[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[FYI] (Fwd) FC: More on Intelink by J.Orlin Grabbe from Laissez



------- Forwarded Message Follows -------
Date:          Wed, 07 Apr 1999 07:28:54 -0400
To:            politech@vorlon.mit.edu
From:          Declan McCullagh <declan@well.com>
Subject:       FC: More on Intelink by J.Orlin Grabbe from Laissez Faire Times
Reply-to:      declan@well.com


**********

Date: Wed, 07 Apr 1999 01:54:53 -0700
From: "J. Orlin Grabbe" <kalliste@aci.net>
To: declan@well.com


Declan McCullagh wrote:

> Date: Tue, 6 Apr 1999 08:35:33 -0400 (EDT)
> From: Roland Grefer <btirg@uis.doleta.gov>
> Subject: No more top-secret pizza boxes (fwd)

A different view of Intelink.

Orlin




INTELINK




a book review by J. Orlin Grabbe

Intelink is the classified, worldwide intranet for the U.S.
Intelligence Community_ linking together the Central Intelligence
Agency (<http://www.odci.gov/>CIA), the National Security Agency
(<http://www.nsa.gov:8080/>NSA), the National Reconnaissance Office
(<http://www.nro.odci.gov/>NRO), the National Imagery and Mapping
Agency (<http://www.nima.mil/>NIMA), the Defense Intelligence Agency
(<http://140.47.5.4/>DIA), and 8 other intelligence organizations,
including the <http://www.fbi.gov/>FBI.

Intelink is the subject of Frederick Thomas Martin^Os flashily titled
Top Secret Intranet: How U.S. Intelligence Built Intelink_ The
World^Os Largest, Most Secure Network. Perhaps the most surprising
revelation the book makes is that this very closed network was built
entirely on open system standards like TCP/IP (the communication
protocols of the Internet) and SGML (Standard Generalized Markup
Language, of which HTML_ the hypertext presentation language of the
World Wide Web_ is an application). Indeed, Martin gets around to
boldly stating that "Intelink is patterned after the global Internet."

"It was a dark and stormy night," Martin^Os introduction begins, and
that is the best written sentence in the somewhat ponderously crafted
and repetitious Intro_the literary techniques of English novelist
<http://prefect.com/home24/examples/Stormy/index.html>Edward
Bulwer-Lytton otherwise conspicuous by their absence. Reading
Martin^Os mushy acknowledgements, one quickly forms the impression of
a book both written and vetted by a committee; indeed, one begins to
question whether Martin^Os name should appear on the book at all.
Martin recently retired from the NSA as Deputy Director of its
Information Services Group.

But it gets better once we reach the book proper. Chapter 1 tells the
origin of Intelink, how in 1994 DCI
<http://www.pbs.org/newshour/bb/bio/woolsey_bio.html>James Woolsey
created the Intelligence Systems Board (ISB) to improve the
interoperability of information systems supporting intelligence
operations. Along with ISB came a permanent staff, known as the
Intelligence Systems Secretariat (ISS). Steven Schanzer, the first
Director of the ISS, became the "father" of Intelink. A "proof of
concept" prototype was put together in April 1994, and by the end of
the year Intelink was operational. The rest of Chapter 1 gives a
thumbnail history of the Internet and the World Wide Web, introduces
SGML and its offspring HTML (an SGML application) and the more recent
XML (eXtensible Markup Language, a subset of SGML which will be
supported in future Netscape and Internet Explorer browsers), and
concludes with a discussion of the need for Intelink to meet the
changing needs of intelligence.

Martin notes that SGML was adopted for document tagging by the
Department of Defense in 1987 in its
<http://www-cals.itsi.disa.mil/>CALS ("Continuous Acquisition and
Life-Cycle Support") Program, then as an information processing
standard by the CIA in 1993, and finally by Intelink in 1994.

