Whether it’s securing our border, monitoring our airspace and surrounding seas, or defending against ongoing threats, U.S. defense and homeland security agencies rely on information sharing to effectively protect and defend. Yet it’s often been difficult for the U.S. Department of Homeland Security (DHS) to share information with the Coast Guard, U.S. Customs and Border Patrol (CBP), and other organizations. Too often, the need to secure information makes sharing information an onerous and time-consuming task that gets in the way of the mission.
DHS and other agencies can take some cues from the Department of Defense’s (DoD) Mission Partner Environment (MPE) framework. The MPE calls for the effective and fast sharing of trustworthy and secure data. Even this initiative has some challenges, however:
- The type and volume of information being shared can vary significantly depending on the number of allies, the scope of the mission, and its objectives.
- The traditional network-centric approach to security – in which the periphery of the network is hardened against the attack – is both ineffective and cumbersome when it comes to sharing information among allies. Not all networks are compatible, and anytime the U.S. wishes to share information with an ally it needs to create a separate, secure network for that purpose.
- Not all connected devices are secure, even on the battlefield. This makes it difficult for military leaders to discern whether the data these devices are conveying is accurate or has been compromised.
The MPE and similar efforts stand a greater chance of success if they adopt a data-centric rather than a device- or network-centric–approach to secure information sharing. Fortunately, there’s a simple and proven method of doing this using the Trusted Data Format (TDF), created within the National Security Agency (NSA) and hosted by ODNI.
Bringing Security Down to the Data
TDF is an open standard for protecting the data itself. It essentially allows organizations to assign a protective wrapper around every piece of information being shared amongst mission partners. That’s much different – and much more effective – than network perimeter security. It brings security down to the data level, negating the need to create separate networks for each ally or having to worry about device vulnerabilities.
With TDF, each piece of data is tagged with specific attributes, ensuring that only individuals or organizations with proper access can view the information. Attributes could be the names of designated coalition members, individual clearance levels, and so forth. Assigning attributes and rules can be done either manually (by checking a box to authorize who can view an email, for example) or automatically (for instance, via artificial intelligence, which can be used to tag sensor data).
This level of control can significantly and positively alter information access amongst allies or fellow agencies. Partners that are no longer a part of the coalition can have access privileges quickly dissolved, while those joining the fight can easily have privileges granted. Meanwhile, those without rights do not even know that the data is there. To them, it’s as if it doesn’t exist, removing the temptation to try to access unauthorized files.
Normalizing Real-Time Data Exchange
Network security models generally grant broader access to information, but each piece of data can require four to six hours of processing before it can be shared. That goes directly against objectives to seamlessly connect partner agencies or coalition forces and allow them to share data quickly and persistently.
The time it takes to process data can also be a significant obstacle to the success of the mission. Consider the events occurring in Ukraine, which continue to evolve hour by hour. Being able to access, share, and act upon current information is critical to the country’s defense against Russia. Anything less than real-time data exchange amongst allies is not an option.
Standardizing Secure Information Sharing
Many of the standard best practices around secure data exchange are simply no longer up to the task at hand. That will continue to be true as missions become more complex, the amount of data continues to grow, and the need for fast and secure information exchange becomes even more critical.
Adopting a data-centric approach to security should become standard practice because it solves many of the issues agencies have been trying to address for several years. For example, TDF gets to the heart of zero-trust initiatives, because it is built around the principle to “never trust, always verify.” It’s about as ironclad a data security concept as has ever been seen.
It’s also proven. TDF was invented in 2009 to solve the challenge of secure and unimpeded information sharing between U.S. intelligence agencies. Since then, it has been regularly and successfully used by branches of the U.S. intelligence community and the military.
Now, the time has come to make TDF and its data-centric approach the security standard for modern warfare. The defense of the United States depends on it.
The views expressed here are the writer’s and are not necessarily endorsed by Homeland Security Today, which welcomes a broad range of viewpoints in support of securing our homeland. To submit a piece for consideration, email editor @ hstoday.us.
