Table of Contents:
Foreword ......................................................................xvii Dr. Charles F. Goldfarb, Editor of Prentice-Hall Charles F. Goldfarb Series on Open Information Management Prologue .......................................................................xix Achieving an Agile Intelligence Enterprise Dr. Ruth A. David, Deputy Director for Science and Technology Central Intelligence Agency Introduction ................................................................xxiii Why You Should Read This Book ..............................................xxiv What We Can Talk About; What We Can't ......................................xxvi Introduction to the US Intelligence Community ............................xxviii How This Book Is Organized ...............................................xxxiii Acknowledgements ..........................................................xxxix Afterword ...................................................................xliii Admiral William O. Studeman, Former Deputy Director of Central Intelligence, Director of the National Security Agency, Director of Naval Intelligence Part 1 Introduction to Intelink .............................................1 Chapter 1 Intelink - the Intranet of the US Intelligence Community ................3 What is Intelink? .............................................................5 The Beginning .............................................................5 Definition ................................................................6 Recognition of Intelink ...................................................7 Evolution of the Internet .....................................................9 Packets: The Basis of Computer Network Communications ....................11 Communications Protocols and the OSI Model ...............................15 The World Wide Web .......................................................19 Standards: Role of SGML, HTML, and XML ...................................20 What is an Intranet? .........................................................24 What is an Extranet? .........................................................24 The Intelink Community .......................................................25 What is the Problem to be Solved? ............................................33 Why is an Intranet the right solution? .......................................36 Chapter 2 High-level look at Intelink ............................................39 Intelink Support Framework ...................................................40 Categories of Intelink Services ..........................................40 Early Intelink Management Structure ......................................42 The ISMC: Intelink Service Management Center .............................43 The IMO: Intelink Management Office ......................................48 How Does this Relate to Business? ........................................52 Instantiations of Intelink Service ...........................................53 "Intelink-SCI" ...........................................................53 "Intelink-SecretNet" or "Intelink-S" .....................................54 "Intelink-PolicyNet" or "Intelink-P" .....................................54 "Intelink-UnclassifiedNet" or "Intelink-U" ...............................55 Other Instantiations .....................................................56 Implementation Philosophy ....................................................56 Return on Investment .....................................................57 Continued Commitment to "Need-to-Know" Security ..........................58 Use of Open Systems and Commercial "Off-the-Shelf" Products ..............59 Migration to full Web-based Environment ..................................60 Part 2 Intelink Issues and Challenges .....................................63 Chapter 3 Closed System, Open Standards ..........................................65 Department of Defense Standards ..............................................67 Technical Architecture Framework for Information Management ..............67 Joint Technical Architecture .............................................70 Intelligence Community Standards .............................................79 Functional Reference Model for Intelligence ..............................79 Unified Cryptologic Architecture 2010 ....................................82 Intelink Standards ...........................................................83 Related Initiative: Defense Message System (DMS) .............................85 How Does this Relate to Business? ............................................87 Chapter 4 Defining Security ......................................................89 Why Is Security Important? ...................................................90 Definition of Security .......................................................91 Psychology of Network Attackers ..............................................93 Who Would Attack a Network? ..............................................94 How are Networks Attacked? ...............................................96 Applying Security to Networks ................................................99 Authentication: Passwords ................................................99 Encryption ..............................................................101 Authentication: Digital Signatures and Certificates .....................111 Access Control and Auditing .............................................115 Other Elements of Network Security: Physical Security and Security Policy ...117 Physical Security .......................................................117 Security Policy .........................................................119 Lessons Learned .............................................................120 Chapter 5 Applying Security to Intelink .........................................123 Overview of Intelink Security Strategy ......................................124 Security Building Blocks ....................................................127 Certificate Authority (CA) ..............................................128 X.509v3 Certificates ....................................................129 Secure Sockets Layer (SSL) ..............................................132 Intelink Security Services ..................................................133 Strong Authentication ...................................................134 Enhanced Access Control .................................................136 Network Auditing and Monitoring .........................................138 Security Services Summary ...............................................139 Minimizing Cost of Security .................................................141 The Need for Standards ..................................................141 Pilot Projects: NPC and ADNET ...........................................141 US Government Network Security Efforts ......................................144 Multilevel Information Systems Security Initiative (MISSI) ..............144 Fortezza and