Chapter 2 is essentially a bureaucratic history of the development of
Intelink, and describes the eventual formation of the Intelink
Management Office
(<http://www.ncsievents.com/intelink98/history.htm>IMO), whose
Director alternates between the CIA and DIA, and whose Deputy Director
is always NSA. There are dry recitations of duties and goals, some of
which read like they were written by an IT-trained Russian speaker
struggling with the English language. For example: " Enhancing
support infrastructures to ensure that future Intelink services enjoy
the stability of a robust and well-administered information
environment; [Translation: Get our shit together.]

" Establishing a viable training program to ensure that all producers
and users can effectively use existing and new services; [Translation:
Teach people to use the system.]

" Developing a technology integration program to ensure that Intelink
enjoys the benefits of early introduction of new information
technology;" [Translation: Grab the new stuff pronto.] The chapter
notes that the Global Command and Control System (GCCS)_ the
Department of Defense^Os new system for delivering command and control
capabilities to the warfighter_ relies in part on Intelink. (See
"Intelink-S," below.)

As currently constituted, Intelink is segmented into security levels.
At the core is "Intelink-SCI." SCI, according to Martin, stands for
"Special" Compartmented Information, although most other people seem
to think it stands for
<http://www.spb.gov/html/INVSTDS.html>"Sensitive" Compartmented
Information (see, for example, Jeffrey T. Richelson, The U.S.
Intelligence Community, 3rd edition). Information available on
Intelink-SCI is classified up to "Top Secret/SCI." About 50,000 people
have access to this level, including Monica Lewinsky, while she was at
the Pentagon. (You will recall that Monica had a Top Secret/SCI
clearance for reasons never explained, but presumably because of her
need for detailed handling of Presidential Decision Directives. Image
what could have happened, for example, if a foreign intelligence
service had gotten a sample of Presidential DNA and created a Clinton
clone.) 

The next level is "Intelink-SecretNet" or "Intelink-S," which carries
information classified up to the Secret level.
<http://www.jya.com/intelink.htm>Intelink-S primarily serves the
military, and has around 265,000 users_ most of whom access Intelink-S
through the Defense Information Systems Agency^Os
<http://www.fas.org/irp/program/disseminate/siprnet.htm>SIPRNET (short
for Secret Internet Protocol Router Network). 

The most interesting (and most highly classified) level is
"Intelink-PolicyNet"
or "Intelink-P," which is operated by the CIA and is only available to
very high-level policy makers_ such as the National Security Council,
the DCI, or the President. That way the latter can get all the
information they need, say, before deciding to decimate pharmaceutical
factories in the Sudan or nomad tents in Afghanistan with Tomahawk
cruise missiles.

The final level is "Intelink-UnclassifiedNet" or "Intelink-U," which
includes all open-source (unclassified) intelligence, and which is
available to members of OSIS (the Open Source Information Service) or
others approved by them. OSIS is managed by the CIA, and relies on
public data bases and other unclassified information_ the
"<http://www.oss.net/Proceedings/96Vol1/Appendix_A.html>open-source
intelligence" promoted by Robert Steele. This level is accessed
through <http://www.ascend.com/2174.html>Virtual Private Networks (but
hopefully not ones that use Microsoft^Os
<http://www.counterpane.com/pptp.html>Point-to-Point Tunneling
Protocol).

Martin notes the close relationship of the intelligence community_
especially the NSA_ to the Software Engineering Institute
(<http://www.sei.cmu.edu/sei-home.html>SEI) at Carnegie Mellon
University in Pittsburgh. 

Chapter 3 argues the need for standards (and there is little to argue
with here), and discusses three from the Department of Defense:
<http://www-library.itsi.disa.mil/tafim.html>TAFIM (Technical
Architecture Framework for Information Management),
<http://spider.osfl.disa.mil/cm/cm_page.html>COE (Common Operating
Environment), and <http://www-jta.itsi.disa.mil/>JTA (Joint Technical
Architecture). In charge of all this is the Assistant Secretary of
Defense for <http://www.c3i.osd.mil/>C3I (otherwise known as Command,
Control, Communications, and Intelligence). (Elsewhere I have
attempted to create an easy-to-read intuitive guide to what command
and control_ C2_ is all about, in the context of
<http://www.aci.net/kalliste/part28.htm>SIOP, the Single Integrated
Operational Plan for Nuclear War.) 

