The U.S. National
Security Agency (NSA) is one of America's numerous intelligence
agencies, which operates under the command of the Director of National
Intelligence. The NSA is tasked with intercepting
and analyzing foreign signals and safeguarding
the government's networks, including the military's secure networks.
Given that its duties significantly overlap with other U.S. intelligence
organizations like the Central Intelligence Agency (CIA)
Bureau of Investigations (FBI), the NSA is keenly interested in
developing a better framework to share information with these peers.
I. New Data Centers
The agency is currently working on replacing three cryptologic (signal
deciphering) centers in Texas, Georgia, and Hawaii. These legacy
stations contain computer equipment dating back to the 1980s. With the
construction of three new centers underway, NSA Chief Information Officer Lonny
Anderson says his organization has a "once in a lifetime" to
institute a cutting edge new architecture, both in hardware and software.
One of the new centers will be a $1.5B USD
data center, located in Camp Williams, Utah. The data center will be
tasked with protecting government agencies' computer networks, including those
of civilian agencies.
At the new data centers, the agency plans to deploy secure wireless networks,
thin clients, and private clouds to streamline its operations. With the
thin clients, the NSA will run multiple security domains on a single server.
This should make it easier for its staff to secure the various domains.
In order to accomplish that optimization, though the NSA has to rewrite
some of its in-house apps that its staff uses.
In an interview with Information
Week, Mr. Anderson comments, "[The overhaul] gives you a chance to
look at all of your data centers and servers, identify those that are at end of
life, replace or get rid of them."
The NSA runs three private clouds. Two of the clouds -- a utility and a
storage cloud -- act as pooled resources for the staff. The third cloud
-- the data cloud -- sifts through the deluge of data intercepted by the
agency. It uses secured version of the open source software Apache
Hadoop and its MapReduce tool to analyze and
manage its data sets.
II. Mobile Devices
The NSA traditionally frowned upon employees using mobile devices. Now it
is embracing them.
It's giving employees laptops, something seldom seen in the Agency before.
And it's also giving them access to tablets and smartphones. The
NSA, the Army, and the Navy have joined together to work on a project called
Ozone. The project will create a common marketplace, called Ozone
marketplace, for smartphones and tablets. The project is working to
publish a software developer kit that will allow private contractors to develop
The NSA is not revealing what platform it is using. It seems likely that
it is running Ozone on some sort of Android distribution by Google Inc. (GOOG), as Apple Inc. (AAPL) does not allow
modification of its operating system or third-party app stores.
Mr. Anderson did say that the NSA would also try to accommodate a number of
less specialized, off-the-shelf consumer devices. He states, "We
can't keep pace with the Googles, and we're not going to out-Apple Apple. But
we need to take advantage of what they're doing, and make sure our workforce is
exposed to the same technologies."
III. Open Source?
Intelligence agencies like the NSA already use a great deal of open source code
for their data gathering. But the NSA is considering, in a surprising
twist, open sourcing some of its own code. The Agency
has been impressed by recent successes like the U.S. National
Aeronautics and Space Administration's (NASA) decision to open source
its Nebula cloud software and a similar effort by the U.S. White House's Office of
Management and Budget with its Web dashboard.
States Mr. Anderson, "I want to take advantage of developers not just
across the IC, but developers everywhere."
Under the current plan, critical parts of the code base would be wrapped in a
protective security wrapper, while non-critical code would be available to the
public for analysis.
IV. To the Cloud -- For Sharing
Obviously the Agency is very keen on using clouds to share information
internally. Now it wants to leverage this expertise to create clouds that
information across the entire U.S. Intelligence Community (IC).
The NSA, the National Reconnaissance Office, the National
Geospatial-Intelligence Agency, and the Defense Intelligence Agency are
working on a project called "the Quad", whose goal is to create a
common development environment. The crux of the project will be to
develop a secure "role-based identity management framework" for
interagency use. Developers at the various agencies must be trained in
how to use this framework.
A second project, Integrated Intelligence Pilot (I2P), will strengthen the
IC's preexisting Joint
Worldwide Intelligence Communications System -- an interagency network
used for sharing information. The new project looks to add additional
servers and software to allow agencies to share applications with each other.
It additionally looks to install a common database that can run inter-agency
States Mr. Anderson, "Instead of taking data from CIA-specific or
NSA-specific repositories, or FBI or DIA, you'll be able to query via the cloud
into those organizations and say, do you have information that meets this
question, and they'll be able to say, yes or no."
V. Cybersecurity -- The Big Problem
All these efforts sound great, but they face one glaring threat -- foreign
hackers. Increasingly hackers from Russia, China, and elsewhere have
targeted U.S. commercial and government networks in an effort to gain the upper
hand in the information war.
Putting data on interagency clouds and adopting mobile devices provides certain
inherent security risks, which take that much more work to counteract.
In his recent interview Mr. Anderson acknowledges this issue, to some extent,
stating, "There's a belief that if you discover information via [signals
intelligence], it's going to be accurate because people believe they're talking
securely. We now understand that may not be the case, so we've got to
make sure that our networks are secure and that someone's not trying to steal
our information, deceive us, or lead us down a wrong path."
The U.S. government has trouble
protecting its nation's critical public infrastructure like power,
gas, and water from foreign attacks, so it remains to be seen how well it can
secure its own information with this expansion of access and portability.
Needless to say that while the NSA has a huge opportunity for
improvement, it also faces a huge challenge securing these projects.