Print 17 comment(s) - last by ekv.. on Apr 22 at 4:20 PM

The NSA is looking to take inter-agency info-sharing "to the cloud".  (Source: Microsoft via YouTube)

It also plans on embracing smart phones, tablets, and laptops for the first time.  (Source: Flickr)
Agency says designing a strong "architecture" is more important than tools when it comes to info sharing

The U.S. National Security Agency (NSA) is one of America's numerous intelligence agencies, which operates under the command of the Director of National Intelligence.  The NSA is tasked with intercepting and analyzing foreign signals and safeguarding the government's networks, including the military's secure networks.  

Given that its duties significantly overlap with other U.S. intelligence organizations like the Central Intelligence Agency (CIA) and Federal Bureau of Investigations (FBI), the NSA is keenly interested in developing a better framework to share information with these peers. 

I. New Data Centers

The agency is currently working on replacing three cryptologic (signal deciphering) centers in Texas, Georgia, and Hawaii.  These legacy stations contain computer equipment dating back to the 1980s.  With the construction of three new centers underway, NSA Chief Information Officer Lonny Anderson says his organization has a "once in a lifetime" to institute a cutting edge new architecture, both in hardware and software.

One of the new centers will be a $1.5B USD data center, located in Camp Williams, Utah.  The data center will be tasked with protecting government agencies' computer networks, including those of civilian agencies. 

At the new data centers, the agency plans to deploy secure wireless networks, thin clients, and private clouds to streamline its operations.  With the thin clients, the NSA will run multiple security domains on a single server.  This should make it easier for its staff to secure the various domains.  In order to accomplish that optimization, though the NSA has to rewrite some of its in-house apps that its staff uses.

In an interview with Information Week, Mr. Anderson comments, "[The overhaul] gives you a chance to look at all of your data centers and servers, identify those that are at end of life, replace or get rid of them."

The NSA runs three private clouds.  Two of the clouds -- a utility and a storage cloud -- act as pooled resources for the staff.  The third cloud -- the data cloud -- sifts through the deluge of data intercepted by the agency.  It uses secured version of the open source software Apache Hadoop and its MapReduce tool to analyze and manage its data sets.

II. Mobile Devices

The NSA traditionally frowned upon employees using mobile devices.  Now it is embracing them.

It's giving employees laptops, something seldom seen in the Agency before.  And it's also giving them access to tablets and smartphones.  The NSA, the Army, and the Navy have joined together to work on a project called Ozone.  The project will create a common marketplace, called Ozone marketplace, for smartphones and tablets.  The project is working to publish a software developer kit that will allow private contractors to develop security apps.

The NSA is not revealing what platform it is using.  It seems likely that it is running Ozone on some sort of Android distribution by Google Inc. (GOOG), as Apple Inc. (AAPL) does not allow modification of its operating system or third-party app stores.

Mr. Anderson did say that the NSA would also try to accommodate a number of less specialized, off-the-shelf consumer devices.  He states, "We can't keep pace with the Googles, and we're not going to out-Apple Apple. But we need to take advantage of what they're doing, and make sure our workforce is exposed to the same technologies."

III. Open Source?

Intelligence agencies like the NSA already use a great deal of open source code for their data gathering.  But the NSA is considering, in a surprising twist, open sourcing some of its own code.  The Agency has been impressed by recent successes like the U.S. National Aeronautics and Space Administration's (NASA) decision to open source its Nebula cloud software and a similar effort by the U.S. White House's Office of Management and Budget with its Web dashboard.

States Mr. Anderson, "I want to take advantage of developers not just across the IC, but developers everywhere."

Under the current plan, critical parts of the code base would be wrapped in a protective security wrapper, while non-critical code would be available to the public for analysis.

IV. To the Cloud -- For Sharing

Obviously the Agency is very keen on using clouds to share information internally.  Now it wants to leverage this expertise to create clouds that can share information across the entire U.S. Intelligence Community (IC).

The NSA, the National Reconnaissance Office, the National Geospatial-Intelligence Agency, and the Defense Intelligence Agency are working on a project called "the Quad", whose goal is to create a common development environment.  The crux of the project will be to develop a secure "role-based identity management framework" for interagency use.  Developers at the various agencies must be trained in how to use this framework.

A second project, Integrated Intelligence Pilot (I2P), will strengthen the IC's preexisting Joint Worldwide Intelligence Communications System -- an interagency network used for sharing information.  The new project looks to add additional servers and software to allow agencies to share applications with each other.  It additionally looks to install a common database that can run inter-agency queries.

States Mr. Anderson, "Instead of taking data from CIA-specific or NSA-specific repositories, or FBI or DIA, you'll be able to query via the cloud into those organizations and say, do you have information that meets this question, and they'll be able to say, yes or no."

V. Cybersecurity -- The Big Problem

All these efforts sound great, but they face one glaring threat -- foreign hackers.  Increasingly hackers from Russia, China, and elsewhere have targeted U.S. commercial and government networks in an effort to gain the upper hand in the information war.

Putting data on interagency clouds and adopting mobile devices provides certain inherent security risks, which take that much more work to counteract.

In his recent interview Mr. Anderson acknowledges this issue, to some extent, stating, "There's a belief that if you discover information via [signals intelligence], it's going to be accurate because people believe they're talking securely.  We now understand that may not be the case, so we've got to make sure that our networks are secure and that someone's not trying to steal our information, deceive us, or lead us down a wrong path."

