The U.S. Army describes its Future Combat Systems program as a “cohesive system-of-systems” comprised of software, networks, and hardware (as in next-generation tanks) that will allow the future soldier “to see first, understand first, act first, and finish decisively.”
Not long after Boeing was named a lead system integrator on the program in 2004, the company joined something called the Transglobal Secure Collaboration Program, or the TSCP. And so it entered a whole new realm of IT control.
Boeing’s work on the Future Combat Systems, like many of its projects, requires tight collaboration with trusted partners. Beyond standard IT security considerations and layers of compliance concerns (Sarbanes-Oxley and Gramm-Leach-Bliley among them), Future Combat Systems work had stark national-security and export control issues to contend with.
Boeing had to know precisely who was accessing what system when, and across company lines. The company had to assure that each user—whether a Boeing employee or not—was current and valid. It was an identity-management problem of the highest order, and one that the TSCP had been designed to solve.
At its most basic, TSCP is about managing identity and enforcing IT security across corporate and national boundaries, in an industry where data breaches can literally kill. After working quietly on the multimillion-dollar effort since 2000, TSCP’s leaders are now announcing their presence and inviting others to both join and benefit from their labor, aerospace and defense players and otherwise.
Boeing was a relatively latecomer to TSCP, a partnership of the world’s largest aerospace and defense companies. Other members include Lockheed Martin, Northrop Grumman, Raytheon, Rolls-Royce and BAE Systems, as well as the U.S., British, and Dutch governments.
On the Future Combat Systems program, Boeing must “interact with just about every major aerospace company out there. As such, we had a need and desire to put into play stronger capabilities in which we could share information with partners and do so in a secure manner,” says Jim Cisneros, TSCP chairman and deputy CIO of Boeing’s Future Combat Systems program. “But it just made good sense for us to get involved so we could share what we were doing with other companies to come up with a shared approach.”
Robert Shields, a TSCP co-founder who stepped down as the program’s director in November 2006, says TSCP’s initial driver was the British Ministry of Defense’s need for secure e-mail communications among diverse parties using different technologies. But soon, he says, the effort’s focus evolved into creating “demilitarized zones” where companies could agree upon the rules of engagement with each other. (And yes, the companies called them DMZs.) Then, trusting each others’ policies and procedures for vetting users, the companies could share information pertaining to a given project.
Hark, Who Goes There?
As the TSCP grew in the first half of the decade, the term “federated identity management” had yet to enter the technological argot. But federated identity management is a key part of what TSCP has enabled, if indirectly. TSCP may sound like a network protocol, but it’s emphatic about policy and functional specifications under which a swath of technologies can coexist, Shields says.
Jeff Nigriny, president of CertiPath and U.S. outreach director for TSCP, says TSCP boils down to securing data among various players in the supply chain. That, he says, can apply to almost any business. Companies in other industries are already talking with TSCP, he adds, and the specification will be publicly released once complete.
“We have put in five years of effort, and we’re certain it can apply beyond [aerospace and defense],” Nigriny says. “We want to make sure we won’t waste effort of others and that it won’t cost us an interoperability challenge down the road.”
TSCP’s philosophical roots are consistent with those of other flavors of federated identity management: Companies, governments, and other organizations admitted to the collaboration, or “trust fabric,” as Nigriny describes it, must vouch for their users.
There are big advantages. The average aerospace and defense worker has 19 external accounts, Nigriny says. With a TSCP-based federated identity management system, the moment the home company changes or revokes a given user’s privileges, that person’s access to every system associated with TSCP changes (or ends) accordingly.
CertiPath has helped translate the TSCP trust fabric into a public-key infrastructure bridge which, in May 2006, became the first ever private-industry PKI bridge allowed to peer with the Federal Bridge Certification Authority, which assures identity across large swaths of the U.S. government.
“The government has got to get out of the business of issuing credentials to users of its systems and get into the business of trusting credentials issued by others,” Peter Alterman, chair of the Federal PKI Policy Authority, told Government Computer News at the time.
Becoming cross-certified with CertiPath, which Raytheon recently achieved and Boeing was the first to do, involves mapping each organization’s user access policy to TSCP baselines and having an assurance provider such as KPMG or Deloitte do the actual audit.
“It’s the Good Housekeeping seal-of-approval approach,” Nigriny says.
“We want to make sure we won’t waste effort of others and that it won’t cost us an interoperability challenge down the road.”
— Jeff Nigriny,
Taking TSCP so far was no picnic. Shields can recount five years and millions of dollars of work on two continents to develop a methodology he now describes as “one single bible and framework.” One of the defense firms alone has spent roughly $50 million aligning its internal systems to the TSCP framework, he says.
TSCP had to compass Sarbanes-Oxley, State Department International Traffic in Arms Regulations rules, export controls, European personal data security issues, intellectual property protection, and other factors, he says.
Other industries have taken on similar challenges to smooth collaboration. Among the most notable include the pharmaceutical industry’s SAFE-BioPharma Association, a coalition of pharmaceutical companies responsible for establishing a common digital identity and signature standard; and the Higher Education Bridge Certification Authority, which hopes to do the same for colleges and universities.
Phil Becker, editor of Digital ID World magazine, says that besides TSCP and the SAFE-BioPharma Association, such industry collaborations have been rare. But, he adds, industry is realizing that “in the last 12 to 18 months there has been a change in the willingness and even the awareness of people talking about how to bridge identity management, because it’s going to eat us alive if we try to do this one-off.”
“Each company out there supports multiple programs. They have a tendency to do one-off solutions, and that’s costly,” he says. “TSCP is supportable and reusable across programs, which makes a strong business case.”
Becker says industry-specific organizations could ultimately give way to global standards. In December, the International Telecommunications Union launched a focus group to develop “a generic identity management framework”; the International Standards Organization also has identity management in its sights.
Says Becker: “It feels to me like the pressure to do something is building.”