The 8 volumes of TAFIM basically focus on open systems and the need to
follow international and national standards. JTA_ which like TAFIM was
inspired partly by co-ordination failures in the 1991 Gulf War_ is the
practical implementation of TAFIM, mandating the use of
commercial-off-the-shelf (COTS) software and hardware products, as
well as standards such as SGML for documents. 

COE can be briefly explained as follows. The 1970s mainframe-based
war-fighting system, the World-Wide Military Command and Control
System (<http://www.gcn.com/gcn/1995/october2/jwiddemo.htm>WWMCCS,
"whim-mix"), was upgraded in the 1980s, and eventually replaced in the
1990s. The new system was called the Global Command and Control System
(<http://www.geocities.com/Pentagon/4231/gccs.htm>GCCS), and was built
by direction according to international and national information
processing standards, using commercial and government "off-the-shelf"
products wherever possible. (GCCS runs on Sun Microsystems computers
running the Solaris Unix operating system.) COE consists of the
software pieces of this common computing and communications
environment, as well as the specifications for putting the pieces
together to support specific military missions.

These three Defense Department standards automatically impact 8 of the
13 intelligence organizations within Intelink^xNSA, DIA, NIMA, NRO,
and the military intelligence units of Army, Navy, Air Force, and the
Marines. To such Defense standards are added other initiatives
relevant to Intelink and specific to the intelligence community, such
as the <http://www.nsa.gov:8080/programs/ncs21/>Unified Cryptologic
Architecture 2010 (by analogy to
<http://www.dtic.mil/doctrine/jv2010/index.html>Joint Vision 2010),
initiated by NSA Director Kenneth Minihan in September 1997, which
mandates common cryptology standards and procedures across the
intelligence community.

Chapter 3 concludes with a discussion of the Defense Message System
(<http://www.ieca.com/File-Archive/CDB-MILCOM-9511/>DMS), Defense^Os
new e-mail system using COTS software. It looks pretty much like the
e-mail system you use, except encryption is provided by FORTEZZA
instead of PGP. (In the DMS, "e-mail" refers strictly to personal, as
opposed to organizational traffic. Here I ignore this distinction.)
The DMS is being implemented throughout the intelligence community.

Chapter 4 talks about security. It discusses
<http://www.aci.net/kalliste/money1.htm>privacy,
<http://www.aci.net/kalliste/cryptnum.htm>encryption,
<http://www.aci.net/kalliste/digsig.htm>digital signatures,
<http://www.aci.net/kalliste/des.htm>DES,
<http://www.aci.net/kalliste/cryptnum.htm#publickey>public key
cryptography, and
the like. Nothing new here. The chapter also looks at the psychology
of network attackers: what motivates their nefarious deeds? Martin
mentions money, revenge, and terrorism, but not the much more common
Faustian impulse (the simple desire to know and understand that
motivates many hackers). However, Martin classifies the latter as
terrorists, so in his terms the categories are complete. 

Martin presents a curious group of spies, along with what he believes
motivated them: the Walker family; NSA mathematicians William Martin
and Bernon Mitchell, along with NSA^Os Robert Lipka; the CIA^Os
Aldrich Ames, Edwin Moore II, Donald Groat, Harold Nicholson; the
FBI^Os Earl Edwin Pitts; the Korean Robert Kim. For example, Martin
says Aldrich Ames was motivated by greed, but anyone who has studied
the case knows the truth is much more complicated than that. But the
strange thing about Martin^Os list is the omission of
<http://www.aci.net/kalliste/pollard_em.htm>Jonathan Pollard, who did
more damage_ especially to the NSA_ than all of the above put
together.

Martin is somewhat dismissive of the Deschall crack of DES in June
1997, which took several months and used the idle computer time among
thousands of Internet computers. He probably knows better. But now
that the Electronic Frontier Foundation has built
<http://www.eff.org/descracker/>Deep Crack, there is no further room
for argument: 56-bit DES only gives fleeting security. 

