as well as the simple reason that a typical HTTP denial of service attack causes a spike in traffic not a drop as illustrated below.


( Thank you. If you enjoyed this article, get free updates by email or RSS - KLJ )

Wednesday, August 5, 2009

NCOIC Holding Full Day Cloud Computing Session



The Network Centric Operations Industry Consortium (NCOIC) will be holding a one-day cloud computing session during its plenary meetings, 21-25 September at the Fair Lakes Hyatt in Fairfax, VA. A complimentary workshop on NetCentric Patterns will also be held Wednesday morning that week.

The NCOIC is a unique collaboration of premier leaders in the aerospace, defense, information technology, large-scale integrator and services industries. The Consortium works in tandem with customers from around the world, each with a specific mission, to provide a set of tools that enable the development of network centric capabilities and products. An example of the consortium's unique capabilities the recent agreement between NCOIC and the U.S. Federal Aviation Administration (FAA) to advance the Enterprise Architecture of NextGen, FAA’s national airspace (NAS) transformation program. The NCOIC will analyze and evaluate NextGen’s enterprise architecture views, products, plans, net-centric patterns and operational concepts. Working collaboratively, its members will develop “voice of industry” recommendations about applying net-centric standards to the NextGen procurement, as a way to achieve interoperability in the NAS and, potentially, the skies beyond U.S. borders.

The NCOIC expects senior government leadership, both US and international, to participate in both the General Plenary and its regular team meetings. A Cybersecurity panel in Wednesday’s General Plenary meeting will include current hi-level government experts, and will provide an opportunity for valuable discussion of this hot topic. Also, this fall marks the fifth anniversary of the formal establishment of NCOIC. To take advantage of this milestone, the organization is planning a panel discussion that will include some of the Emeritus Advisory Council, Executive Council and Technical Council chairs. This promises to be an interesting discussion of the impact of NCOIC to date, and where the NCOIC can position itself in order to provide valuable contributions in the future.

Registration for the plenary is now available at https://www.ncoic.org/events/plenaries_council/ .

( Thank you. If you enjoyed this article, get free updates by email or RSS - KLJ )


General (Ret) Harald Kujat
Advisory Council Chair, Former Chairman, NATO Military Committee and Chief of Staff, Federal Armed Forces (Germany)

BG Hakan Bergstrom
Swedish Ministry of Defence

VADM Nancy Brown
Director, C4 Systems Directorate (J6), Joint Staff

Honorable Jay Cohen
Under Secretary, Science and Technology Directorate, Department of Homeland Security

Air Vice Marshall Carl Dixon, RAF
Capability Manager (Information Superiority), United Kingdom Ministry of Defence

Maj. Gen. Pietro Finocchio
General Manager of General Directorate for Telecommunications, Information Technology, and Advanced Technology Italian MoD

Maj. Gen. Koen Gijsbers, RNLA
Assistant Chief of Staff, C4I, Allied commander Transformation

Honorable John G. Grimes
Assistant Secretary of Defense for Networks and Information Integration

Honorable Keith R. Hall
Advisory Council Chair Emeritus, former Assistant Secretary of the Air Force (Space) and Director, National Reconnaissance Office

VADM Harry B. Harris, Jr.
U.S. Navy Liaison to NCOIC

Maj. Gen. Georges D'Hollander
Director NHQC3S

Mr. John C. Johnson,
Assistant Commissioner for Service Development, General Service Administration's Federal Technology Service

Honorable Paul Kaminski
Advisory Council Chair Emeritus, former Undersecretary of Defense for Acquisition, Technology and Logistics

Dr. Robert Laurine
Chief Information Officer, National Geospatial Intelligence Agency

Mr. Charles Leader
Director, NextGen Joint Planning and Development Office

Mr. Carlo Magrassi
Armaments Director European Defense Agency

Mr. Mark T. Powell
U.S. Coast Guard Liaison to NCOIC

BGen Blandine Vinson-Rouchon
Director, System of Systems Architecture
DGA (Delegation Generale pour l'Armement), French MoD

