1. Commercial Mobility Device (CMD)Way Forward mark.norton@osd.mil 703-607-0711 1 DoD Mobility TEM July 18 , 2011, Mitre Unclassified: https://www.intelink.gov/sites/mobile SIPR: https://www.intelink.sgov.gov/sites/mobile JWICS: https://www.intelink.ic.gov/sites/mobile

2. The Future is Mobility Go Forth & B Mobile - No Really Go … 2

3. GIG Transport Services Tiers WGS Commercial SATCOM 3

4. Mobile Device Strategy 4 Mobile Strategy (Draft) Goals: 1. Evolve the infrastructure to support mobile devices 2. Establish a common mobile application environment 3. Enable mobile device security and information assurance https://www.intelink.gov/sites/mobile

6. Data-in-Transit

7. Two-factor Authentication

9. Data Interfacing across services/networks

10. Applications/system functionality

12. Commercial Coexistence commercial

13. TRANSEC

15. Data Protection

16. Access Control

17. DoD Public Key Infrastructure (PKI) Credentials

18. Software/ Applications

19. Training

21. CMD Security Overview ‘Tactical support’ users will require unique hardware, spectrum, infrastructure, and networking requirements 8

22. CMD /Operating System Security Matrix Blackberry provides security advantage but offers limited user features Alternate approaches provide greater capability with reduced security New products such as Dell Streak may provide a balance of security and performance + + + - - - + Low Security Risk Medium Security Risk High Security Risk 9

23. DoD LTE Security Goals and Commercial Standard Vulnerabilities LTE Security Goals Commercial Standard Vulnerabilities

25. The security associated with the signaling exchange

26. Spectrum of cellular assignments

27. Embedding the COMSEC

28. Identity and assured user accessBTS structures can be housed on mobile platforms and placed on secure sites, but environmental obstructions force extensive solutions Ownership of the BTS and MSC can offer solutions to signaling and the introduction of unwanted software Offsetting the spectrum offers a means to resolve the license issues Embedded COMSEC and potential token solutions can be employed 11 While solutions exist for cellular implementations – the offered solution set falls short

29. 12 Military Applications of CMDs (Selected Examples) Multiple vendors/Mil R&D developing CMDs for edge applications Each vendor approaches CMD networking by leveraging different components of commercial architectures (i.e. operating system, closed cell based networks, commercial waveforms, etc) Systems offer performance features of commercial networks and are exploring ways to mitigate security risks

30. To be determined…… Dual Persona Data Delivery Diversity (Local WLAN vs3G/4G) Services of the future: CMD Voice over IP, etc Technology Wildcards Super Wi-Fi Contactless payments – near field communications Application Management – Metrics, Common Operating Environment 13

31. Way Forward New product evaluations Update Policy Re-examine security posture Common Operating Environment for CMD Applications Business case analysis Life cycle management 14

32. Federal Mobility Summit 15 Sponsors: Fed CIO Council/ISIMC/DoD/DoJ/Federal Business Council Date/Time: 23-24 Aug /0800-1600 Location: UMUC, Auditorium/Conference Center, College Park MD Max Attendees: 750 (USG Primarily-No Rank Requirements) Focus: 6 Main DoD Mobility Issues Mentioned in TT's Memo/6 Apr 11 & Approximately 25 other Issues from the Rest of .gov POA/Outcome: 1. Provide the Major Players with Our Issues B4 the Summit vs. Presentation of their Wares/Sell Products 2. Get their buy-in and/or assistance to work with us in fixing the big problems we have vs. piecemeal solutions. C3PO – Collaborate, Communicate, Connect & Produce Outcomes

33. CMD Policy Development Topics The following lists provide the criteria definition of minimum acceptable CMDs, OSs, and Applications 16

34. CMD Policy Development Topics (Cont’d) 17