The U.S. government has trouble protecting its nation's critical public infrastructure like power, gas, and water from foreign attacks, so it remains to be seen how well it can secure its own information with this expansion of access and portability.  Needless to say that while the NSA has a huge opportunity for improvement, it also faces a huge challenge securing these projects.

Comments     Threshold

This article is over a month old, voting and posting comments is disabled

Or maybe
By supermitsuba on 4/21/2011 11:15:45 AM , Rating: 2
Cut out these useless agencies and actually have the CIA and FBI do that job. Seems silly to have 3 different agencies to do one thing. But then again it is the government, if its not complicated, then we dont want it.

RE: Or maybe
By vazili on 4/21/2011 11:37:44 AM , Rating: 2
They actually all do different jobs. CIA does overseas intelligence gathering. FBI focuses on domestic crimes and counterespionage and the NSA focuses on electronic warfare and intelligence gathering.

RE: Or maybe
By spread on 4/21/2011 1:01:25 PM , Rating: 5
So what does the Department of Homeland Security do?

RE: Or maybe
By Donkeyshins on 4/21/2011 1:14:32 PM , Rating: 5
So what does the Department of Homeland Security do?

Makes sure you get groped at the airport.

RE: Or maybe
By Spuke on 4/21/2011 2:07:33 PM , Rating: 3
Makes sure you get groped at the airport.
The military calls that SACKINT.

RE: Or maybe
By ekv on 4/22/2011 12:14:16 AM , Rating: 2
Makes sure you get groped at the airport.
Try that on my 6 yr. old, and I WILL give you a real-time in-progress view of ...

RE: Or maybe
By Gzus666 on 4/22/2011 2:30:26 PM , Rating: 2
No you wouldn't, you would sit and make a big stink out of it like an idiot and complain. If you did do something, you would have 20 people on you beating the crap out of you and then you would enjoy a fun rectum screening without lube I'm sure. Then they can whisk you away to your new jail cell and your 6 yr. old will grow up with a jail bird father.

Stop acting tough on the internet, you aren't super tough, you are just some guy with a kid like millions of other fathers.

RE: Or maybe
By ekv on 4/22/2011 4:20:17 PM , Rating: 2
That, or let me wife take a video 8)

[There! take that you bastids]

RE: Or maybe
By PrezWeezy on 4/21/2011 1:35:22 PM , Rating: 2
They secure ports (airports, cargo ports, shipping lanes etc.) and are supposed to be helping the other three work together. The FBI is not really an "intelligence" agency the way the others are. They are an investigation agency, if you've ever watch Criminal Minds they are FBI. There is some overlap between them, but they do each have specific jobs.

RE: Or maybe
By JediJeb on 4/21/2011 6:08:43 PM , Rating: 2
Actually shouldn't that be ICE's job? Since they are supposed to cover customs enforcement.

Seems DHS has turned into a coverall bureaucracy that is supposed to help all the agencies interrelate yet usually just becomes another layer of red tape to muddle up everything.

RE: Or maybe
By PrezWeezy on 4/21/2011 7:11:02 PM , Rating: 2
ICE is actually part of the DHS. They are an overarching agency that is kind of a coverall. But their specific purpose is securing the boarders and ports and all other agencies which do, or formerly did, that job are now under the direction of DHS.

RE: Or maybe
By White Widow on 4/21/2011 8:59:13 PM , Rating: 2
Although DHS (ICE, CBP, FEMA, TSA, etc.) does many things, only the DHS Office of Intelligence and Analysis (I&A) is part of the Intelligence Community IC). It is very small compared to CIA, DIA, NSA, etc. and its role is NOT to get other members of the IC to work together.

Rather, its role is to act as a conduit between these national intelligence agencies and state and local intelligence customers (mostly law enforcement and state leadership). Its mission is to advocate within the IC for state and local intelligence needs, and to provide intelligence support to both state and locals and the Secretary. I&A is deeply involved in promoting state and local fusion centers and efforts like the Nationwide Suspicious Activity Reporting Initiative (NSI).

RE: Or maybe
By Misty Dingos on 4/21/2011 12:11:45 PM , Rating: 2
And don't forget the NRO. National Reconnaissance Office. The guys that like to get pictures of your girlfriend topless on the beach.

Stop scoffing. They are American's and you know you would do it too.

RE: Or maybe
By Azethoth on 4/22/2011 2:09:39 AM , Rating: 2
Yeah, I saw that on an NCIS episode. Speaking of which, where does NCIS fall into this? Under DIA?

RE: Or maybe
By Galcobar on 4/22/2011 8:41:19 AM , Rating: 2
As I understand it, NCIS's intelligence role is related to force protection, preventing attacks directly and by counter-espionage, of naval personnel, equipment and data.

NCIS was formed out of the Office of Naval Intelligence, which is a sister agency to the Defense Intelligence Agency. Both ONI and DIA report to the DoD and through the DoD to the Director of National Intelligence.

"We can't expect users to use common sense. That would eliminate the need for all sorts of legislation, committees, oversight and lawyers." -- Christopher Jennings

Copyright 2016 DailyTech LLC. - RSS Feed | Advertise | About Us | Ethics | FAQ | Terms, Conditions & Privacy Information | Kristopher Kubicki