Chapter 5 gets off generalities and discusses actual Intelink
security. At the time this book was written, Intelink was only
protected by passwords: different passwords for different security
levels of Intelink. In fact, each security level operated as a
separate network, so that one might have an Intelink web page inviting
comments on an article, say, and find it necessary to give three
separate contact addresses for users, respectively, of Intel-SCI,
Intel-S, and Intel-U. 

Within each level, no distinctions were made among the users in the
pool. All in all, the simple password mechanism suggests that security
was fairly mickey-mouse in this "world^Os most secure network."

The intent, however, was to introduce strong two-way authentication
using a <http://www.aci.net/kalliste/cryptnum.htm#CA>certification
authority (CA) issuing X.509 certificates. The idea was to replace the
current layered password approach with a single sign-on password,
along with a security token (such as a smart card containing the
required certificate information, which could also double as an
identification card). Then when the user wanted to access a particular
database, he would present his certificate (via the security token),
which the server would check for the proper authorization.

Channel security (between the user and the Intelink server) is
provided by the <http://welcome.to/ssl>Secure Sockets Layer (SSL).
Martin does not discuss any of the short-comings of SSL 3.0, such as
the fact that <http://www.counterpane.com/ssl.html>within the
key-exchange message protocol, the change cipher spec is not protected
by message authentication in the finished message. He talks about
RSA^Os MD5 hash function without noting that even RSA no longer
recommends its use (see
"<http://www.rsa.com/rsalabs/pubs/html/bulletin.html>Recent Results
for MD2, MD4, and MD5"). He refers to Triple-DES as using 112-bit
keys, when in fact it uses either two or three 56-bit keys (64-bit
keys if you include the disgarded parity bits), but has the equivalent
security of a 112-bit key.

Intelink has its own bulletin boards, or Usenet-type groups, called
Communities of Interest (COI). Restricting access to these was
considered especially important, as they are liable to involve serious
and detailed discussion of the lastest information (including
classified data) on relevant topics. Beta-tests of the
certificate-based approach using COTS software have been done in
connection with the Non-Proliferation Center (NPC) and the Anti-Drug
Network (ADNET).

Chapter 5 also discusses the NSA^Os Multilevel Information Systems
Security Initiative (MISSI), including
<http://www.aci.net/kalliste/money1.htm#fortezza>Fortezza and Rosetta.
Fortezza, of course, arises from the "Clipper chip" framework (with a
government back-door) that the Clinton administration tried, but
failed to cram down the throats of the American public.
<http://www.armadillo.huntsville.al.us/index.html>Fortezza is a PC
card that includes the Secure Hash Algorithm (SHA), the Digital
Signature Standard (DSS), the Skipjack encryption algorithm (with weak
80-bit keys), and a key exchange algorithm. To use his Fortezza card,
the owner must enter a 12-digit PIN (similar to the 4-digit PINs used
in ATM cards). But since most networks don^Ot use PC cards, and since
Fortezza cards are relatively expensive, a second project called
Rosetta intends to substitute a low-cost "Rosetta" smartcard as an
alternative to Fortezza.

Chapter 6 describes Intelink user tools and services. The material
here will be familiar to any user of the Internet. For example, one of
the search tools used by Intelink is
<http://altavista.digital.com/>Altavista, one of the best and most
widely-used Internet search engines. The main interest of this chapter
lies in the discussion of the
<http://www.ncsievents.com/intelink98/expo.htm>specific COTS software
that Intelink uses for its search engines, for the management of its
user groups (COIs, such as misc.weapons.iraq), and for the provision
of reference aids. This includes such familiar commercial software as
WebChat and RealMedia.

