NSA product accreditations lag behind IT security advances

The National Security Agency wants to use commercially-built security products and the latest virtualization software. But the slow pace of getting products certified through NSA channels and the lightening fast pace of change in the IT industry is causing national-security heartburn.

ORLANDO -- The National Security Agency wants to use commercially-built security products and the latest virtualization software. But the slow pace of getting products certified through NSA channels and the lightening fast pace of change in the IT industry is causing national-security heartburn.

12 White Hat hackers you should know

The high-tech spy agency, which also guides Defense Department information security, has become an enthusiastic proponent of open standards-based technologies such as Trusted Network Connect (TNC) and Trusted Platform Module (TPM) put forward by the organization Trusted Computing Group (which announced it expects to propose an end-to-end security framework for cloud computing around year-end).

This week the secretive NSA held its first conference related to its views on trusted computing. The NSA Trusted Computing Conference and Exposition in Orlando drew about 500 attendees and 39 exhibiting companies.

Michael Lamont, NSA chief of the network solutions office, noted in his keynote that since May of this year the national-security strategy has been "COTS [commercial off the shelf] first, not GOTS [government]."

Lamont said the NSA wants to influence how commercial technologies are developed, and hopes "richer collaboration could further harden national-security systems" and give commercial systems some "government-like security."

Trusted computing "will be a key enabling technology or set of technologies," said Neal Ziring, technical director, information assurance directorate, NSA, in his conference keynote address.

Ziring said the NSA, under its High Assurance Platform (HAP) program, is turning to a "deliberate reliance on commercial products for protecting even national-security information," and said "my customers are demanding mobility." In the future, NSA expects "COTS will be used to protect even the most sensitive classified information."

Products developed to adhere to the specifications of the Trusted Computing Group (TCG) are a big part of the vision.

Certification processes stall adoption

The NSA's customers are the vast U.S. military and intelligence communities that require accredited software and hardware for use in sharing information from Top Secret through Secret and down to Classified and Unclassified. Products used for "Cross Domain Solutions" for instance, which provide the ability to access or transfer information between two or more security domains, have to be examined and certified to be accepted for use. But the NSA and military-supported certification processes, such as one called Common Criteria, are slow as molasses compared to the IT industry's lightening-fast innovations.

As if to underscore that point, Ian Pratt, vice president for advanced products at Citrix Systems, gave a keynote packed with heady technical detail on new virtualization software from Citrix, including the Xen-based client hypervisor and multiple ways to run virtual machines while setting policy controls through so-called "service VMs." He explained how TCG-related technologies such as TPM would work, and added that in the future Citrix may come out with a "virtual TPM" that would run as a dedicated virtual machine.

The NSA is hearing demands from the military for high-security options built on virtualization. The first desktop virtualization-designed HAP workstation built by General Dynamics was showcased in a video to show how a VMware-based and hardened Red Hat-based workstation using TNC and TCG-compliant hardware components such as TPM, as well as Intel's TXT and TVD, can support secure domain separation.

The HAP workstation, called "Trusted Virtual Environment," is said to allow for attestation, to store system measurements reliably and keep encryption keys safe. During remote attestation, network access can be denied to machines whose identity doesn't check out and compromised HAP workstations could be blocked.

But Bill Ross, director of cybermission assurance systems, C4 systems, at General Dynamics, bluntly told the NSA conference attendees that the current fast-paced and sometimes chaotic state of industry support for TCG-related technologies, along with lengthy accreditation times for HAP, is adding up to real obstacles.

"The rapidly changing hardware environment" has led to "rapid commercial product release and obsolescence," Ross said in his keynote talk about the difficulties of cobbling together various vendor products to build TAP-approved solutions such as the HAP workstation. "We're out of sync with changes in commercial technology."

"The problems are in what I'd call the techno-political realm," he added, noting that there are difficulties in convincing partners, which today include most prominently Intel, VMware, Dell, HP and others, that the effort is warranted.

"We didn't understand what motivated them," Ross pointed out. "We'll say, 'We'll pay you.'" But he admitted he was surprised to see "that rarely worked." Sometimes they'd say they wouldn't support a project because of what they called unclear "opportunity cost." The vendors want to know that their effort for TAP and TCG will lead to wider opportunities beyond just a single TAP project.

The lengthy and cumbersome certification process known as "Secret and Below Interoperability," among others, was an obstacle.

"Bottom line is, it was a lot of growing pains to navigate through the certification process," Ross said, and "it was difficult to keep the interest on multi-year periods."

Separately, Ross said it took 18 months to get the Trusted Virtual Environment TAP-certified workstation, which allows Top Secret and below communications, through the accreditation process, which was completed last year. The Trusted Virtual Environment workstation is being used by the Special Operations Command, across multiple services including the Army as well as NSA. But he said he didn't know the exact numbers because that's kept secret.

Inside initiatives

NSA, headquartered in Ft. Meade, Md., is not given to much public interaction, particularly with the media, and is clearly struggling with conflicting desires to keep its employees well hidden while also trying to greatly influence development of security technologies in the commercial sector.

