| Program
Background and Vision:
Wireless communications devices are proliferating throughout the
world, and can pose significant security risks to national security
and the non-wireless networking infrastructures if not properly
implemented. Since wireless technology has emerged there has been
an increased demand in the use of wireless communications devices.
With the demand, wireless communications also become a major source
of new vulnerabilities. Related security solutions have been developed
to address the new vulnerabilities. Today Wireless Fidelity, better
known as WiFi, is one of the wireless technologies that present
great opportunities as well as security concerns. In the future,
technologies such as Ultra-wideband (UWB), 3G, Software Defined
Radio (SDR), Mobile Ad Hoc Networks (MANET), and 802.16 fixed
broadband will all need to be addressed from a security perspective.
DISA API41 launched the DISA Wireless Security Support Program
in March of 2003 to be able to address wireless and its security
implications today and in the future. The vision of this program
is to become recognized by DISA and the DoD as a focal point for
wireless security expertise and as a wireless security leader.
Program Overview
The DISA Wireless Security Support Program was initiated in response
to the opportunities and risks related to the adoption and evolution
of wireless technologies in DISA and the DoD. This program is
chartered to provide IA support, coordination and leadership for
the DISA Wireless Working Group (DWWG), and architecture and engineering
support to DISA wireless services. These services include the
wireless components of Transformational Communications and GIG
Bandwidth Expansion programs as well as other wireless initiatives
within DISA. It is the objective of the Wireless Security Support
Program (WSSP) to ensure that these efforts have adequate wireless
IA support resulting in a secure wireless environment that is
compliant to the wireless policies and guidelines of DISA and
the DoD.
Program Plan
The DISA Wireless Security Program will provide support to DISA
in coordinating existing and future wireless services and activities
within DISA. The program has begun to take steps to provide a
focal point to ensure that DISA has a cohesive Agency-wide initiative
that is compliant with DoD Information Assurance (IA) requirements.
Some of the specific activities supported include:
- Providing expert wireless security consulting services to
all DISA organizations working with wireless technologies.
- Providing IA support, coordination, leadership, architecture
and engineering support to DISA and its DoD customers.
- Providing coordination for Wireless Security (IA) for the
DISA Wireless Working Group.
- Wireless engineering, design, testing, evaluation, requirements
development, policy review and development in support of DISA’s
wireless initiatives and DISA’s Transformational Communications
Architecture.
- Development of recommendations for the secure implementation
of wireless connections to the Internet and the NIPRNet.
- Development of recommendations for the implementation of
Wireless Access Point connections directly to the SIPRNet/NIPRNet
or SIPRNet/NIPRNet-connected enclaves .
- Development of a secure wireless networking architecture
that provides secure wireless networking access for all DoD
users to the DISN backbone.
Program Execution
This initiative began in March 2003 with the key objectives being:
- Provide Wireless Working Group Support
- Provide Wireless Policy Support
- Provide Wireless Security Support and Engineering to DISA
Wireless Services
DISA currently has several initiatives that directly involve wireless
security. The wireless security program has coordinated with the
following activities:
- Network Services (NS)
- Connection Approval Process (CAP)
- Strategy and Policy
- IN11 Networks Division
- IA Web Portal
- Field Service Operations (FSO)
- DoD CERT
- Office of the Secretary of Defense (OSD)
The wireless security program is actively participating in wireless
support in the System/Network Approval Process in their effort
to integrate wireless rules and regulations into the Connection
Approval Process (CAP). Support is being provided in developing
a Wireless Security Reference Model. The model will address policies,
procedures, technology, architecture, and guidance documentation
for wireless solutions within the DISN. In developing this model,
API41 would like to solicit information from the existing and
future wireless users within DISA. If you would like to assist
in this effort please complete the Wireless
Security Reference Model Survey.
References:
Wireless
Security Policy and Guidance Documents
FAQs:
Wireless Security Frequently Asked
Questions |