Chapter 7 describes how Intelink manages information. The book claims
that corporations typically deal with structured data (the type that
can be easily handled by relational databases) while the intelligence
community deals with unstructured data. (This statement is easy to
dispute: corporations haven^Ot learned to structure inherently
unstructured information any better than intelligence organizations.
That^Os why, for example, universities have management departments
which often teach by cases studies, which aggregate unstructured
information and try to make sense of it.) But_ moving on. How does
Intelink deal with its inherently "touchy-feely" information problems?

First, Intelink set up a Joint Standards Board (JSB) patterned after
the World Wide Web Consortium (<http://www.w3.org/>W3C). Next, it
formalized the use of metadata_ essentially document tags, such as
security classification, name of the intelligence organization
producing the document, title, date, topic country, etc.

Next it set up its own Web publishing standards based on SGML.
<http://www.oasis-open.org/cover/sgml-xml.html>SGML is a metalanguage
that allows you to create individual markup languages, such as
<http://www.geocities.com/Athens/2694/sgml.html>HTML, the language
that Tim Berners-Lee created for the World Wide Web. But you could
just as easily create Your Own Markup Language (YOML). So a document
marked-up in SGML potentially could be displayed in HTML or in YOML,
depending on prior conversion or the future capabilities of your
browser. A problem with SGML is that it is so general that programmers
find it impossible to get a handle on it. That led to the creation of
a simplified version of SGML, called
<http://www.oasis-open.org/cover/sgml-xml.html>XML, which still allows
to you to create your own markup language, but removes some of the
perhaps excessive generality of SGML. The World Wide Web is evolving
from HTML to SGML/XML, and so is Intelink. (It appears that
intelligence documents are currently marked up in SGML, in many cases,
but automatically converted to HTML before being published on
Intelink.)

Finally, Intelink has experimented with "push" and "pull" technology.
"Pull" is when you go out to the Web (or Intelink) and search for what
you are looking for. "Push" is when you set up criteria or filters for
what you are generally looking for. Then newly published information
is broadcast, and if it meets your filters, it arrives at your site as
voluntary spam.

Chapter 8 involves some case studies from the Joint Intelligence
Center, Pacific (JICPAC), the Office of Naval Intelligence (ONI), the
NSA, the Foreign Broadcast Information Service, and NIMA. These
studies document the problems of moving from paper to on-line or
CD-ROM publishing, and highlight the implementation difficulties of
new standards such as SGML. But there are benefits. The ONI, for
example, can now publish its ships and weapons handbooks using 5
percent of previous resources, and in 1 percent of the turnaround
time. "The traditional paper version of the Naval Ship and Submarine
Characteristics Handbook series consisted of 11 regional volumes of
about 1,000 pages each. These volumes were distributed to over 900
customers around the world at a total cost of approximately $250,000.
The cost to produce the new CD version is about $10,000, or less than
five percent of the paper version" (p. 265).

Chapter 9 looks to the future "information revolution of the Third
Millennium." Intelink wants to be part of it. Here, as in much of the
book, the approach is cut-and-paste: this person in a speech made this
list of points_ 1, 2, 3; that person made that list of points_ A, B,
C. Blah, blah, blah. But of course the real information revolution
will arrive when Martin learns to integrate all this information into
an informative, non-repetitive narrative. But instead he prefers to
randomly quote as many people as possible (a paean to "our crowd"?),
and to endless repeat the same ideas over and over in slightly
differentiated form. And, naturally, every significant idea has to be
credited, if possible, to an appropriately high-level bureaucrat. 

The chapter does raise an interesting question: if information is
conceived of as an economic commodity, what should its price be? Here
I will only note that both Aldrich Ames and Jonathan Pollard worked
hard to answer that question, but the value of their research was
somewhat diminished because they each dealt in limited markets.

As an example of how the private sector is coping with the information
revolution, Chapter 9 also looks at <http://www.imagineering.org/>Walt
Disney Imagineering_ a company which works closely with the
intelligence community. Walt Disney Imagineering, at least Bran
Ferren, sees the global Internet as the enabler of the future_ and one
sees little reason to dispute this. (I wrote an article along the same
lines, <http://www.aci.net/kalliste/webrevol.htm>"The Internet and the
Death of the News Monopoly," to explain the future to 60 Minutes, but
they had no idea what I was talking about.) 

