Technology divergence: DMS and the rest of the world
- By John Pescatore
- Mar 31, 1996
"A billion here, a billion there—pretty soon you're talking real money." This is such a great quote; I hope someone really said it. If not, I'll appropriate it to describe what looks to be happening with the Defense Message System and the direction the commercial world is taking in electronic messaging.
DMS will provide a robust, secure infrastructure for messaging within the Defense Department, but it will do so by using an expensive approach that will not be adopted by the commercial sector.
This divergence will leave civilian agencies and government contractors stuck in the middle; DMS is destined to never securely interoperate with 85 percent of messaging users worldwide.
For those of you who need a refresher, last year the Defense Information Systems Agency awarded the $500 million DMS contract to Loral Federal Systems. DMS was born (or received original program guidance, anyway) seven years earlier, as DOD realized that Autodin was eating the agency out of house and home, and its appetite was growing.
DMS builds on the Message Security Protocol architecture developed by the National Security Agency under the Multilevel Information Systems Security Initiative program. DMS will use the Fortezza card developed as part of MISSI to provide authentication, integrity and confidentiality services for DMS. Secure messaging for sensitive but unclassified electronic mail will be rolled out in the middle of this year, and the higher classification levels will follow.
If you take the direct DMS funding, add estimates for the MISSI and Fortezza work directly related to DMS and throw in a bit for the DMS work done for the past seven years, a billion dollars isn't hard to reach. Actually, a briefing by the DMS program office makes it look closer to $2 billion without the NSA costs.
Meanwhile, International Data Corp. (my parent company) estimates that in calendar 1994 alone just less than $1 billion was spent on messaging systems worldwide, and IDC predicts that the market will reach $2 billion per year by calendar 1998. While DMS plans to have 2 million users when fully deployed, IDC predicts the worldwide market for messaging will top 150 million users by 1998.
It is unlikely that very many of those 150 million users, the majority of whom will seek a secure solution, will be using DMS and Fortezza. For one thing, half of them will be outside the United States, and they seem to have an odd prejudice against using secure messaging that incorporates the ability for the U.S. government to eavesdrop on their messages. Even if DMS can capture the entire civilian market—a real stretch because most civilian agencies cannot afford the per-seat costs of $100 to $300 for DMS hardware alone—communicating securely with citizens and industry will be impossible.
There are some workarounds. The DMS architecture does include an element called a Multi-Function Interpreter that could provide interoperability with emerging secure messaging standards, such as S/MIME and PEM. However, avoiding the expense of maintaining similar gateways used by Autodin is one the key goals of DMS.
Don't get me wrong: The DMS strategy of convincing key vendors such as Microsoft Corp., Lotus Development Corp. and Novell Inc. to develop and support "DMS-aware" versions of their industry-leading electronic-mail packages is a major step in the right direction. The real dichotomy comes in the choice of encryption algorithm and authentication protocol—namely, the Fortezza card with the Capstone chip.
Fortezza and Capstone provide a great solution for DOD, and for years I have been preaching the use of strong dual authentication such as that provided by Fortezza. However, not many agencies (or companies, for that matter) can afford PCMCIA-based solutions, and government-controlled key escrow is just not going to fly in the global marketplace. Assistant secretary of Defense Emmett Paige Jr. himself admitted this in his keynote speech at a recent American Defense Preparedness Association symposium. DOD and NSA trying to control the export of encryption technologies by mandating government key escrow is an example of putting your finger in a hole in the dam while water is rushing over the top.
Civilian agencies and contractors are caught in the middle, facing the prospect of either no secure messaging or having to support two messaging systems to work with DOD and commercial partners. Electronic tax filing and electronic service to the citizen will never come to fruition without a secure messaging infrastructure. Vendors such as Microsoft are not going to solve the problem; they will go wherever they can make money.
The solution? The Clinton administration and DOD advisers on the scores of security policy boards need to give up on government-controlled key escrow and put their weight behind one of the alternatives being proposed, such as Trusted Information Systems Inc.'s Commercial Key Escrow. Commercial Key Escrow supports industry's need to be able to recover encrypted data when the decryption keys are lost—something Clipper and government key escrow ignores.
There is no way to keep all three interested communities (industry, law enforcement and DOD/intelligence) happy. DMS only satisfies one out of the three; whiled a Commercial Key Escrow approach may not make the DOD/intelligence community dance in the aisles, it leaves them no worse off than they are today.
Working solutions are invariably formed in between the extremes at either end of contentious debates.
It is time for the federal government to move toward the center in the secure messaging debate.
The federal government no longer owns the only paving machines for this particular lane of the information superhighway. The commercial world smells big money in information security in general and secure messaging in particular. Companies such as Visa and Microsoft have tremendous profit opportunities if secure messaging becomes widespread in the commercial sector, and they will drive the technology to be marketable in the high-growth areas outside the United States.
There is an opportunity to make sure a governmentwide solution emerges, but only if a governmentwide look is taken at using truly off-the-shelf solutions.
Pesacatore is the research director for information security at IDC Government, Falls Church, Va. He previously worked in secure messaging at GTE, the Secret Service and NSA. This column can be read on FCW's home page at http://www.fcw.com.