1 / 11

TSCP Overview Brief NATO C3 Agency Workshop October 27, 2009 Keith Ward Chairman TSCP

TSCP Overview Brief NATO C3 Agency Workshop October 27, 2009 Keith Ward Chairman TSCP. Aerospace & Defense Industry Challenges. Distributed Engineering & Manufacturing Teams & Supply Chain National/International. Manufacturing Subcontractor. Collaboration Focused Architecture.

nelly
Download Presentation

TSCP Overview Brief NATO C3 Agency Workshop October 27, 2009 Keith Ward Chairman TSCP

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. TSCP Overview BriefNATO C3 AgencyWorkshopOctober 27, 2009 Keith WardChairman TSCP

  2. Aerospace & Defense Industry Challenges Distributed Engineering & Manufacturing Teams & Supply Chain National/International Manufacturing Subcontractor Collaboration Focused Architecture Manufacturing & Design Subcontractor Increased focus Extended Enterprise Identification  Authentication Authorization Information Application Operating System Network Physical Information Rights The Regulations Bridge CAs Directory Services Single Sign-On AZN Services Access Provisioning The Risks Lead Contractor The Threats Customer Need Industry Approach • Solutions can’t be done • independently by every enterprise • Requires a cooperative • ‘team’ approach to avoid • unique solutions that will • drive cost • Need acceptance by National Defense Departments Solution

  3. Transglobal Secure Collaboration Program (TSCP) • Government-industry partnership specifically focused on mitigating the risks related to compliance, complexity, cost and IT that are inherent in large-scale, collaborative programs that span national jurisdictions. • To do business in the world today, A&D companies must balance the need to protect intellectual property (IP) while demonstrating willingness and ability to meet contractual requirements from government customers for auditable, identity-based, secure flows of information. • Common Framework for Federated Collaboration • Identity Management & Assurance: • Provide assurance that collaborative partners can be trusted • Meet government agencies’ emerging requirements for identity assurance across domains • Establish common credentialing standards that accommodate and span national jurisdictions • Protect personal privacy data of employees • Data Protection: • Define fine grain access right attributes for data labeling and data right’s management • Establish “Application Awareness” • Demonstrate compliance with export control regulations • Protect corporate IP in collaborative and other information sharing programs • Facilitate Secure Collaboration: • Provide collaborative toolsets that will interoperate with customers and suppliers • Facilitate re-use collaborative capabilities among multiple programs

  4. Leverages business processes for the A&D Industry Reduced Supplier on boarding/network costs (benefit to both A&D and Supply Base) Accelerated time to value for supply chain management technology initiatives Enhanced Security through strong authentication Authenticated Assurance through access management Leveraging the A&D Supply chain • The chain of trust to extend to our contractors. A&D companies are responsible for vetting and supplying . At any given time, within the A&D global supply-chain, there are approximately 300,000 supplier companies working on government contracts, representing roughly 3 to 4 million individuals. • Certification and Accreditation of components inherent to the Credentialing Process • “TSCP” A&D Companies discussing • Cost sharing for a supplier credential using TSCP specifications e.g. “ECA’s & Keyfobs

  5. TSCP’s Strategic Plan Development – Business Driven Common Operating Rules, Governance & Oversight Tools & Skills Supportive Business Practices Areas of Common Business Challenge Export Control Regulations Advance Persistent Threats Company Policies Privacy • Holistic Approach to Addressing Common Security Concerns • - Identity Management • Information Protection • Information Labeling……. HSPD 7, cooperation with the DoD & Industry Eg. ITAR, Export Control Act…. Eg. Privacy Act of 1974, Data Protection Act….. Company-specific policies Prioritized Areas of TSCP Attention Mapped to Secure Electronic Exchange Document sharing Secure e-mail Identity & Access Management Eg. Web authentication Information Management eg. IAP TSCP Strategic Objectives Strategic Architecture Execution and Deployment Results in Capability Roadmaps, Action Plans and Project Schedules

