Network designed for sharing, security

Related Links

Technology at work

The State Department will get up to $8 million this fiscal year to continue work on a wide-area network intended to allow staff members worldwide to use sensitive or classified information securely.

By using virtual private network (VPN) technology, information stored on secure servers can be encrypted and transmitted over nonsecure lines instead of more expensive dedicated lines. When the users are finished with the data, it is wiped from their computers.

"The 'brain' would be located in a different spot than the actual terminal," said State spokeswoman Mary Swann. "This is a system we've been working on for quite some time." Several prototypes are already being tested, and the new funding will extend the project, she said.

Security is a primary concern for State, especially because American embassies are often targets for terrorists, said Warren Suss, president of Suss Consulting Inc. in Jenkintown, Pa.

The Iranian government took over the American embassy in Tehran in 1979, and al Qaeda terrorists bombed embassies in Kenya and Tanzania in 1998, for example.

"In all those cases, you've had the risk of a terminal being stolen," he said. If the terminal contained secret information, terrorists or hostile governments might gain access to it.

In general, VPN technology is already proven, according to technology analysts. State has to overcome potential challenges though, including slower response times as data is transmitted between the server and the client, and keeping secret not just the data, but its origin and destination, analysts say.

"No matter how reliable a network is, it's not going to be as reliable as a server in the next room. There are enormous trade-offs," Suss said.

Typically, VPNs balance the speed/security trade-off by using weak encryption on data packets — 40- to 60-bit — and much longer encryption codes on the keys that unlock the data, as much as 1,000 bits, said Jonathan Eunice, principal analyst at Illuminata Inc. in Nashua, N.H. The weaker encryption on the data lets it flow quickly, and the long encryption on the keys makes it hard to crack, he said.

In addition, "they keep changing the keys," he said. "Sometimes they change the keys every 30 seconds. If someone breaks into one session, no other session can they break into. It's very, very hard to break keys because you need to see big, long samples of the data in that key."

Featured

  • Management
    shutterstock image By enzozo; photo ID: 319763930

    Where does the TMF Board go from here?

    With a $1 billion cash infusion, relaxed repayment guidelines and a surge in proposals from federal agencies, questions have been raised about whether the board overseeing the Technology Modernization Fund has been scaled to cope with its newfound popularity.

  • IT Modernization
    shutterstock image By enzozo; photo ID: 319763930

    OMB provides key guidance for TMF proposals amid surge in submissions

    Deputy Federal CIO Maria Roat details what makes for a winning Technology Modernization Fund proposal as agencies continue to submit major IT projects for potential funding.

Stay Connected