Seamless Security – Can Wireless Technology Match the Demands of the Military Sector?
Wireless technology has immense value for the military sector but caution remains that it can render systems vulnerable. Alex Hawkes explores the latest wireless security protocols in the market.
Wireless infrastructure can act as the communications spine for a successful military base or checkpoint. By integrating various forms of verification technology, the infrastructure can also overcome issues that arise when critical information needs to be seamlessly exchanged in order to confirm access for authorised personnel – that is, providing the network is sufficiently secure.
There are a number of wireless technology suppliers in the market that offer safeguard capabilities, but standards vary and not every end user can be confident that the necessary procedures are in place to meet the high-level demands of the military sector.
On the defence
Fortress Technologies introduced its first integrated wireless solution designed to meet the demands of national security and defence programmes in 2006. Its president, Janet Kumpu, says she believes the product's ability to comply with government requirements is pivotal to the overall technology's development.
"We are the market leader in delivering secure wireless communications to the government because we understand the security mandates and policies and invest in that capability upfront when we introduce each product to the market," says Kumpu.
According to Kumpu assurance requirements are a big need of today's defence industry, which expects security on tap, and to be delivered as though it is a secondary thought process. "We have a product portfolio that allows a government customer to extend the reach of its network to an axis point or a military gate and seamlessly validate credentials of an individual accessing that location in a secure wireless fashion," she adds.
An important feature of wireless technology is its ability to integrate various security applications over the infrastructure. US-based Fortress Technologies supplies hardware and software that allows clients to have the necessary information credential requirements for a device, be it a handheld scanner or a cac-card reader, to sustain itself within a wireless network.
"With our gate-card solutions the client would load on to a device that is able to read the verification parameters of the individual gaining access. This will communicate to our wireless infrastructure and back to the central database that would validate the person's credentials," Kumpu says.
"We actually do testing with all such devices to ensure they seamlessly integrate with our products and collaborate with the manufacturers to compliment the applications," she adds.
As complex as such solutions sound, the deployment period required to introduce one is relatively brief. Once the wireless infrastructure has been established, deploying applications can take as little as half an hour to install. "We recommend and usually conduct a site survey at the beginning of a project to support the products or customers directly and ensure they layout the wireless infrastructure properly. Once that has been achieved, unless they are looking for software upgrades with incremental features, there is minimal support required," she says.
In the US, wireless security protocols used by government bodies must comply with requirements issued by the National Institute of Standards and Technology (NIST), known as the Federal Information Processing Standard (FIPS) 140. These are a series of publications that specify requirements for cryptography modules, the current version was issued in May 2001 and known as FIPS 140-2.
The validation of cryptographic modules is a significant process for a secure wireless infrastructure developer and one that ensures the product it places on the market is capable of operating at the high level required. For Fortress Technologies, this is an area of the business the company pays close attention to.
"The largest challenge, and one that we have continuously been able to overcome, is making the necessary investments to meet the government's requirements. The government has stringent information assurance guidelines in place that tend to change over time," says Kumpu.
"The FIPS criteria are something we invest in and design our products around. FIPS standards challenge an organisation to aggressively plan when developing new capabilities. The accreditation processes really validate the environment the products are working in and I believe FIPS to be very innovative."
The stringent nature of FIPS is also complemented by a common set of criteria applicable to each of the services within the Department of Defence, say for instance the navy.
Despite this, Fortress Technologies notes that in the past the military sector has generally been slower to rely on wireless technology for its communication infrastructure than the commercial sector.
There remains a cautious approach to the technology, but Kumpu says she believes this is something that is starting to change. "With products like ours available on the market combined with a greater education of the level of security required for the sector, we are witnessing a significant increase in business," she says.
As a software support provider for wireless security, Columbitech has experienced increasing interest from Europe and the US. Such is the stature of the FIPS 140-2 certification that the company has found the US standards also transpire over to the European market.
Columbitech's president Asa Holmstrom is quick to identify just why that is the case. "My theory is that the market in the US was an early adopter of wireless technology, while in Europe the infrastructure is younger and in other regions such as Asia even younger still," she says.
Columbitech began operations in 2000 by its initial founders the telephone company Eriksson in Sweden. The company has since witnessed the evolution of its mobile VPN (virtual private network), which has now reached its third generation of technology.
"The mobile VPN offers seamless mobility but was initially offered with just email access. By the second generation it was compatible with more specific solutions and now the Columbitech VPN runs with a range of applications, research and different users," says Holmstrom.
"Our Mobile VPN is software that can be applied to a laptop, PDA or desktop. We create an encrypted tunnel back to a VPN server, which places applications behind a firewall. From the user's point of view, they would appear connected to the network and able to receive normal access – it in effect offers total applications transparency," she says.
The solution first became FIPS certified in 2003 and is currently in operation within a number of US military bases worldwide. Mobile VPN is compatible with up to three authentication factors, ranging from biometrics to smart cards and the system can operate within a vast range of domain services.
"We produce encryption on the level that is demanded today. One thing the Department of Defence (DoD) appreciates is that the software is always able to adapt to new encryptions or higher technology in the future. Integrity is a base component of security – we always try to bring wired security levels to the wireless world – adding mobility but never leaving anything behind," Holmstrom adds.
Of Columbitech's current projects, its involvement with US submarines raises an interesting case study. The company provides the wireless layout onboard the ships, which is communicated via satellite when the vessel is above surface.
"For environments which move in and out of coverage, there is a session resume functionality that enables a user to restart where the programme left off. This removes some of the frustrations associated with the sector and allows for a persistent connection and seamless roaming," says Holmstrom.
"The military sector has really tested us as a company and proved that our solution can deal with all different environments," she adds.