- The Washington Times - Thursday, January 29, 2009

New software being tested by U.S. Central Command would enable military computers for the first time ever to be connected at the same time to both classified and unclassified networks — including the public Internet.

Officials say the technology, if it proves secure, could save more than $200 million for CENTCOM and eliminate the need to use work-arounds like thumb drives to move data between networks containing different levels of classified information.

“It has been called the Holy Grail,” Elwood “Bud” Jones, a program manager for multinational information sharing at CENTCOM told United Press International.

Mr. Jones said CENTCOM was engaged in a piloting and testing process called a Joint Capabilities Technology Demonstration Project, code-named “One Box, One Wire,” or OB1, which would end after three years with the rollout of the software throughout CENTCOM.

Currently, the 14 different computer networks that CENTCOM uses in its operations have to be physically separate, said Michael Liacko, executive vice president for business strategy at Integrity Global Security, the company that makes the new software.

“The way they are separating different networks [with different levels of classified information] … is to literally have a physically separate connection, a separate wire and a separate computer,” Mr. Liacko said.

“We have many networks that we operate on,” Mr. Jones said, including U.S. networks at various levels of classification, secret, top-secret and so on, and separate networks for each of the coalitions that CENTCOM is part of in Iraq and Afghanistan.

“As result, you can have a lot of computers sitting around your desk, and it’s not very efficient for sharing information,” he said, adding, “A lot of users have two, three, four, even five computers sitting around their desk, and we have to use a switch box to switch from network to network, and we can’t use multiple networks at a single time.”

“OB1 allows us to reduce that infrastructure to one box, one wire; hence the name.”

Eliminating the requirement for physical separation will “give us the ability to reduce our desktop infrastructure,” Mr. Jones said. It “will be more efficient, it will save us money.”

“Instead of having four computers for a user, you only need one, you only need one wire,” he continued, “When we are deploying forward, it reduces our [air-]lift [requirements], it reduces our power requirements, it reduces our staff costs.”

Mr. Jones said a “back-of-the-envelope business case analysis” he developed showed that the new technology could save “potentially in excess of $230 million” over a three-year rollout period.

In addition to being expensive, Mr. Jones said, the requirement for physical separation was inefficient and encouraged the use of potentially dangerous work-arounds. Military officials would develop plans or information on the U.S.-only networks, “but if they want to share it [with foreign partners] … they have to use a thumb drive or flash drive to move it over to the coalition networks,” he said.

“Likewise, if information comes in on [one of] the coalition network* and they want to share it with people who don’t have access to those networks, they have to move it up to the classified network,” Mr. Jones said.

With access to multiple networks from a single box, “They can create information where it needs to be shared, rather than creating it someplace and then trying to move it.”

Last year, the U.S. military banned the use of removable media such as thumb drives and flash drives after a worm spread on such devices infected CENTCOM computers.

“Through a flash drive, a worm or a virus is introduced,” Mr. Liacko said, “and moving data physically like that opens up the door, and once the door is open, it can propagate, and the whole network can be compromised. Integrity stops that.”

Retired Air Force Gen. Eugene Habiger, a member of the company’s advisory board, put it more plainly. “Had this operating system been used within the systems [that were compromised by the worm] this would not have happened.”

The software, Mr. Liacko explained, creates “what we call security domains … in essence virtual machines or virtual servers … each one of them is impregnable.” Even viruses that operate at the very deepest level of the operating system cannot get around the new software, he said.

“We sit literally on the bare metal … on the microprocessor. What we create is a secure platform, and on top of that platform you can run Windows or Linux … inside of a securely separated domain, where … your top-secret or confidential corporate data … can be protected and cannot be accessed by an intruder [from any one of the other domains].”

Mr. Jones said the technology also would give military commanders “more flexibility in adding or deploying networks.”

“So instead of having to create a complete infrastructure, laying wire and buying more computers, we can create something at the desktop,” such as a temporary network for single operations, he said.

Gen. Habiger said the technology on which the new software is based has been certified by the National Security Agency.

“The fact that the NSA has given this certification to Integrity and its software after, as I understand it, a very intensive, exhaustive two-plus years of analysis … that speaks volumes for its reliability and security.”

“This operating system is revolutionary,” he said. “The technology is revolutionary.”

Copyright © 2018 The Washington Times, LLC. Click here for reprint permission.

The Washington Times Comment Policy

The Washington Times is switching its third-party commenting system from Disqus to Spot.IM. You will need to either create an account with Spot.im or if you wish to use your Disqus account look under the Conversation for the link "Have a Disqus Account?". Please read our Comment Policy before commenting.

 

Click to Read More and View Comments

Click to Hide