The failed attack on a U.S. airliner on December 25, 2009 prompted U.S. President Barack Obama to focus on the state of collaboration between U.S. intelligence and security agencies. President Obama stated, “The bottom line is this: the U.S. government had sufficient information to have uncovered this plot and potentially disrupt the Christmas Day attack. But our intelligence community failed to connect those dots, which would have placed the suspect on the no-fly list. In other words, this was not a failure to collect intelligence, it was a failure to integrate and understand the intelligence that we already had.”
The President’s ire has led to focus on an initiative by the Office of the Director of National Intelligence (ODNI) to create a “common trust environment” for collaboration and sharing of information within the U.S. intelligence community.
In the words of Director J.M. McConnell, “The information sharing strategy is focused on developing a ‘responsibility to provide’ culture in which we unlock intelligence data from a fragmented information technology infrastructure spanning multiple intelligence agencies and make it readily discoverable and accessible from the earliest point at which an analyst can add value. “
“This new information sharing model will rely on attribute-based access and tagged data with security built-in to create a trusted environment for collaboration among intelligence professionals to share their expertise and knowledge.”
Shift to role and policy-based network security
The foundation of this initiative is a shift from traditional firewall and identity-based security to role-based policy management of the network. Policy-based security can, on the fly, adjust security measures to allow the right users – to have the right access – to the right information – from the right place – at the right time.
We find policy-based security controls in Network Access Control solutions and flow-based network switches which give security managers granular control of the network. You can manage who has access to specific databases, at what time of day, from which location, from what department, what functional (role) responsibility and even from what type of device.
In a dynamic environment such as that found in government intelligence agencies, it is policy-based security that will enable true collaboration amongst disparate parties dealing with sensitive information.
Now intelligence analysts will be better able to “connect the dots” and go beyond the boundaries of traditional culture that led to silos that inhibited information sharing. These organizations had established their own security classification rules and procedures, resulting in inconsistent use and understanding of security markings.
ODNI’s goals statement summarizes this concept:
- Define a uniform identity structure and uniform attributes to enable identity management, develop uniform standards and guidance for identity management, and support decentralized, agency-specific implementation
- Establish identity management standards for authentication, authorization, auditing, and cross-domain services
- Develop information security policies to support logical and physical data protection efforts
- Create a common classification guide for the Intelligence Community
- Establish a risk management approach that supports the common trust and information environment while still protecting sources and methods as well as sensitive information from disclosure
Organizations struggling with collaboration and the free flow of information across geographic boundaries, multiple trading partners and distributed business units may find an answer in role and policy-based network access solutions. If it works for the CIA, FBI and DHS it may just work for you.