  6. TSCP Development & Delivery Process TSCP Members Problem Statements Use Cases TSCP Methodology Approved Product List Specifications Participant Implement Solutions Large ScaleCollaborativePrograms Platinum Existing Programs Gold Members Platinum, Gold, Silver Platinum, Gold Future Programs Managing Security Risks Silver Members Platinum, Gold, Silver General Availability to make it a standard Enterprise Programs Platinum Multi-NationalCompliance Platinum Stage 0 Stage 1 & 2 Stage 3 Stage 4

  7. Information sharing types and TSCP progress Persistent Transient TSCP participant has tested TSCP have tested / in production TSCP specification in public domain

  8. TSCP Objectives: Deploying Capabilities to the Programs TSCP Member Test & Production Environments DOD Cross Certification Contractor Credential Certification Secure Email DOD JITC Certification 2003 …. 2007 2008 – 2009 - 2010 … TSCP Roadmap TSCP Roadmap Phase 1 Secure Collaboration Framework “Generic DMZ Requirements” • Phase 3 – Present • Validation through Pilots/Prototypes • e.g. Secure e-mail, PKI identity management, • Data Model for Export Compliance, Federation testing and compliance • Development of international policy on identity management • Increasing international engagement with governments, companies and vendors • Transition to production – CertiPath, Secure Email, Document Sharing • Acceptable export compliance rule sets to enable decision making TSCP Roadmap Phase 2 Export Compliance and Collaborative Identity Mgmt “Commercial Bridge” Requirements … Enterprise Secure Information Sharing A&D Secure Email War Fighter & other Programs New Business Navy Air Force Army • TSCP • Significant Milestones & Achievements • DoD PKI Policy Change:Memorandum for Approval of External Public Key Infrastructures (PKI) at medium or higher hardware level of assurance - working directly with DoD on joint test plan for secure collaborative email and web Authentication • A&D companies Bi-Lateral Trust with DOD • A&D Credentials accepted by DOD Programs • Joint Interoperable Testing Command(JITC) testing completed as a result of TSCP. • TSCP Secure Collaborative Email with A&D CertiPath members completed. Company Enterprise Programs “FCS” Programs “Astute” Programs “EuroHawk” Proposals Proposals Enterprise Secure Information Sharing Microsoft “Geneva” ADFS Access Management/ Secure Badge MS Team Center MS Office Share Point SiteMinder Share Centers Data Apps Global Supplier Portal Company Portals Portals Enterprise

  9. TSCP Fun Facts - Things to Know • Over 100 engineers work TSCP work streams daily • Defining requirements Secure Email and Data Sharing • Architecture and design teams, Development and integration teams • Prototyping, Documentation and configuration management • Executive CIO Forum • CIO’s & CTO’s of Government & A&D Companies • Key decision makers that create or implement Policies • TSCP Government Issues Committee “New” • TSCP Government representatives “DOD, GSA, UK MOD, France, Netherlands MOD” • Evaluate policies that relate to TSCP’s work and objectives to identify and address gaps between policy requirements and commercial solutions • TSCP Cyber Committee “New” • TSCP GB Members including Government Cyber Leads • TSCP Government Industry Outreach organization • Legal Advisor Working Group (LAW) • 15 attorneys including Commercial & Government members • Common Intellectual Property Issues for Global supply-chain • Teaming documents and related “Program” contractual flow down • Procurement Supply Chain “Business Model” • TSCP Member and Government procurement representatives • HSPD-12 PIV-I Credentialing Committee (Logical / Physical) • TSCP GB and Governments members • Draft PIV-I Specification document released to governments end of August • On-boarding, proofing & vetting in global supply chain • Export / ITAR Team (EIT) “New” • ITAR and Export “Usage” data mapping • “New DOD” Data Label Document – working team, Compliancy

  10. TSCP Value Proposition • Common approaches among TSCP participants leverages each others investment and maximizes expertise and solutions to support business needs. • Brings more resources and experts to bear on problem areas and ‘gaps’ – coordinated solutions with product vendors (eg Microsoft) • Common solutions used across all programs facilitate “trusted information sharing” resulting in lower costs. • Enhances supplier/partner business relationships by evolving secure collaborative solutions – encourages solution re-use • United industry and government influence on vendor product directions and solutions. • Support for standards-based solutions • versus proprietary solutions T S C P

  11. Questions? Contact information:Keith WardChairman TSCP k.ward@ngc.com www.tscp.org

More Related