ĢƵ

Data-Centricity for Global Mission Collaboration

By Mariel CooleyandBrian Orr

Earth as seen from space with a grid overlaid over the planet

Escaping Siloed Networks

“Today, data is held hostage in incompatible networks and custom infrastructures,” says Mariel Cooley, a ĢƵ Allen vice president focused on defense innovation. “Network-centric infrastructure takes weeks or even months to stand up. Systems must be specially bridged and configured to share data. And once established, they are inflexible. Adding data sharing permissions for new participants—whether allied countries, coalition members, or NGOs—requires extended lead time. The mission can’t wait for that.”

Traditional infrastructure often relies on physical separation between enclaves to enforce secure access, making it difficult to update, expensive to maintain, and far less agile in the face of threats that demand rapid data sharing across platforms and borders. In a data-centric environment, data is readily available in a single plane.

Enabling "East-West" Data Sharing

A data-centric environment secures information at a granular level using zero trust architecture.

“The promise of encrypting data at the most granular level is that commanders can make use of any available network. We can collapse the huge physical infrastructure into a single plane and create pathways to add users and revoke privileges at the speed of battle,” explains ĢƵ Allen Vice President Brian Orr, a leader developing next-generation solutions for mission partner environments. His perspective is shaped by his experience as an Army signal officer and systems engineer working on strategic missile defense command and control solutions.

“The Department has an opportunity to modernize and assure network connectivity without the constraints of stove-piped network enclaves, moving end-user access control to data-layer management.”

“Zero trust data-centric security enables seamless ‘East to West’ data sharing among coalition partners,” explains Orr. ‘East to West’ refers to data transfer within the same security domain. We focus a lot of our attention on creating the capabilities that will allow U.S. forces and mission partners to use basic everyday tools of human-to-human collaboration-voice chat, video, text, and file sharing—across the same physical infrastructure.”

"Bring Your Own Network": Truly Global MPE Collaboration

Zero trust data-centric security paves the way for an open, adaptable environment that will allow mission partners to bring their own systems to the table because it encrypts data at rest or in motion at the most granular level across all connected systems.

“American warfighters need a unified network that can support U.S. warfighters and warfighters from all our allied nations and coalitions, focused on connectivity.”

In traditional network-centric data sharing, partners are privileged to all the data a network holds. Under the new approach, commanders can grant access to mission-relevant information at the individual file level—just one memo, for example—or for an entire security domain. Commanders can create communities of interest, allowing warfighters to message multiple stakeholders on a single network. Once the mission is complete, access is dissolved.

This approach is not only faster and more secure for the warfighter—it also has benefits for tagging and tracking data. An audit trail is created for each usage: who accessed the data, what they did with it, and who received it when. These attributes improve both collaboration and security.

ĢƵ Allen is on the front lines of innovation for zero trust data-centric security, focused on granular data encryption via zero trust security principles. Our technical experts continuously build and test prototypes, leveraging powerhouse partnerships with Amazon, Microsoft Azure, and next-generation companies such as , which specialize in zero-trust data control.

“One benefit of a data-centric Zero Trust strategy is the flexibility it provides the nation's commanders: You can move quickly without compromising security. You also get a level of control that enables you to make access decisions in real time. You can grant access only to those with a need to know, and if circumstances change, you can immediately revoke access at any point. We are working with DOD to implement this technology of complete data control at scale.”

Shifting from Network-Centric to Data-Centric

While the technology to create a data-centric mission partner environment exists, decisions need to be made to overcome incompatible networks and cumbersome policy. For DOD, this means aligning development goals across the forces and with dozens of mission partners. For industry, it means navigating government acquisition processes to make wise, efficient investments that will bring the solutions DOD needs now to full maturity.

“We cannot have coalition connectivity fast enough. Sometimes that is simple interoperability. But working through the policy hurdles has been a big challenge.”

NATO allies need the ability to communicate, test, and iterate quickly to hone their coordinated response capabilities and implement true federated mission networking. Here are five recommendations to speed a successful transition to a data-centric environment.

  1. Coordinated policy and governance – Agree on policies that enable interoperability and information sharing within a sensitive SABRE context. Technology will allow mission partner sharing without physical network separation but policy is not consistent across all accrediting agencies. Codifying this concept will speed collaboration between DOD and industry partners to arrive at the solution.

  2. Modern infrastructure – Build the target infrastructure using modern solutions that accommodate data-centric requirements. Work with commercial partners to integrate the latest cloud computing and identity management security solutions for assured access to data information and applications. This requires DOD to embrace a culture of rapid and continuous innovation, including leveraging an agile acquisition process to incentivize commercial partners to invest, build, and test prototypes.

  3. Accessible data layer – Establish a framework for discovering, securing,monitoring, and accessing data based on attributes and roles, using zero trust principles as a foundation for security. Establish data tagging standards at scale. Meta tagging will make data discoverable and support secure data sharing.

  4. Aligned cyber hygiene – Agree to common standards for cyber hygiene among allies. Cyber hygiene standards include a set of actions that users can take to identify cyberattacks and reduce cybersecurity risks. Shared security mechanisms and training will enhance trust among partners and mitigate risk in the environment.

  5. Continuous experimentation – Test prototypes, innovate, and experiment with mission partners in a lab-like environment. NATO has already made great strides with this approach in projects like Coalition Warrior Interoperability eXercise (CWIX), where alliance and partner nations test interoperability specifications. Make use of flexible agreements such as Other Transaction Authorities (OTA) that allow the government to assess multiple prototypes as part of a “fly-off” competition.

As the pace of war accelerates, data-centricity offers the most rapid path to extend agile communications across the MPE, enabling the U.S. and its allies to act faster than near-peer adversaries such as Russia and China. It allows military partners to accelerate real-time communication, empowering DOD to know, act, and win at the speed of battle.

1 - 4 of 8