NSA allowed systems engineer Boyd Fletcher as well as Fred Leong, NSA Trusted Computing Firmware Project Lead, to discuss some of their initiatives in conference presentations where press was in attendance.

Fletcher described efforts to help develop cross-domain solutions (CDS) in a virtualized environment based on Type 1 hypervisors in particular. Military data centers and in-the-field military are clamoring for virtualization options, and the benefits of virtualization are clear, he said.

The NSA still advocated that CDS run on a trusted operating system, and "maybe in the future will run on a trusted hypervisor," he said. But virtualization promises to help eliminate a lot of the manual labor associated with having administrators physically touching hardware associated with traditional CDS today.

Virtualization's remote console capability could allow for "live migration over thousands of miles, if necessary." But if that transition occurs, system management security will grow in importance, as well as looking at technologies such as network-address translation to make sure cloned CDs don't all have the same IP address, he pointed out.

But Fletcher acknowledged the accreditation process, which can take up to two years, isn't making change simple for CDS.

In addition, Fletcher is helping craft what are called "Virtualization Security Requirements" for use by developers and others, as well as a "Virtualization Security Controls Profile" aimed at analyzing security capabilities in assorted virtual machines, including hardware, which is expected to be contributed to the fourth revision of the 800-53 security requirements document published by the National Institute of Standards and Technology.

Fletcher also said his group expects to have what's called a "Virtualization Protection Profile" for hypervisor and management that would constitute "security targets" that vendors could strive for as part of Common Criteria and the National Information Assurance Partnership program which administers the Common Criteria evaluations in the U.S.

NSA's security experts also appear ready to intercede when they think there's a problem brewing. Various security researchers have shown how it's possible to compromise computers through potential zero-day attacks on the System Management Mode (SMM), which is present in most x86 processors today, Leong said.

In his presentation, Leong alluded to work by Invisible Things Lab and others, which have made the case that rootkits can be dropped by an attacker via SMM.

Leong said the NSA is preparing a mitigation called the SMI Transfer Monitor (STM) to basically replace the current SMI Handler for SMM.

This would basically "sandbox the SMM code," said Leong, noting Intel is working with NSA on it and "Dell has actually modified its BIOS to support this." Sandia National Labs is assisting in testing of STM, and "there will be some performance overhead for doing this," he said.

Even as NSA strives to influence industry development of virtualization and TCG-related technologies, the agency is grappling with how far it will go to push for a TAP mandate oriented toward national-security-related IT purchasing.

In his keynote address, Neil Kittleson, Trusted Computing Portfolio Manager at the NSA's Central Security Service Commercial Solutions Center, said "we need HAP," which has been forward in various reference implementations. The push for next year is advocacy of some kind of policy directive around HAP and technologies based on specifications from the Trusted Computing Group. He added, "Once we advocate these things, we have to deploy."

Read more about wide area network in Network World's Wide Area Network section.

Join the newsletter!

Error: Please check your email address.
Rocket to Success - Your 10 Tips for Smarter ERP System Selection

Tags securityTrusted Computing Group

Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Ellen Messmer

Network World
Show Comments

Cool Tech

SanDisk MicroSDXC™ for Nintendo® Switch™

Learn more >

Breitling Superocean Heritage Chronographe 44

Learn more >

Toys for Boys

Family Friendly

Panasonic 4K UHD Blu-Ray Player and Full HD Recorder with Netflix - UBT1GL-K

Learn more >

Stocking Stuffer

Razer DeathAdder Expert Ergonomic Gaming Mouse

Learn more >

Christmas Gift Guide

Click for more ›

Most Popular Reviews

Latest Articles

Resources

PCW Evaluation Team

Edwina Hargreaves

WD My Cloud Home

I would recommend this device for families and small businesses who want one safe place to store all their important digital content and a way to easily share it with friends, family, business partners, or customers.

Walid Mikhael

Brother QL-820NWB Professional Label Printer

It’s easy to set up, it’s compact and quiet when printing and to top if off, the print quality is excellent. This is hands down the best printer I’ve used for printing labels.

Ben Ramsden

Sharp PN-40TC1 Huddle Board

Brainstorming, innovation, problem solving, and negotiation have all become much more productive and valuable if people can easily collaborate in real time with minimal friction.

Sarah Ieroianni

Brother QL-820NWB Professional Label Printer

The print quality also does not disappoint, it’s clear, bold, doesn’t smudge and the text is perfectly sized.

Ratchada Dunn

Sharp PN-40TC1 Huddle Board

The Huddle Board’s built in program; Sharp Touch Viewing software allows us to easily manipulate and edit our documents (jpegs and PDFs) all at the same time on the dashboard.

George Khoury

Sharp PN-40TC1 Huddle Board

The biggest perks for me would be that it comes with easy to use and comprehensive programs that make the collaboration process a whole lot more intuitive and organic

Featured Content

Latest Jobs

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?