Network designed for sharing, security

Related Links

Technology at work

The State Department will get up to $8 million this fiscal year to continue work on a wide-area network intended to allow staff members worldwide to use sensitive or classified information securely.

By using virtual private network (VPN) technology, information stored on secure servers can be encrypted and transmitted over nonsecure lines instead of more expensive dedicated lines. When the users are finished with the data, it is wiped from their computers.

"The 'brain' would be located in a different spot than the actual terminal," said State spokeswoman Mary Swann. "This is a system we've been working on for quite some time." Several prototypes are already being tested, and the new funding will extend the project, she said.

Security is a primary concern for State, especially because American embassies are often targets for terrorists, said Warren Suss, president of Suss Consulting Inc. in Jenkintown, Pa.

The Iranian government took over the American embassy in Tehran in 1979, and al Qaeda terrorists bombed embassies in Kenya and Tanzania in 1998, for example.

"In all those cases, you've had the risk of a terminal being stolen," he said. If the terminal contained secret information, terrorists or hostile governments might gain access to it.

In general, VPN technology is already proven, according to technology analysts. State has to overcome potential challenges though, including slower response times as data is transmitted between the server and the client, and keeping secret not just the data, but its origin and destination, analysts say.

"No matter how reliable a network is, it's not going to be as reliable as a server in the next room. There are enormous trade-offs," Suss said.

Typically, VPNs balance the speed/security trade-off by using weak encryption on data packets — 40- to 60-bit — and much longer encryption codes on the keys that unlock the data, as much as 1,000 bits, said Jonathan Eunice, principal analyst at Illuminata Inc. in Nashua, N.H. The weaker encryption on the data lets it flow quickly, and the long encryption on the keys makes it hard to crack, he said.

In addition, "they keep changing the keys," he said. "Sometimes they change the keys every 30 seconds. If someone breaks into one session, no other session can they break into. It's very, very hard to break keys because you need to see big, long samples of the data in that key."

Featured

  • Management
    people standing on keyboard (Who is Danny/Shutterstock.com)

    OPM-GSA merger plan detailed in legislative proposal

    The White House is proposing legislation for a dramatic overhaul of human resources inside government and wants $50 million to execute the plan.

  • Cloud
    cloud applications (chanpipat/Shutterstock.com)

    GSA plans civilian DEOS counterpart

    GSA is developing a cloud email and enterprise services contract inspired by the single-source vehicle the Department of Defense devised for back-office software.

  • Defense
    software (whiteMocca/Shutterstock.com)

    DOD looks to unify software spending for 2020

    Defense Department acquisition head, Ellen Lord, hopes to simplify software buying and improve business systems following the release of the Defense Innovation Board's final software acquisition study.

Stay Connected

FCW INSIDER

Sign up for our newsletter.

I agree to this site's Privacy Policy.