Navy eases network access

The Navy is continuing work on an identity management system that, when finished, will allow all Navy personnel to log on to any of the service's computer networks from any Navy location.

The Space and Naval Warfare Systems Command (Spawar) has begun to deploy the authentication system, called Oblix NetPoint, and is integrating it with Microsoft Corp. Windows Server and Active Directory.

Oblix Inc. and Navy officials say the project is one of the largest such initiatives in the federal government. It is part of the Navy Enterprise Portal effort, said Terry Howell, program manager for the portal at Spawar.

"The portal is one small part of it," he said. "It's a service-oriented architecture. We've got a lot of networks across the department of the Navy. [The Navy Marine Corps Intranet] is one large one, but there are also a lot of legacy [networks] that are being phased out. We've also got multiple networks afloat and multiple networks outside the United States."

During the next six to nine months, "Oblix will touch every Navy person, scaling up to 800,000 users," said Jim Welch, the company's senior director of marketing.

The system interacts with the Navy Global Directory Service, which is part of the portal, he said. As various organizations within the service register their users in the directory, they will gain the ability to log on through the Oblix system.

Based on Security Assertion Markup Language (SAML), the system electronically vouches for a user who has signed on to a network that is part of the system, Howell said. SAML is an Extensible Markup Language framework for exchanging authentication and authorization information being developed by the Organization for the Advancement of Structured Information Standards.

"Until the Navy Global Directory Service is built out, we won't have the enterprisewide directory," Howell said. "For the most part, our single sign-on engine has been done. All we're waiting on to roll out the hardware and additional software licenses."

The system is deployed through 12 ships in one battle group and land facilities in San Diego; Norfolk, Va.; Hawaii and Italy, he said.

The system is geared toward username and password authentication but will probably grow to use smart cards and a public-key infrastructure, Howell added.

The Navy decided not to use proprietary software except when it was unavoidable, he said. "We're going to stay with the open standards. As they mature, we'll mature with them," he said.

Howell expects to implement the system across two more battle groups starting in January 2004, he said.

"We're thrilled with what Terry's been able to do," Welch said. "It's really cool. It's very leading edge. This may be the largest deployed SAML implementation to date."

Ray Wagner, research director for information security strategies at Gartner Inc., said the Navy's project is one of the early potential success stories for a technology and approach that he believes will become more common. Company officials recently completed an analysis of the market, he said, that predicted that "the trickle of 2003 would become a stream in 2004 and a river in 2005. We expect to see much more of the kind of thing you're seeing here in the Navy, in the use of this technology internally."

Decentralized, or federated, identity management offers some useful advantages for a military organization, he said.

"It allows an organization cut off from the rest of the world to continue to operate," Wagner said. "If there's one battle group or one shore facility that for some reason is cut off from the rest of the Navy environment, individuals in that group can continue to operate."


  • Contracting
    8 prototypes of the border walls as tweeted by CBP San Diego

    DHS contractors face protests – on the streets

    Tech companies are facing protests internally from workers and externally from activists about doing for government amid controversial policies like "zero tolerance" for illegal immigration.

  • Workforce
    By Mark Van Scyoc Royalty-free stock photo ID: 285175268

    At OPM, Weichert pushes direct hire, pay agent changes

    Margaret Weichert, now acting director of the Office of Personnel Management, is clearing agencies to make direct hires in IT, cyber and other tech fields and is changing pay for specialized occupations.

  • Cloud
    Shutterstock ID ID: 222190471 By wk1003mike

    IBM protests JEDI cloud deal

    As the deadline to submit bids on the Pentagon's $10 billion, 10-year warfighter cloud deal draws near, IBM announced a legal protest.

Stay Connected

FCW Update

Sign up for our newsletter.

I agree to this site's Privacy Policy.