The virtual directory serves as “white pages” for DOD – Defense Systems

The virtual directory serves as “white pages” of the DOD

Joint Enterprise Directory Service helps connect MoD agencies and users

As the Department of Defense strives to improve information sharing through the Global Information Grid, a program facilitates this mission with virtual “white pages” collected from multiple DOD offices, servers and communities.

The joint venture directory service (JED) is gearing up to be the big daddy of DOD contact information – some 4 million announcements now that the program has been fully implemented, according to Robert Richardson, head of the JEDS program.

“Directories are the backbone of any business. This is how you find things on the network, ”said Richardson. “It makes it easier to focus on the network and share information. “

Information for the directory comes from a number of sources, including the four departments, human resources, accreditation records, registration system databases, and directories provided by individual agencies. It also uses information from the Global Directory Service and the Public Key Infrastructure program, both of which provide access control and accreditation.

“It’s really a joint effort,” said Richardson. “To do this, we need the commitment and support of all components and offices,” including relevant programs and associated communities of interest, including entrepreneurs.

Such a massive company has its challenges. The creation of JEDS, which began in 2007, means balancing the urgent need for information sharing with concerns about privacy, security and ethics, Richardson said.

“You have to weigh those concerns against the ability of people to find the people they need to talk to, especially because we have more common needs, so we have to have that at the corporate level,” Richardson added. .

The construction of a repository of this magnitude also involves a certain number of logistical obstacles. Many DOD staff have more than one email address, for example. Then there is the high rate of change as people change offices and assignments. “There’s quite a bit of churn in the military,” all of this needs to be updated in an individual’s JEDS file. When everything is set, it should be delivered in an easy-to-use format.

“It’s a real challenge to put all of this information together, put it together and put it back in a fast and secure interface,” said Richardson.

In an era of cyber sabotage issues, security is a top priority for the JEDS program. The service exists behind DOD firewalls and is only accessible by DOD-accredited parties who must provide two-factor authentication (certificate and PIN) for access. Additionally, the files do not include personal information, but rather a basic work-related identity, such as an email address, work phone, and / or component assignment. And not all records include all information; some are very basic lists for which not all information has been compiled.

There are also varying degrees of access within JEDS, depending on a user’s access controls. Some users, such as contractors, are flagged as being blocked from viewing certain information, and some data may be flagged as “do not publish”.

“My two real security concerns are unauthorized data mining and unauthorized data manipulation,” said Richardson. Possible threats include crawling the directory for email phishing targets or creating an operational image based on staff information. “Unauthorized data mining is by far the biggest risk and challenge to identify and mitigate,” he said, especially because the threat could come from an inside source with the credentials. required.

To help counter this threat, Richardson said DISA has implemented information assurance toolsets that flag any efforts to bypass the two-factor authentication system. Additionally, the desktop incorporates a log aggregation and analysis tool called SPLUNK, which maps user query patterns to identify inappropriate activity and trace it back to the user..

According to Richardson, attempts to manipulate data, for example by a hacker, are unlikely, as any changes to the information would be overwritten the next time JEDS automatically updates the entry in question. “That’s why we need to direct users looking to correct their JEDS information to their data source help desk. It is only at the source that it can be changed, ”he said.

However, mobile directories and their infrastructure can still be fragile or have compromised integrity, according to an analyst. And authentication issues could be disastrous for users who need access to information.

Gartner Research Director Andrew Walls has expressed concerns about relying so heavily on authentication. “The capacity of these operations depends on certifications. If a soldier in the field (is locked out), that’s a big deal. Whether it’s in Afghanistan or Omaha, people have to achieve their goals, ”relying on a system that even Richardson admits is not perfect.

While he acknowledges that in the worst-case scenario, there could be a security breach with access from an unauthorized or potentially malicious person, Walls is optimistic about the security of the DOD. “Given the scale of military operations, we’re talking hundredths of a percent failure – but of course they want zero,” Walls said.

In the future, tracking capabilities could also include virtual “blue pages,” according to Mohammad Khattak, program director for Booz Allen Hamilton, the entrepreneur supporting JEDS.

For now, JEDS seeks to continue building its repository. “It’s an ongoing process,” Richardson said.

About the Author

Amber Corrin is an editor covering Military Networks for Defense Systems.

Calvin W. Soper

Leave a Reply

Your email address will not be published.