According to the book, "the Internet is like fire." So I guess if you
stick your hand in it, you are liable to get your fingers burnt.

Chapter 10 talks about the agile enterprise. "Agile" here is a
buzzword, but basically means the opposite of sclerotic. We want
<http://www.ornl.gov/qcae/qcae.html>agile enterprises, not sclerotic
ones. The book helpfully quotes a <http://www.mitre.org/>MITRE
Corporation white paper that explains that in order to create the
agile enterprise, "we must become more agile . . ." 

The reason for all this nonsense apparently is that Ruth David, Deputy
Director for Science and Technology at the CIA, likes the word. The
basic image is that of an enterprise that reacts quickly and
efficiently to customer needs. Fair enough. However, once you turn
something into a buzzword, it quickly loses all contact with reality.
"<http://www.parshift.com/aermodA0.htm>What is the essence of agile?"
"The ten (or is it 24?) characteristics of the self-organizing agile
enterprise." "Why connected process A is 35 percent more agile than
connected process B." "We need congressional funding for a global
survey of forward-looking agility." Etc.

One measure of agility may be demonstrated when people post articles
you don^Ot like to Usenet_ such as
<http://www.aci.net/kalliste/hackers2.htm>"Hackers Vs. Politicians".
See how quickly you can delete them. The agile enterprise, such as
NSA, will hop right to it and get the job done.

One would not want to leave Chapter 10 without picking up another
acronym: JIVA, the DIA^Os <http://www.mews.org/jto/jiva.html>Joint
Intelligence Virtual Architecture. (Don^Ot ask. After a while, all
these Five-Year Plans sound alike.)

The Glossary pretty much sucks. It will tell you, for example, that
"CIA" stands for "Central Intelligence Agency" (gee, how helpful), but
will not tell you that "ISS" stands for "Intelligence Systems
Secretariat." (Under "Intelligence Systems Secretariat," however, it
will let you know that "ISS" is its acronym.) The same is true of a
myriad of other obscure acronyms that appear in the book and which are
apt to slip the mind from time to time. But this is somewhat
consistent with the cut-and-paste philosophy. One envisions that
someone found a glossary of intelligence terms and pasted them into a
hole in the manuscript, without giving further thought to the actual
usefulness or completeness of the addition. 

The CD-ROM included with the book doesn^Ot have a lot on it. The main
thing is a sample copy of the "Intelink Central" homepage, and a few
not-terribly-informative subpages. These, naturally, can^Ot be
explored and used by the hoi polloi for real, but the latter can look
at the pretty markup and wonder what^Os behind all those links.

Will you find the book and CD-ROM worth the $35 cover price? Probably.
Just buy it. You don^Ot have to like it.

----------
Top Secret Intranet: How U.S. Intelligence Built Intelink_ the
World^Os Largest, Most Secure Network, by Frederick Thomas Martin,
Prentice Hall PTR, Upper Saddle River, New Jersey 07458, publisher
website: <http://www.phptr.com/>http://www.phptr.com. ISBN
0-13-080898-9.

----------
J. Orlin Grabbe is the author of
<http://www.elder.com/kon/action.lasso?-db=Products.fp3&-lay=CGI&-form
at=det ail.htm&-recid=32771&-token=34674&-find>International Financial
Markets, and is an internationally recognized derivatives expert. He
has recently branched out into cryptology, banking security, and
digital cash. His home page is located at
<http://www.aci.net/kalliste/homepage.html>http://www.aci.net/kalliste
/homep age.html . -30-

from <http://zolatimes.com/>The Laissez Faire City Times, Vol 3, No 9,
March 1, 1999




----------------------------------------------------------------------
---- POLITECH -- the moderated mailing list of politics and technology
To subscribe: send a message to majordomo@vorlon.mit.edu with this
text: subscribe politech More information is at
http://www.well.com/~declan/politech/
----------------------------------------------------------------------
----