Navy eases network access

The Navy is continuing work on an identity management system that, when finished, will allow all Navy personnel to log on to any of the service's computer networks from any Navy location.

The Space and Naval Warfare Systems Command (Spawar) has begun to deploy the authentication system, called Oblix NetPoint, and is integrating it with Microsoft Corp. Windows Server and Active Directory.

Oblix Inc. and Navy officials say the project is one of the largest such initiatives in the federal government. It is part of the Navy Enterprise Portal effort, said Terry Howell, program manager for the portal at Spawar.

"The portal is one small part of it," he said. "It's a service-oriented architecture. We've got a lot of networks across the department of the Navy. [The Navy Marine Corps Intranet] is one large one, but there are also a lot of legacy [networks] that are being phased out. We've also got multiple networks afloat and multiple networks outside the United States."

During the next six to nine months, "Oblix will touch every Navy person, scaling up to 800,000 users," said Jim Welch, the company's senior director of marketing.

The system interacts with the Navy Global Directory Service, which is part of the portal, he said. As various organizations within the service register their users in the directory, they will gain the ability to log on through the Oblix system.

Based on Security Assertion Markup Language (SAML), the system electronically vouches for a user who has signed on to a network that is part of the system, Howell said. SAML is an Extensible Markup Language framework for exchanging authentication and authorization information being developed by the Organization for the Advancement of Structured Information Standards.

"Until the Navy Global Directory Service is built out, we won't have the enterprisewide directory," Howell said. "For the most part, our single sign-on engine has been done. All we're waiting on to roll out the hardware and additional software licenses."

The system is deployed through 12 ships in one battle group and land facilities in San Diego; Norfolk, Va.; Hawaii and Italy, he said.

The system is geared toward username and password authentication but will probably grow to use smart cards and a public-key infrastructure, Howell added.

The Navy decided not to use proprietary software except when it was unavoidable, he said. "We're going to stay with the open standards. As they mature, we'll mature with them," he said.

Howell expects to implement the system across two more battle groups starting in January 2004, he said.

"We're thrilled with what Terry's been able to do," Welch said. "It's really cool. It's very leading edge. This may be the largest deployed SAML implementation to date."

Ray Wagner, research director for information security strategies at Gartner Inc., said the Navy's project is one of the early potential success stories for a technology and approach that he believes will become more common. Company officials recently completed an analysis of the market, he said, that predicted that "the trickle of 2003 would become a stream in 2004 and a river in 2005. We expect to see much more of the kind of thing you're seeing here in the Navy, in the use of this technology internally."

Decentralized, or federated, identity management offers some useful advantages for a military organization, he said.

"It allows an organization cut off from the rest of the world to continue to operate," Wagner said. "If there's one battle group or one shore facility that for some reason is cut off from the rest of the Navy environment, individuals in that group can continue to operate."


  • Defense
    Ryan D. McCarthy being sworn in as Army Secretary Oct. 10, 2019. (Photo credit: Sgt. Dana Clarke/U.S. Army)

    Army wants to spend nearly $1B on cloud, data by 2025

    Army Secretary Ryan McCarthy said lack of funding or a potential delay in the JEDI cloud bid "strikes to the heart of our concern."

  • Congress
    Rep. Jim Langevin (D-R.I.) at the Hack the Capitol conference Sept. 20, 2018

    Jim Langevin's view from the Hill

    As chairman of of the Intelligence and Emerging Threats and Capabilities subcommittee of the House Armed Services Committe and a member of the House Homeland Security Committee, Rhode Island Democrat Jim Langevin is one of the most influential voices on cybersecurity in Congress.

Stay Connected


Sign up for our newsletter.

I agree to this site's Privacy Policy.