NSA testing smartphones, tablets on safe mobile architecture

March 29, 2011
Cyber Security, FedCyber Wire
No Comment

via Nextgov

The National Security Agency is testing a new mobile infrastructure, largely composed of commercial tools, to secure Top Secret information on portable devices, such as smartphones and tablet computers, a high-level NSA official said.

The intelligence community, like the rest of the federal workforce, increasingly wants to access information on the go, which is creating a challenge for Debora Plunkett, director of the NSA Information Assurance Directorate. Mobility is just one of about 10 challenges– or “opportunities” as Plunkett likes to call them — that she has set out to tackle this year, she said in an interview with Nextgov.

Moving ahead, her priority will remain bolstering national security networks at the agency responsible for safekeeping the nation’s secrets and spying on others’ covert activities, she said. But the evolving threat landscape has prompted her to change tactics.

After the disclosure of thousands of pages of classified material on the WikiLeaks website, there is increased interest in the data that NSA houses. In addition, technology is rapidly advancing, and cyber adversaries are becoming more sophisticated.

To shore up mobile devices, NSA is experimenting through the summer with an architecture comprised of commercial handsets and a data delivery concept similar to one used by Amazon’s Kindle e-reader and OnStar Corp.’s navigation systems, Plunkett said. So-called mobile virtual network operators, or MVNOs, lease wireless capacity owned by other network providers, including Verizon Communications and Sprint, and then repackage the mobile services with their own specialized features under a new brand name, such as “OnStar.”

But “the IT architecture of the future,” said Plunkett, will be cloud computing –accessing over the Internet information technology systems that are grounded elsewhere– and virtualization, a means of segmenting one physical server into smaller servers that can be accessed remotely.

More here