The US Air Force is trying to decide whether or not to use commercial off-the-shelf (COTS) smart phones, such as Android-based devices or iPhones, and how it can securely process classified voice and data using them.
The Air Force has issued a request for information, not a formal contract solicitation as it is trying to come up with the best plan. Securing smartphones for military use is an absolute necessity if the devices are to find wide applications for field use. The Army has made smartphone development a priority as well.
A few of the questions it is looking to address include:
- What experience do you have in the development of encryption devices for the US Government? How recent was this experience?
- What experience do you have with Type 1 certification of encryption devices? How recent is your Type 1 certification experience?
- Please describe the most efficient engineering design to enable COTS mobile phones to securely process classified voice and data.
- Describe how to develop a software High Assurance Internet Protocol Encryptor (HAIPE), or Internet Protocol security (IPSEC) application to enable secure classified processing on a smart phone. Describe the highest level of secure classified processing you believe could be enabled.
- Assuming a HAIPE/ IPSEC secure session exists on the phone, describe other applications that could be developed to enhance warfighter capabilities.
- Assume the mobile phone has been lost - describe a loss mitigation scenario: a. Describe the risks that the loss of a phone presents to the user's network. What system safeguards can/should be in place to protect the cryptographic system on the phone.
The military is very interested in getting smartphones out in the field. Last year the Pentagon awarded $6.4 million to the Corporation for National Research Initiatives to build a smartphone app store.
The app store falls under the Defense Advanced Research Projects Agency's grand Transformative Apps Program which looks to rapidly develop and bring an array of applications to military mobile phones. DARPA says that at least initially, all apps should target an open source mobile platform. Meaning Android will be the platform of choice for the first apps.
In DARPA's words: "A military apps marketplace will be created to enable rapid innovation to meet user needs based on a direct collaboration between a vibrant and highly competitive development community and involved communities of end-users. The program will address all the challenges - technical, business, and operational - faced to make the new capabilities available for use in the field. The end objective is to transition the resulting systems to the end users in the Services, and to foster a new model for rapidly and effectively acquiring, introducing, maintaining, and enhancing software."
DARPA said the program will lean heavily on existing commercial handhelds for the initial development efforts. Initially, at least two distinct repositories are envisioned: one holding beta apps that are queued for initial app evaluations, and a separate repository holding apps that have been vetted, certified and approved for use.
Follow Michael Cooney on Twitter: nwwlayer8
Layer 8 Extra
Check out these other hot stories: