Upload
others
View
5
Download
0
Embed Size (px)
Citation preview
Technology VectorsInsights and expertise in emergingtechnology topics most relevant to
Federal technology leaders
Version 2.0An offering by the AFCEA International Technology Committee
Vectors Concept and BackgroundConcept of the Vectors InitiativeLeverage the expertise and relationships of Technology Committee members to provide value to Federal IT leaders, AFCEA conference organizers, and member firms, by:● Identifying the most relevant emerging technology topics● Capturing key concepts for each topic in a concise knowledge base● Identifying points of contacts (committee or external) for each topic
Mechanisms● Maintain a list of technology vectors, related sub-topics, and subject matter
experts in a private master sheet● Maintain a public version of distribution-ready material for use to present the
vectors information
Current Technology Vectors● Cloud Computing● Smart/Advanced Manufacturing● Big Data Analytics● Advanced Cyber Security● Quantum Computing● Mobility/Wireless
NOTE: This is a “living” document that will be updated annually at a minimum by the Technology Committee. The main Vectors as well as the material presented within each may be updated at any time.
Cloud Computing
Sub-Elements:● Deployment & Service models● Decision considerations for adopting cloud● Best practices for deploying to cloud● Security/FedRAMP● Emerging cloud capabilities
Implications (Drivers):● Cost Savings & flexibility● Federal directives● Cloud features● Divestiture of non-core activities
Description (Vector/Trend):The growing availability of usage-priced, shared computing and services
Open Questions:● Is there a common understanding of cloud?● Will IaaS become an oligarchy?● Is there a role for small business?● Is Private Cloud viable?● Will Fed-unique concerns affect adoption?● Will future Internet be walled gardens?
AFCEA Technology Committee Lead(s) – Al Mink
Cloud ComputingDecision Considerations for Adopting Cloud
Insights:• Former Federal CIO published a set of decision factors• Most actual decisions have involved:
• Trade-off between benefits and cost• Assessment of security & other Fed-unique constraints
• Actual Cloud migration decisions indicate cost savings is oftennot the most significant factor
• Low-hanging fruit has been:• IaaS – For agency-unique applications• PaaS – For development and testing• SaaS – for common back-office applications (e.g. email)
Elaboration (Why this matters):Analysis of Federal experience with Cloud adoption provides insights into the factors a Federal leader should consider about making a move to Cloud
AFCEA Technology Committee Lead(s) – Al Mink
Additive Manufacturing
Relevant Subtopics:● Standards and Testing● Certification re Airworthiness● Robustness and Integrity● 3D Printers and In-line QC/PC● Cyber Threat to Supply Chain
Drivers:● Just-In-Time Production● Manages obsolescence● Potential for Unique & Novel Parts● Value Based Economics
Description:Any manufacturing process capable of making 3D objects from a digital model, or creating controlled 3D features into an existing object, typically layer by layer, or point by point.
Open Questions:● GE Leap Engine: where next for DOD?● Business Model – suitable for low rate
production and complex parts in the main?● Hybrid parts – Mixed metals and Ceramics?● Opportunities for Embedded Sensors results in
active parts?
AFCEA Technology Committee Lead(s) – Vicki A. Barbur
Additive ManufacturingSystem Resilience
Insights:•Cyber Reports•Threat Reports and Assessments•Foreign Collection Methodologies•Suspicious Contact Reports•Insider Threat Assessments•NISPOM related reporting(National Industrial Security Program Operating Manual)
Elaboration (Why this matters):Threats and Counterintelligence information can be used to determine what means are most effective to protect the system from intrusionPrerequisite throughout the lifecycle of a process and adapts with time
AFCEA Technology Committee Lead(s) – Vicki A. Barbur
Additive ManufacturingLegacy Processes
Insights:● Air Gaps currently provide a means to isolate Enterprise
from Operational floor will be eliminated in time,● Remote and other external connectivity necessary to
support utilization and throughput opens up threats to internal process,
● Attack vectors are documented in NDIA’s CFAM efforts● Breach Closure approaches are being researched for
deployment to prevent attacks
Elaboration (Why this matters):Smart Digital Manufacturing needs to be integrated across the enterprise and the operational base – so product, production line, and business are linked to maximize the flow and the reuse of data throughout the entire enterprise.
AFCEA Technology Committee Lead(s) – Vicki A. Barbur
Additive ManufacturingDigital Thread
Insights:● Prevent compromise and loss of critical information
○ Anti-tamper and Exportability features● Deploy key protection measures
○ Software/Hardware/Trusted Systems● Prevent Adversary Collection
○ Classification/Export Controls/Information Security
Elaboration (Why this matters):Capabilities that contribute to the warfighter’s technological advantage maybe compromised and copied reducing the supremacy. Information about mission critical functions and components can be lost.
AFCEA Technology Committee Lead(s) – Vicki A. Barbur
Additive ManufacturingSupply Chain Integrity
Insights:● NIST Cyber Infrastructure Standards in development● NDIA’s Cyber Security for AM Identifying gaps for closure● Insider Threats are often greatest● Small-to-Medium Manufacturers are most at risk● Loss of and/or manipulated design templates● Contaminated Materials impact performance● Enterprise Suite to Operational Floor is a legacy gap to close● AM advanced before implications fully understood
Elaboration (Why this matters):Vulnerabilities have been exposed for a fully digitized supply chainAuthenticity, Performance, Dimensions, Quality of partsConcern re several points for breach and loss of integrity
AFCEA Technology Committee Lead(s) – Vicki A. Barbur
Additive ManufacturingCounterfeits/Authenticity
Insights:● Wrong part, wrong material, wrong dimensions….● Ineffective part, substandard materials, misaligned fit....● Reliability, integrity, and robustness compromised....● Failure to perform, failure for mission......● Challenge to economics – lower cost/lower
performance
Elaboration (Why this matters):With counterfeits and lack of authenticity, quality and performance can be compromised along with safety. In addition, lack of a trusted supply can lead to other embedded malware and active features detrimental to the mission at hand.
AFCEA Technology Committee Lead(s) – Vicki A. Barbur
Additive ManufacturingMeasurement Standards
Elaborate on the problem (why this matters):Edward Morris, Director, America Makes said: “Additive manufacturing needs to have an appropriate body of standards so that engineers can do their designs using materials with properties that the standards community has embraced.” The reasons are to:
AFCEA Technology Committee Lead(s) – Vicki A. Barbur
• Allow manufacturers to better compare and contrast performance of different processes• Improve purchaser/supplier relationship by specifying parts requirements accurately• Provide support for new adopters to appropriately use and implement AM technologies• Enable researchers and process developers to provide repeatable results that can be
independently verified
Additive ManufacturingMeasurement Standards
Insights:• ASTM’s Committee F42 partnered with organizations to promote
cohesive, broad adoption of additive manufacturing through standards• 11 international standards covering several industry areas exist; more in
progress, focused on mechanical properties, inter-laboratory collaboration, enhanced 3D printing etc.
AFCEA Technology Committee Lead(s) – Vicki A. Barbur
• Standards available: – F2915 Standard Specification for Additive Manufacturing File Format (AMF)– F2924 Standard Specification for Additive Manufacturing Titanium-6 Aluminum-4 Vanadium with Powder Bed
Fusion– F2971 Standard Practice for Reporting Data for Test Specimens Prepared by Additive Manufacturing– F3049 Standard Guide for Characterizing Properties of Metal Powders Used for Additive Manufacturing– F3091 Standard Specification for Powder Bed Fusion of Plastic Materials– F3122 Standard Guide for Evaluating Mechanical Properties of Metal Materials Made via Additive Manufacturing
Processes
Additive Manufacturing Airworthiness Demonstration
Elaborate on the Problem (why this matters) : Additive Manufacturing (AM) uses digital 3-D design data to build components in layers. Provides a unique & different process. Up until this point, due to validation only possible with traditional processes & an airworthy parts certification for numerous flight hours, outputs of such a process had only been used as a prototyping tool, e.g., for the printing of non-flight critical parts & tools.
Insights: ● Osprey’s titanium, 3-D printed link & fitting assembly for engine nacelle printed at Naval Air
Warfare Center Aircraft Division, Lakehurst, NJ, ● Link & fitting assembly is one of four that secure a V-22’s engine nacelle to primary wing
structure; flight performed using standard V-22 flight performance envelope, ● Prior to flight, multiple V-22 components built by Lakehurst & Penn State ARL were validated at
Patuxent River,● Flight on July 29th 2016 represents the Naval Air Systems Command (NAVAIR) first successful
‘flight’ demonstration of a flight critical aircraft component built using additive manufacturing (AM) techniques, and
● Opportunities exist to revolutionize how aircraft are repaired; provides know-how to develop & field new capabilities, and “AM is a game changer,” said Liz McMichael, AM Integrated Product Team lead.
AFCEA Technology Committee Lead(s) – Vicki A. Barbur
Additive ManufacturingResources/SME’s
SME’s:● Catherine Ortiz – Defined Business Solutions● Michael McGrath – McGrath Analytics● Kristin Baldwin – Acting Deputy Assistant Secretary, DASD(SE)● Vicki Barbur & Heather Moyer – NDIA’s CFAM Team
Resources:● NISPOM – National Industrial Security Program Operating Manual ● NIST (National Institute of Standards and Testing) - Framework for Improving Critical
Infrastructure Cybersecurity – continues to be in development● NDIA (National Defense Industrial Association) - Cyber Security for Advanced Manufacturing
- Identifying gap closure initiatives● Trust and verify is key to manufacturing cyber resilience – Glavach, D., (2015) SME● Locking down the factory Floor –Waurzyniak, P., (2015) SME
AFCEA Technology Committee Lead(s) – Vicki A. Barbur
● Brian Hughes – Office of the Assistant Secretary (DASD(SE)
● Dean L. Bartles – ASME/DMDII● John Gronto – AM, Northrup Grumman
Big Data Analytics
Relevant Subtopics:● Open Source: Apache Hadoop and NiFi● Single View of Data● Predictive Maintenance● Fraud Detection● Cyber Security
Description:Actionable intelligence captures perishable insights in real-time by analyzing data in motion.It means drilling into terabytes or petabytes of data at rest for historical insights.And, in turn, those historical insights help you tune your streaming analytics and data flows.Modern data applications live and breath at the intersect between those Connected Data Platforms and the data they manage.
Open Questions:● How does Open Source handle Security?● Where to Start?● How to Centrally Architect into Current
Environment?● How do you manage the Lifecycle of Data
including Provenance?
AFCEA Technology Committee Lead(s) – Vicki Huttar and Kaus Phaltankar
Apache Hadoop and Apache NiFiCyber and Insider Threats
Insights:• Threat detection latency reduced from 4 hours to 2 seconds• Time to protection improved 5000x • Machine learning over tens of petabytes of historical data predicts threats to customers• Cloud team uses Ambari and Cloudbreak for dynamic clusters to meet peak workloads
Elaboration (Why this matters):Provider of Largest Security Data lake required a new modern data architecture that could scale, and add clusters in minutes with governance and security to meet over 100 companies requirements across 157 countries
AFCEA Technology Committee Lead(s) – Vicki Huttar and Kaus Phaltankar
Advanced Cyber Security
Sub-Elements:● Component Verification Tools● Lightweight Encryption Modules● Micro-segmentation● Machine-to-Machine Security
Implications (Drivers):● Ever increasing sophistication of cyber threats● Need to “bake in” cybersecurity in new commercial products● Desire to drive down escalating costs of cybersecurity● Internet of Things (IOT) speed of deployment● Trust in autonomous cyber defense systems
Description (Vector/Trend):The evolving trends in cybersecurity technologies and services
Open Questions:● Hardware vs. virtual machine/network solutions?● Can we improve attribute in cyber incidents?● What is the ROI for hardening network defenses?● Can we truly control the cyber supply chain?● What is the role of artificail intelligence (AI) in
future contested cyberspace environments?
AFCEA Technology Committee Lead(s) – Dr. Gil Duvall
Advanced Cyber SecurityComponent Verification Tools
Sub-Elements:● Component marking & testing● CPU positive identification● Invisible OR codes● Digital signing with PKI
Implications (Drivers):● Reduce the spread of malware● Mitigate cyber espionage susceptibility● Cost Savings by eliminating substandard components● Increased performance and reduced failure rates
Description (Vector/Trend):Counterfeit hardware, software & firmware threaten the cyber supply chain
Open Questions:● Do policies require verification of manufacturers
throughout the system lifecycle?● Do acquisition programs contain a “program
protection plan?”● Is a monitoring program in place to determine
real-time use of safe components in assembly?
AFCEA Technology Committee Lead(s) – Dr. Gil Duvall
Advanced Cyber SecurityLightweight Encryption Modules
Sub-Elements:● "Simon & Speck” publicly accessible
lightweight encryption algorithm from NSA● ISO 29192 lightweight encryption standard ● RFID, SCADA, WiFi sensors, Implantable
medical devices, cyber supply chain tracking
Implications (Drivers):● IoT devices (sensors, actuators, CPUs) use is
increasing at a faster rate in critical infrastructure● Small size, short battery life, low computational
capability prevents use of normal encryption methods for protecting data
Description (Vector/Trend):IoT devices lack self-protection features against cyber attack
Open Questions:● AES maturity and performance vs. lightweight
encryption acceptance?● Adoption of lightweight encryption by IoT
manufactures as an industry standard?● When and where to use lightweight encryption?● Hardware vs. software encryption?
AFCEA Technology Committee Lead(s) – Dr. Gil Duvall
Graphic Source NSA
Advanced Cyber SecurityMicro-segmentation
Sub-Elements:● Use of stealth technology to prevent
unauthorized users from seeing network endpoint nodes which process, store, and transmit large databases.
● Prevent malware insertion on console machines that create backdoors
Implications (Drivers):● Cost Savings & flexibility● Federal regulations to protect sensitive information● Cloud features● Divestiture of non-core activities
Description (Vector/Trend):Data center breaches continue to expose large data sets to exfiltration
Open Questions:● The future of software designed data centers?● How to use of micro-segmentation in
conjunction with traditional hardware firewalls?● Is it scaleable?● ROI of micro-segmentation adoption?
AFCEA Technology Committee Lead(s) – Dr. Gil Duvall
Graphic Source ARL
Advanced Cyber SecurityMachine-to-Machine Security
Sub-Elements:● Artificial intelligence (AI)● Machine to machine communications● Machine learning in contested environments● Heuristic algorithms● Predictive analytics to identify abnormal
network behavior● DevOps
Open Questions:● How to balance the risk and cost of “false
negatives” vs. “false positives?”● How to keep machine learning knowledge from
decaying over time?● When should AI be trusted over heuristics?● Is sufficient attack history data available to
support autonomous cyber defense systems?
Description (Vector/Trend):Ransomware use against high-stake enterprise networks is increasing
AFCEA Technology Committee Lead(s) – Dr. Gil Duvall
Implications (Drivers):● Ransomware spreads faster that current security
technologies can detect or prevent● Malware signature based defenses are time-late● Loss or confidentiality (due to data exfiltration) or
availability (due to malicious encryption)
Graphic Source DARPA
Quantum Computing
Implications (Drivers):● Speed, speed and more speed
○ Compute instantaneously○ Do everything faster than before○ Faster R&D results/analytics○ Improved forecasting (eg: weather)○ Automated real-time systems and
operational optimization○ Tackle problem sets that are not even
able to be attempted with today's computing capabilities
Description (Vector/Trend):Theoretical computation systems that make direct use of quantum mechanics physics phenomena to perform operations on data.
Open Questions:● Cryptographic concerns● Affordability ● Quantum decoherence● Physical scalability● Intellectual property and standards
AFCEA Technology Committee Lead(s) – David E. Meadows
Emerging Technologies – Mobile/Wireless
Sub-Elements:● Policy & Approval - Evaluation through implementation of new
mobile/wireless technologies, acquisition, regulations and standards● Infrastructure –Enterprise Mobile Management, Devices, App Store, Wi-Fi,
Security, Cloud, Architecture, Carrier network, Spectrum● Applications – Development Framework, Component Sharing,
Vetting/Approval, Deployment, Updating, Acquisition● Business Case – Return On Investment, Mobilized Workforce, Telework,
Human Machine Interface, Automation process● Future – Internet of things, Li-Fi, Ubiquitous coverage, Intelligent Vehicles,
5G, geospatial, Virtual reality, Situation Awareness, Personalization, Wearables
Description (Vector/Trend):Mobile Technology trends to allow employees to work outside a fixed location by using wireless untethered technology to optimize human and technical resources anywhere at anytime.
Open Questions:➢ Governance➢ Availability real-time of enterprise
support systems➢ Knowledge sharing and
collaboration➢ User experience and adoption➢ Productivity and Efficiency➢ Security and Automation
AFCEA Technology Committee Lead – Anitha Raj/Cecilia Phan
Implications (Drivers): ● Innovations in Mobile Devices, Mobile Apps, Social Networks, Cloud Computing,
Security, Cost, Global coverage and High-speed bandwidth, reciprocity, and Governance
AFCEA Technology Committee Lead – Anitha Raj/Cecilia Phan
Mobility Business
Mobile/Wireless Strategy & Trends
•Security & Threat manageability•Application development and management
•Convergence of Technologies/devices
•Technology infrastructure•Governance •Mobile User experience
AFCEA Technology Committee Lead – Anitha Raj/Cecilia Phan
Technology
AFCEA Technology Committee Lead – Anitha Raj/Cecilia Phan
Mobile/WirelessInfrastructure
Insights:• Mobile Devices operate primarily on commercial wireless infrastructures• Multiple hardware platforms, mobile operating systems, mobile management systems and carriers must
all be synchronized to provide a reasonable user experience • Applications beyond web browsing and email require, not only competent and secure application
development and vetting environments, but also new and sophisticated application deployment strategies and facilities
• Mobile COTS solutions provide significant cost leverage to the DoD, but inherently lack robust unique security requirements to support tactical and classified environments
• Enterprise Wi-Fi is not widely adopted across DoD components limiting the value of inexpensive non-LTE devices.
Elaboration (Why this matters):The unique nature of mobile technology and use cases require a re-thinking of traditional IT implementation and management
AFCEA Technology Committee Lead – Anitha Raj/Cecilia Phan
Near Term (NT): Fragmented and non-strategicMid Term (MT): More sophisticated reliability and performance architecturesLong Term (LT): Fully integrated with IT assets/processes
Mobile/WirelessEnterprise Services
Insights:• Enhance existing enterprise applications and authoritative data
sources for use on mobile devices• Establish criteria, selection, and implementation of enterprise
applications and data sources for mobile deployment• Develop all new enterprise applications and data sources with a
mobile extensions• App rationalization in progress to determine and prioritize all
enterprise software
Elaboration (Why this matters):Improve user experiences of enterprise services on mobile devices. Enterprise software, VPN, UC, and authoritative data sources must be mobile-enabled to provide ubiquitous access to data anytime from anywhere and at all classification levels.
NT: Data standards, Responsive designMT: Mobile-enable enterprise software and
authoritative data sourcesLT: Mobile First
AFCEA Technology Committee Lead – Anitha Raj/Cecilia Phan
Mobility Conceptual Architecture Model
AFCEA Technology Committee Lead – Anitha Raj/Cecilia Phan
Mobile/WirelessMobile Devices
Insights:• Dependence on industry for commercial
solutions• Compliance to NIAP and NIST for security
certifications• New peripherals continue to provide new
capabilities (e.g., IoT) for connectivity• Integration with cloud for access to information
at anytime from anyplace using any device at all classification levels
Elaboration (Why this matters):Mobile Devices continue to evolve offering new capabilities, services, battery technology, and form factors. Interoperability, connectivity, and usability are key factors to information sharing at all classification levels.
NT: Transition from BB to iOS and AndroidMT: Deploy classified solutionsLT: Develop multi-layered security solution
leveraging virtualization
AFCEA Technology Committee Lead – Anitha Raj/Cecilia Phan
Mobile/WirelessPublic Key Infrastructure (PKI) Credentials
Insights:• NIST 800-63-3 (in draft)• Authentication standards are maturing (e.g.,
Simple Certificate Enrollment Protocol (SCEP), Enrollment over Secure Transport (EST))
• Integration challenges for CAs, OSs, MDMs, 3rd-party apps, and enterprise services
• DoD Purebred pilot for iOS, IOC Oct 2016
Elaboration (Why this matters):Smart cards are cumbersome and expensive on mobile devices. PKI ecosystems must transition to hardware-backed software certificates, per NSA guidance.
NT: Mobile Security CredentialsMT: 3rd-party PKI servicesLT: Automated provisioning
Derived
AFCEA Technology Committee Lead – Anitha Raj/Cecilia Phan
Mobile/WirelessMobile Isolation & Device Integrity
Insights:• Mobile platforms utilize various mobile isolation and device integrity
techniques, including app isolation• Apple and Blackberry use secure elements (SE)• Android uses ARM TrustZone• Windows tablets and PCs use trusted platform modules (TPM)• Trusted Execution Environments (TEE) establish isolated object-oriented
computing environments on demand• TEE Protection Profile v1.2 was published by Common Criteria in Nov
2014, but few vendors have been validated• NSA continues to work with industry to establish HRoTs
Elaboration (Why this matters):Hardware Roots of Trust (HRoT) are the foundation for security of mobile firmware, operating systems, IdAM, apps, and services
NT: App isolation, Secure containersMT: SEs, TPMsLT: TEEs
AFCEA Technology Committee Lead – Anitha Raj/Cecilia Phan
Mobile/WirelessCloud Integration
Insights:• The rapid pace of technology causes mobility infrastructure
and services to be specialized and segmented from enterprise network and cloud infrastructure
• Enterprise network and cloud systems are beginning to integrate mobility capabilities
• Data center, network, and security infrastructure consolidation in progress
• DoD Cloud Security Requirements are outlined in the Cloud SRG for the CSP’s
Elaboration (Why this matters):Enterprise network and cloud infrastructure and services must mature to integrate mobility capabilities to avoid duplicative, dedicated mobility infrastructure and services
NT: Separate mobility infrastructure and services
MT: Integrated infrastructure and security services
LT: Mature integration
AFCEA Technology Committee Lead – Anitha Raj/Cecilia Phan
Mobile/WirelessEnterprise Mobility Management (EMM)
Insights:• Streamlined onboarding process (e.g., Apple DEP and VPP)• Security policy enforcement • Tiered administrative management (e.g., Tier 0 provisioning, PIN
resets)• Role-based access (e.g., personal, business)• Shared devices (e.g., logistics, maintenance)• Rapid mobile operating system updates• App distribution• Cloud-based MDM• Network Management integration
Elaboration (Why this matters):Enterprise Mobility Management (EMM) is mature, but some scaling challenges remain. Business processes that support mobility services add overhead and cause delays.
NT: Scaling challengesMT: Incremental improvementsLT: Agile and flexible EMM
AFCEA Technology Committee Lead – Anitha Raj/Cecilia Phan
Mobile/WirelessApplications
Insights:• Many mobile application-related processes are immature or non-existent in the DoD • Due to the complexity of mobile application development and deployment, these functions are ripe for
standardization, thereby, eliminating a continual “recreation of the wheel” across the DoD• Creative utilization of web services as a “concentration” mechanism addresses many security and data
access issues allowing for a faster delivery of mobile data access, but sub-optimizes the user experience• DoD is developing security standards for the evaluation of mobile applications• Application ROI and priority work must be done to target high value solutions for real mission opportunities
Elaboration (Why this matters):The justifiable promise of mobility dictates that the DoD move aggressively beyond email and generic web browsing
AFCEA Technology Committee Lead – Anitha Raj/Cecilia Phan
NT: Standardize Application vetting process across agencies for quicker deploymentMT: COTS and Vendor-driven application developmentLT: Government-driven application development
Mobile/WirelessWireless Connectivity
Insights:• Today, connectivity challenges still remain. Users must log off one
network and log onto another once in range (i.e., hard handoff).• Wi-Fi Alliance Passpoint standards were published in 2012 and
are deployed by all 4 major wireless carriers, Wi-Fi aggregators, and cable TV networks to enable Wi-Fi Calling (i.e., soft handoff)
• Passpoint relies on WPA2 security standards and adds authentication pass-through to external service providers (e.g., government networks and PKI)
• Automated connectivity and aggregation of and cooperative multipoint among multiple wireless networks offer new performance levels
Elaboration (Why this matters):Industry standards exist for seamless interconnecting between cellular and Wi-Fi networks, but they need to be matured for government enterprises
NT: Hard handoffs (Break and remake)
MT: Soft handoffs (Make before break), Wi-Fi Calling
LT: Seamless roaming (Aggregation, Cooperative Multipoint)
AFCEA Technology Committee Lead – Anitha Raj/Cecilia Phan
Mobile/WirelessMobile Application Store
Insights:• Segmented by OS, COTS/GOTS, web/native/hybrid/widget• Duplicative infrastructure and overhead• Lost economies of scale• Disparate management policies and services• Dual-hatted VIPs must carry multiple devices• DoD CIO and NGA have executed an MOU for a 2-year pilot
with the NGA MAS to serve as the DoD MAS for GOTS apps• Pilot used to investigate feasibility of unified MAS
Elaboration (Why this matters):As each department and agency acquired its own MDM, each has its own MAS.
NT: Agency MASs integrated with MDMMT: Agency MASs independent from MDMLT: Federated MAS independent from MDM
AFCEA Technology Committee Lead – Anitha Raj/Cecilia Phan
Process
AFCEA Technology Committee Lead – Anitha Raj/Cecilia Phan
Mobile/WirelessPolicy & Approval
Insights:• Without a legacy approval roadmap to follow, the uncertainty of what approvals are needed
and who should provide the approval, impacts agility in “mobilizing” the DoD • Approval process are not lengthened to use commercial transport(LTE or wi-fi), NSA policy
is unchanged requiring dual tunnel VPN to ride commercial transport access, new evaluation standards adopted to streamline their evaluation an approval (e.g., NIAP)
• Mobile technology and security standards compliance with unique requirements are issues and need to be incorporated with standards release of COTS apps and devices.
Elaboration (Why this matters):As with any new technology deployed in the DoD, Policy & Approval significantly impacts which mobile technologies are evaluated and the pace in which they are tested and implemented
AFCEA Technology Committee Lead – Anitha Raj/Cecilia Phan
NT: NIAP PPs, DISA SRGs/STIGsMT: Creation of a more flexible framework for Mobile Policy LT: Synchronize Mobility as just another IT technology regarding Policy
Mobile/WirelesStreamlined Approval Processes
Insights:• DoD requires NIAP, DISA SRGs/STIGs, JITC, UCAPL, and FedRAMP
certifications and CSfC approvals• NSA engaging industry and standards committee to participate in Technical
Committees• Varying degrees of maturity by product type:
Elaboration (Why this matters):Security approvals are complex, take too long, and cost too much
o Certificate Authoritieso Mobile Deviceso MDM, MDM Agento App Softwareo File Encryption, Full
Disk Encryptiono Web Browsero Email Cliento
NT: NIAP PPs, DISA SRGs/STIGsMT: NIAP PPs, DoD AnnexesLT: NIAP PPs
AFCEA Technology Committee Lead – Anitha Raj/Cecilia Phan
o VoIP Systems, Clientso Virtualizationo VPN Servers, Clientso WLAN Access Systems,
Clients, WIDS/WIPSo Authentication Serverso Firewallso Network IDS/IPSo
Mobile/WirelessBusiness Case
Insights:• Although the mobile cost justification for the military is fundamentally different than the commercial
world, there are some “lessons learned” that can reduce the ROI effort on the DoD • A high level, but comprehensive mobile business case analysis will identify those cost areas within
the DoD’s mobile implementation that have to be addressed to allow the benefits of mobility to justifiable to more DoD applications/use cases
• The business case work for mobility can become a model for the DoD’s analysis for deploying virtually all future non-weapon systems new technologies
Elaboration (Why this matters):Overall foundation work needs to be done around the business case for the mobilization of the DoD workforce in order to reduce the burden on mission owners looking to justify mobile expenditures and realize a ‘mobile first’ vision
AFCEA Technology Committee Lead – Anitha Raj/Cecilia Phan
NT: Reliance on non-cost based justification
MT: Balance of mission and cost justification
LT: “Commercial” model for personnel productivity
Mobile/WirelessApp Vetting
Insights:• The tremendous volume of apps are causing backlogs and forcing many
departments and agencies to skip vetting• Vetting tool reports require manual inspection• The Federal CIO’s Mobile Technology Tiger Team (MTTT) is establishing
Federal app vetting criteria and processes• Reciprocity agreements are in process• Basic research is needed to develop automated vetting tools• DoD CIO is establishing baseline security requirements for the security
evaluation of applications for use in the DoD• https://www.niap-ccevs.org/pp/pp_app_v1.2_table-reqs.htm
Elaboration (Why this matters):Each department and agency has different app vetting criteria, processes, and tools, adding community risk
NT: Disparate criteria, processes, tools
MT: Reciprocity agreements, Federal criteria and processes
LT: Automated vetting
AFCEA Technology Committee Lead – Anitha Raj/Cecilia Phan
Mobile/WirlessClassified Wireless Devices
Insights:• CSfC capability packages (CP) specify Unclassified, Secret, or
Top Secret wireless solutions• CSfC CPs will soon specify multi-domain wireless solutions with
a common Gray network and multiple security levels (MSL)• The Intelligence Community (IC) is investigating alternatives and
TTPs to improve interoperability and reduce costs• TEMPEST criteria specifies minimum RF separation distances,
but needs to be refined with RF signal levels• CSfC CPs will transition to multi-tenant wireless solutions with
multiple levels of security (MLS) on a single device
Elaboration (Why this matters):With proliferation of unclassified mobility solutions, there is increasing interest in using devices within classified spaces to improve productivity
NT: Unclassified, Secret, or TS; IC Study
MT: TEMPEST criteria, TTPs, Multi-domain and MSL CPs
LT: Multi-tenant and MLS CPs
AFCEA Technology Committee Lead – Anitha Raj/Cecilia Phan
Mobile/WirelessMobile Content Management (MCM)
Insights:• Few MCM services are in process for FedRAMP certifications at
security impact level 4/5 (FOUO/CUI)• DoD Cloud security requirements are outlined in the Cloud SRG• Knowledge management issues when multiple content
repositories are deployed (e.g., network drives, SharePoint, MCM)
• Navy and AF/DLA are piloting Level 5 Microsoft Office365
Elaboration (Why this matters):Users need to seamlessly and securely access government information on mobile devices
NT: Level 2/4 SaaSMT: Level 5 SaaSLT: Domain integration
AFCEA Technology Committee Lead – Anitha Raj/Cecilia Phan
People
AFCEA Technology Committee Lead – Anitha Raj/Cecilia Phan
Mobile/WirelessTactical/Mission Use
Insights:• Mobile devices need to withstand harsh Disconnected, Intermittent, and
Low-bandwidth (DIL) operational environments and meet Electromagnetic Environmental Effects (E3) requirements under congested and contested conditions
• AF deployed about 38K tablets for flight information, logistics, and maintenance• Army and USMC have deployed mobile devices tethered to tactical radios• Army WIN-T awarded Command Post Wi-Fi in Jan 2016• Navy is conducting afloat pilots• LTE and Wi-Fi standards must refine interference mitigation techniques to
address tactical DIL and E3 requirements
Elaboration (Why this matters):As technology improves, mobile devices increasingly become powerful tactical tools that empower the warfighter and deliver unified communications
NT: Tethered to tactical radios, Tactical LTE and Wi-Fi
MT: Command Post Wi-FiLT: LTE to Wi-Fi calls handover, Mesh
configuration with D2D communications
AFCEA Technology Committee Lead – Anitha Raj/Cecilia Phan
Mobile/WirelessContinuous Monitoring
Insights:• The rapid pace of technology causes mobility infrastructure and services
to be specialized and segmented from enterprise network infrastructure• Conventional anti-virus and personal firewalls are not deployed on mobile
devices• Separate filtering for mobility solutions is implemented• Deep packet inspection and integration with Network Management
systems is in process• Behavioral analysis is needed to identify zero-day and insider threat
vulnerabilities
Elaboration (Why this matters):Mobility infrastructure continues to mature to mitigate vulnerabilities and allow deeper monitoring and inspection of work traffic
NT: FilteringMT: Deep packet inspection,
Network Management integration
LT: Behavior analysis
AFCEA Technology Committee Lead – Anitha Raj/Cecilia Phan
Mobility - Industry• Government• Defense• Transportation• Health• Manufacturing/Retail• Education• Finance• Energy• Hospitality
AFCEA Technology Committee Lead – Anitha Raj/Cecilia Phan
Mobile/WirelessFuture
Insights:• Mobile technology challenges are just beginning and will get more sophisticated as the numbers of
manned and un-manned mobile devices dramatically increases• The value of mobile technology will increase for the DoD if it is prepared to embrace a more ubiquitous
implementation of “smart” devices• Risk assessment and justification will be the biggest challenge in leveraging new mobile and IOT
technologies• New genres of technology will move far beyond mobilization of current applications and processes to
allow for totally new approaches to mission organization and workflow
Elaboration (Why this matters):As with almost all technologies before it, mobility and the mobile infrastructure will move and morph from human interactive to being predominantly machine to machine and autonomous
AFCEA Technology Committee Lead – Anitha Raj/Cecilia Phan
NT: Extensive Wi-Fi deploymentsMT: Convergence of Technology, Internet of Things, Device2Device , DesktopLT: Sophisticated mobile fabric and workflow models
Need Additional Information?
If you have additional questions or inputs regardingthis material please send an email to:
To learn more about the AFCEA Technology Committeeand it’s mission please visit:
http://www.afcea.org/site/?q=Technology-committee