The Rise and Fall of DMSFORTEZZA:

1
The small but smart supplier of superior
messaging software.
The Rise and Fall of DMS/FORTEZZA Lessons
Learned in U.S. Defense Messaging
Kathy Nuckles CEO/President kn_at_commpower.com www.c
ommpower.com
2
Agenda

• Introduction/Background
• Context of Presentation
• Security Adversaries
• DMS Timeline 14 years in the making
• DMS Future (per Mandate)
• Next Generation Security Focused Building Blocks
• Common Data Medium XML
• Common Security Labeling Access Control SPIF
• Common Access Card (CAC)
• Commerciality
• Security Summary

3
Introduction/ Background

• Established in 1984 California Corporation
  Small Business
• Specialize in Military/Weather Product
  Development and System Integration
• Products 6 Military Gateway Products 1
  Text-to-Speech Product 2 Security Label Toolsets
• Systems Turn-Key COMMCENs for the U.S. Air
  Force and Defense Logistics Agency, U.S. Federal
  Aviation Administration, U.S. National Weather
  Service
• Key Team Member of the U.S. Defense Message
  System (DMS) Program Since Inception (1995)
• Visit www.commpower.com

4
Context of Presentation
As a key product supplier and team member to the
U.S. Defense Message System (DMS) program for 14
years, CommPower has amassed a wealth of
communications and security experience. This
presentation is based on that experience.
Please note that the views and opinions
presented are CommPowers and dont necessarily
reflect the views of the U.S. Government.
Messaging
Typical organization of a theater of operations
as envisaged by War Department Doctrine, 1940
http//en.wikipedia.org/wiki/FileTheater_of_opera
tions.gif
5
Security Woes Technical or Political?
Technical
Political
The goods are available
Why dont they want them?
6
Factors Affecting Security

• Cost Considered an overhead burden Must not be
  a big ticket item

• Ease of Use If it is not intuitive, users will
  mount an attack

• Availability of Alternatives If there is a
  workaround, users will find it

• Enforcement Without enforcement, security will
  be bypassed

7
DMS Timeline 14 years in the making
1995
2010
2000
2008
RAAUTJAZ RUWQAAAA0001 0151500UUUU- . . . ZNR
UUUUU . . . UNCLAS SUBJ OPERATIONS IN . . .
Stove-Pipes

• Mandate to retire DMS and adopt commercial
  capabilities
• Command E-mail concept begins to form no solid
  definition to date
• Panic retreat back to legacy

• Continued Outlook (thick) client with usability
  improvements.
• Introduction of Proxy model with CAC enabled web
  clients and server resident FORTEZZA services
  (AMHS).
• FORTEZZA access control is limited to transport
  AMHS informational access controls are local and
  proprietary

• Discontinued Outlook (thick) client
• AMHS proxy model is prolific
• Reduced (or shared) organizational
  certificates becomes attractive
• AMHS backside stovepipes start appearing with
  proprietary security labeling methods

• Outlook Domino Clients (Thick)
• FORTEZZA at the desktop
• Message is encrypted upon client submission
• SPIF based security labels Overly complicated
  client interface for security label generation

• Teletype format
• Human readable
• COMMCEN operations
• Closed backbone infrastructure
• Organic Security model

Unknown
Security model fragments
Security begins to retreat
Front Line Security
8
DMS FUTURE

• DMS retires in 2012
• Adopt Commercial Technology NOW
• DMS Replacement will NOT be provided
• . . . but, lets not lose site of basic security
  requirements.

MROC (??)
Multi-command Required Operational Capability
9
DMS/Security Next Generation
From the confusion there IS opportunity . . .
10
Next Generation Messaging Security Step 1a
Dont expect Industry to deliver a single,
consolidated capability on its own Give them
critical building blocks to take and run with . .
.

• Basic Payload Construct
• CommPower proposes XML
• Commercially prolific
• Easily processed
• Carries all data types
• Easily extended and customized
• Backward compatibility is supported

lt!ELEMENT cpe-Payload (cpe-CONTENT-TYPE,
cpe-IDENTIFIER,
cpe-ORIGINATOR, cpe-RECIPIENT,
cpe-SIGNERS-DN,
cpe-CONTENT-SIZE?,
cpe-CONTAINS-BINARY-ATTACHMENTS?,
cpe-ALT-DELIVERY-ALLOWED?,
cpe-LATEST-DELIVERY-TIME?,
cpe-SECURITY-LABEL,
cpe-EXTENSIONS?, cpe-CONTENT)gt
11
Next Generation Messaging Security Step 1b
Security Labels Valid and consistent security
labeling is an integral part of military
communications, yet not an integral part of
commercial communications. This, therefore,
cannot be left to chance.
Simple button to invoke Security Label Creation.
Vendor would use the provided toolkit to create a
custom user interface look and feel

• Security Label Toolset
• CommPower proposes an XML based SPIF definition
  and a freely distributed toolset.
• Same XML merits as for the message format apply
• Vendors could integrate the toolset without
  having to understand the intricacies.