Rosetta ....................................................144 Outlook for MISSI .......................................................146 Access Control Issues .......................................................147 Access Control through the Instantiations of Intelink ...................147 Problems with the Instantiation Approach ................................148 Multilevel Security versus Multiple Security Levels .....................150 Personnel/Physical Security and Security Policy .............................151 Additional Concerns .........................................................154 How Does This Relate to Business? ...........................................156 Chapter 6 Intelink User Tools and Services ......................................159 Three Categories of User Tools and Services .................................160 Search Tools ............................................................161 Collaboration Tools .....................................................178 Reference Aids ..........................................................191 Future Tools ................................................................193 How Does This Relate to Business? ...........................................197 Chapter 7 Intelink Open Information Management Concerns .........................199 Standardization of Intelink Operations ......................................200 Joint Standards Board ...................................................202 Use of Metadata .........................................................206 Web Publishing Standards: SGML/HTML/XML .................................212 Push and Pull Technology ................................................214 Improving Open Information Management Support ...............................216 Site Intelink Information Managers (SIIM) Infrastructure ................217 Training and Education ..................................................221 Improving Intelink-S to the Warfighter ......................................223 How Does This Relate to Business? ...........................................227 Chapter 8 Implementation Success Stories ........................................229 Joint Intelligence Center, Pacific (JICPAC) .................................230 Who is JICPAC? ..........................................................231 What was the Issue at JICPAC? ...........................................232 The Decision: Process Reengineering .....................................237 Implementing the Decision ...............................................241 Current Status - Impact on Other Projects ...............................250 Lessons Learned - Future ................................................253 Summary .................................................................255 Office of Naval Intelligence ................................................256 Who is ONI? .............................................................257 What was the Issue at ONI? ..............................................257 The Decision: Automated CD-ROM Capability ...............................259 Implementing the Decision ...............................................261 Results .................................................................264 National Security Agency ....................................................266 Who is NSA? .............................................................267 What was the Issue at NSA? ..............................................269 NSA Improvements ........................................................271 Foreign Broadcast Information Service .......................................279 Who They Are ............................................................279 How They are Using Intelink and SGML ....................................283 National Imagery and Mapping Agency .........................................284 How Does this Relate to Business? ...........................................288 Part 3 The Future: "Virtual Intelligence" ..............................291 Chapter 9 Challenges for the US Intelligence Community ..........................293 Enabling Open Information Management Improvements ...........................295 Information Revolution of the Third Millennium ..............................297 Basic Assumptions .......................................................298 Information Technology Management Reform Act (ITMRA) ....................299 Impact of Technology and the Internet .......................................300 New World Order of Connectivity: the Economics ..........................302 Example of How the Private Sector is Coping: Walt Disney Imagineering ................................................306 What This Means to the Intelligence Community - and You .....................313 Chapter 10 Achieving a More Agile Intelligence Enterprise .......................317 Intelligence Community Information Systems Strategic Plan ...................319 The Future World of Intelligence: "Virtual Intelligence" ....................327 What is Agility? ........................................................328 Why is Agility Necessary for the Intelligence Community? ................330 What is an "Agile Intelligence Enterprise?" .............................332 Status: CODA - Implementing the Agile Concept ...........................339 Joint Intelligence Virtual Architecture (JIVA) ..............................341 JIVA Objectives .........................................................342 JIVA Focus Areas ........................................................345 JIVA Implementation .....................................................347 Challenge for the Intelligence Community ....................................349 How Does This Relate to Business? ...........................................350 Appendix US Intelligence Community Overview ...........................353 The Central Intelligence Agency .............................................354 The Defense Intelligence Agency .............................................354 The National Security Agency ................................................355 Army Intelligence ...........................................................355 Naval Intelligence ..........................................................355 Air Force Intelligence ......................................................356 Marine Corps Intelligence ...................................................356 National Imagery and Mapping Agency .........................................357 National Reconnaissance Office ..............................................357 Federal Bureau of Investigation .............................................358 Department of Treasury ......................................................358 Department of Energy ........................................................358 Department of State .........................................................359 Glossary ......................................................................361 Index ..........................................................................369