LTG Jeffrey A. Sorenson
Chief Information Officer/G6 HQ, Department of the Army

Honorable John P. Stenbit
Former Assistant Secretary of Defense for Networks and Information Integration

Mr. Dag Wilhelmsen
General Manager, NATO C3 Agency

Lt. Gen. Ulrich Wolf, German Army
Director, NATO Communications Information Systems Services Agency

Mr. Matt Yannopoulos,
Chief Technology Officer, Chief Information Officer Group. Australian Department of Defence

Monday, August 3, 2009

Sevatec a New Player in the Federal Cloud Computing Market

Just in time for the new Federal Cloud Computing Storefront, Sevatec, Inc. is announcing the development of a toolkit to help federal agencies transform their enterprise architectures to cloud computing more effectively and seamlessly. With last week's General Services Administration (GSA) Request For Quotation (RFQ) release for the US Federal Cloud Computing Initiative, Sevatec may be positioning itself well. As part of the GSA Federal Supply Service Schedule 70, the RFQ process will grant agencies direct access to pre-authorized, commercial experts capable of delivering cloud computing products and services.

Cloud computing is a general term for delivering hosted services over the Internet with massive elasticity and scalability. Different from traditional hosting, cloud computing provides easy, scalable access to computing resources, storage, and other IT services. Cloud computing is on demand, elastic, and fully managed by the provider, allowing agencies to shop a multi-layered cloud for as much or as little of a service, infrastructure, or business process as they want at any given time at dramatically lower cost.

Dr. Rod Fontecilla, PhD., a former Principal at Booz Allen Hamilton, is well known for his work in cloud computing strategies such as a cloud transition methodology, cloud economics analysis, massive data analytics, and many other related topics. Dr. Fontecilla recently joined the ranks of this 8(a) certified, CMMI Level 3-rated management and technology consulting services firm as their CTO. The company is also one of Washington Technology’s 2008 Fast 50, a list of the fastest growing small businesses in the nation. Dr. Fontecilla is leading the work on this cloud diagnostic toolkit (CDT) and sees it as a game changer in helping federal agencies more effectively and seamlessly transform their enterprise architectures to cloud computing.

Although significant innovations in virtualization and distributed computing, improved access to high-speed Internet, and a weak economy, have accelerated federal agency interest in cloud computing, Dr. Fontecilla recommends that agencies analyze carefully how best to migrate some of their existing applications, residing within their data centers, to a cloud provider using this new diagnostic toolkit. This toolkit will empower CIOs with the right set of tools to categorize and prioritize best cloud candidates, identify potential break points in the overarching architecture, identify training and staffing changes, and assist in defining the roadmap for the future enterprise architecture using cloud components.

At many federal government agencies, most existing applications are tightly linked to other applications. These enterprise applications exchange data directly among themselves or via web services and are linked to external sources that exchange information using different messaging mechanisms and key infrastructure components, such as an LDAP, that provide authentication and authorization schema. While these infrastructure components, in most instances, perform well in enterprise architectures within agency’s data centers, a determination must still be made on whether they will work seamlessly between an agency's data center and cloud providers, or be certified and accredited by current standards, before making the leap to cloud computing. CIOs will encounter significant risks deciding to use cloud computing without the ability to thoroughly analyze the existing as-is and to-be environments or fully understanding all the elements of the transformation needed to achieve a cloud enabled architecture.

When applied to an agency's enterprise architecture, Sevatec’s cloud diagnostic toolkit provides CIOs a clear roadmap to transforming a significant portion of their enterprise architecture to cloud computing effectively and realize immediate savings in computing resources, storage, and other IT services — which, for many CIOs, offers a compelling business case for analysis before making the leap to cloud computing.

To learn more about Sevatec's cloud diagnostic toolkit, contact Dr. Fontecilla directly at rfontecilla@sevatec.com.

( Thank you. If you enjoyed this article, get free updates by email or RSS - KLJ )