Security Label
12
Next Generation Messaging Security Step 1c
Security Token The Common Access Card is based
on commercial technology and is widely deployed
and accepted. Keep running with it!!!

• Common Access Card
• Infrastructure in place and operational
• Based on accepted and practiced commercial
  technologies
• Multi-Platform support

13
. . . How Far Do These Building Blocks Bring Us?
DMS Community
DMS MTA
Allies
AMHS Client
Client
CP XML
CP XML
AMHS Client
Client
CP-EXP
CP-EXP
Other incl. CP-XJP
CP-EXP
AMHS
AMHS Client
Client
Mail Relay
Future DMS Replacement
Next Generation Military Information Exchange
New and innovative products based on the three
commercially aligned building blocks
Future DMS Replacement
14
. . . And its More than Just e-Mail
Outlook
Chat
Office
Collaboration
15
Next Generation Messaging Security Step 1d

• Government Responsibilities Its not enough to
  simply demand COTS Action is Required
• Maintain the building blocks
• Evolve the building blocks
• ENFORCE USE OF THE BUILDING BLOCKS

Setting an example is not the main means of
influencing another, it is the only means.
Albert Einstein
16
Security Summary What is its Fate?
Sound Security Building Blocks Woven into the
fabric of operations
Military/Defense
Commerciality
Can be carried toward the front line as required
. . . Yet still remain embraced by Industry
17
Partners in Defense Security (http//www.isode.com
/company/xmlspif.html)
Boldon James Boldon James, a wholly-owned
QinetiQ subsidiary since October 2007, has over
20 years experience specialising in secure
messaging solutions tailored to meet the formal
information exchange requirements of the
worldwide defence and secure government sectors.
Its Version 3 Secure Information Exchange
architecture now provides a suite of Microsoft
commercial off-the-shelf (COTS) functional
extensions across the Unified Communications
collaboration and conferencing suite, resulting
in solutions with a low total cost of ownership
(TCO) and significantly reduced deployment risk.
Boldon James are a Microsoft Gold Partner and the
Microsoft Global Go To Market Partner for
Messaging in Defence and Public Safety
sectors. Cadmidium Cadmidium Services Ltd is a
technical consultancy specialising in
communications system procurement, support
services and product development. Cadmidium
services have a diverse range of expertise backed
up by decades of experience. Cadmidium currently
have staff engaged with clients on a number of
projects across land, sea and air
environments. Clearswift Since 1982, Clearswift
have provided internet content filtering
solutions to more than 17,000 organizations
around the world. We design our technologies and
services around how people interact, developing
adaptable solutions that define business
communication. Clearswift solutions, available
through an extensive partner network of qualified
security specialists, safeguard information and
communications, leaving employees free to
communicate and collaborate, creating an
environment that nurtures growth. Clearswift
solutions allow you to strike the right balance
between growth, cost and risk. CommPower
CommPower, since its inception in 1984, has been
seeking excellence in the product development and
integration market, with emphasis on secure,
real-time message processing/switching and data
communications applications for military and
meteorological markets. For these sectors,
CommPower offers a host of gateway/dissemination
products as well as Microsoft Exchange-based
offerings all of which adhere to popular and open
industry standards. eB2Bcom eB2Bcom builds and
markets the high performance View500 Discovery
Directory server that combines LDAP, X.500 and
XMLeD protocols in a single system. Renowned for
its searching and matching capabilities and
integrated WebDUA, View500 is deployed in
Australia, Asia, USA, and Europe. Isode Ltd
Isode builds high performance messaging and
directory server products, using Open Standard
protocols. Isode has customers in over 30
countries with exports accounting for over 60 of
sales. Isodes products are used in sectors where
security, scaleability, reliability and excellent
support are core requirements. JSC JSC Ltd
provides design, integration, support, specialist
training and technical consultancy services to
the defence and defence related sectors. We
specialise in the delivery and support of
high-end secure messaging, directories and
PKI-based solutions. Nexor Nexor is a leading
provider of information assurance solutions to
defence and government agencies. We ensure that
sensitive information is accessed, controlled and
shared in accordance with prevailing security
policies by handling the connection,
transformation and protection of that
information. Our specialist capability and
technology has been developed over two decades
and our comprehensive portfolio is readily
tailored to provide a value for money
contribution to information assurance
programmes. SMHS Ltd SMHS is a small, UK-based,
company providing scientific, technical and
integration consultancy services for a range of
core enterprise services. These services include
messaging (both formal and informal) directory
services, security services and web services.