BlueSpace

Joint and coalition information sharing is a challenge for both the defense and the intelligence communities. Network stovepipes still hamper sharing behaviors, but BlueSpace’s MLS applications can enable users to work seamlessly across multiple security domains from a single interface.

The Challenge

Ever since the 9/11 Report, there has been a strategic focus on improving information sharing across the intelligence community, led by the DNI. It may be true that culture is an impediment to improved collaboration between different parts of the intelligence community, but technology does have a lot to do with behavioral patterns.

Users do not like having multiple interfaces to the same application – be that five instances of Microsoft Outlook on different networks, seven separate instances of Intellipedia on different networks, etc. Users want a single interface to their data, and when the technology doesn’t provide them that single interface, they start to create it themselves by a ‘high-side gravity’ process.

DIA users tend to have access to several different networks, including JWICS and SIPRNet – they are able to send emails on both networks, and have instances of a Microsoft Outlook client on each network. Because JWICS is a Top Secret cleared network, DIA users can send pretty much all their email on that network – whether the emails are Top Secret, Secret or Unclassified. Users want a single inbox for their email, so there is a natural gravity to send email on JWICS, no matter what the classification of the content is.

Since most emails get sent around DIA on JWICS, DIA users tend to spend most of their time on that network, and tend to check their SIPRNet email more sporadically. This further drives the ‘high-side gravity’ process, because someone sending an email to another user knows that the response is likely to be more timely if the email is sent on JWICS.

If everyone had JWICS access and all collaboration was limited to within DIA, this could work pretty well. The challenge is that the primary customers of the intelligence community are the warfighters who have SIPNet (Secret) access, but do not typically have access to JWICS. So there is a lot of email traffic (and other content e.g. Intellipedia pages and A-Space documents) that has been classified as Secret or below marooned on JWICS that is not readily accessible to the warfighter.

The next step in the thought chain is to look to duplicate the lower classified data from JWICS down to SIPRNet and other networks. Unfortunately, this is challenging, as the classification system inside Microsoft Outlook is entirely trust based – there are no Mandatory Access Controls (and few Discretionary Access Controls) – it’s just a tag that anyone can change. So Top Secret and Secret data can be intermingled, and downgrading requires guards (with error prone dirty word scanners) and/or human review (time consuming).

Once multiple intelligence agencies are added into the mix, and use of guards becomes prevalent, implementing information sharing and collaboration becomes even more difficult. While wanting to share information, agencies are naturally concerned about inadvertent spills (e.g. of sources and methods) through wider distribution of intelligence products. The inability to track and control data as it flows through different networks is a significant impediment to information sharing and collaboration.

This description has focused on the intelligence community, but the problems facing the defense community are very similar, though the actors are different. Instead of different Top Secret compartments and SIPRNet, the defense community is struggling with many different ‘flavors’ of Secret – SIPRNet, Two Eyes, Four Eyes, NATO Secret, ISAF Secret, Mission Secret, and other CENTRIX networks.

The Solution

To improve information sharing and collaboration in the defense and intelligence communities, analysts and warfighters need applications that make it much easier to work at multiple security levels at the same time. By making it ‘one click’ rather than having to move computers, the key drivers behind the ‘high-side gravity’ process can be reduced – it becomes easier to write content at the right level to start with rather than letting someone else downgrade it later.

BlueSpace MLS applications provide users with a single user interface that spans multiple network domains at the same time, for example, a single inbox and calendar spanning multiple security domains in Unity. The user can see a single (fused) inbox for all their email at the high-side, but clicking to open an email causes the email to open at the appropriate (originating) security domain – the data stays on the right domain. When a user clicks to compose a new email, they can choose which security level to create it at in a dropdown menu, and the application automatically brings up a new window at the right security domain based on the user’s selection.

Robert Cardillo (Deputy Director for Analysis, Defense Intelligence Agency) commented during his keynote address at the GEOSPACE conference in 2009 that DIA had found that if an analyst has to go through more than 15 degrees of rotation (to a different screen) or do more than three mouse clicks, they won’t do it. Culture is important, but having the right technology that makes the desired behavior easy for busy users can make the mountain a lot smaller. Collaborative applications that provide a seamless MLS environment for users to work across security domains should be part of any strategic plan to improve information sharing.