Modernizing DOD-Coalition Information Sharing for JADC2 Warfare

09-09-2022

 

SAIC is contributing to the development of data-centric systems that will accelerate the exchange of information in the DOD's multilateral Mission Partner Environment, including USCENTCOM's new Collaborative Partner Environment

 

Joint all-domain command and control, or JADC2, is the Department of Defense's way forward to addressing and defeating security threats more decisively and quickly through a globally connected and information-driven warfighting environment spanning across multiple operational domains. The DOD is applying the JADC2 strategy to the Mission Partner Environment (MPE), in which coalition forces the Department forms with military partners from allied nations will rapidly share data and collaborate on decisions and actions during combined operations, working together seamlessly.

Driving the MPE will be DOD's enterprise capability called the Secret and Below Releasable Environment, or SABRE. While the MPE is a framework, the DOD describes SABRE as its "material solution," which will federate the different military networks of coalition partners and those within the Department. In addition to facilitating bilateral and multilateral data exchanges within a single, data-centric information domain, SABRE will host enterprise C2 applications and communications services.

Coalition partners currently have to manually move information products to each other during combined operations via cross-domain solutions because their disparate platforms and the sensitivities around sharing classified information prevent them from being directly connected. In a typical scenario, a battle manager must keep watch over an array of computer terminals attached to different networks, gather pieces of information from them at multiple security and releasability levels, and distill the information for staff to input into other terminals and systems that can accept that specific classified information. This severely lengthens the time between identifying a target and deciding how to neutralize it. 

In sophisticated conflicts with high-end adversary nations, the information delivery-to-decision cycle must take place in minutes or even seconds. In preparations for SABRE to enable the MPE mission within the JADC2 framework, the Mission Partner Capabilities Office (MPCO), which is DOD's executive agent for the MPE, is working to solve the network compatibility and information security issues, which are not only affecting interoperability between the U.S. and partner nations but also between DOD military branches and combatant commands.

Transforming to a new information-sharing paradigm

Network security has been typically addressed with blanket-type approaches based primarily on the roles of the network users and their clearance levels. Since data files can have a mix of unclassified and secret information, conventional network-centric security measures indiscriminately ward these in the classified domains, leading to silos where valuable data cannot be shared and extracted.

As data volumes and the value of data grow exponentially, emerging data-centric information and computing systems focus on data as an organization's primary and permanent asset. These systems uncouple data from specific applications and networking elements, storing the data independently, and then apply security protections around the data to enable it to be shared in and out of different applications and across a wider user base. 

To overcome the limitations of network-centric systems for data-driven, JADC2-compliant warfare, the DOD and partner nations want to evolve to data-centric information and mission systems to make appropriate data more accessible to the right people, with plans to modernize their security domains, including that of the MPE, and which SABRE's data-centric environment will support.

Data-centricity in action

U.S. Central Command (USCENTCOM) is one of the combatant commands on the move to operate within the MPE framework and support the JADC2 strategy, and it is consolidating its network-centric bilateral and multilateral mission networks to one data-centric information domain. It has developed the Collaborative Partner Environment (CPE), the first operational data-centric capability in the DOD, which will make efficient, secure information sharing possible between the combatant command and its joint and coalition partners. CPE is replacing multiple coalition networks, with their network-centric security limitations, with a single and flexible data-centric information domain that's able to federate with SABRE for DOD enterprise-level missions.

SAIC is supporting USCENTCOM in CPE's continuing development and implementation and assisting in technical contributions to the architecture, design and development of SABRE and consequently the MPE and JADC2 frameworks. During the engineering of CPE, our CENTCOM Command, Control, Communications, Computers Enterprise Support (C4ES) team at MacDill Air Force Base in Tampa helped to identify and execute the high-level strategies, methods and approaches and also the ground-level tactics, techniques and procedures to establish data-centricity in CPE.

The work we have done in support of USCENTCOM's solution has helped inform the data-centricity and network interoperability aspects of the SABRE effort, as well.

Breaking down silos and releasing information flows

Both the SABRE and CPE data-centric information domains will reside within the MPE's data-centric security domain. Data-centricity in information security and information-sharing will enable SABRE and CPE's interoperability and their ability to work within the MPE during combined operations. 

In a data-centric security domain, all information products can exist within individual information domains for discoverability and be accessed by all users across strategic, operational and tactical levels and by all types of collaborative groups and specific clearance levels. Access to data is now based on how the various applications and systems tag all ingested information products with metadata that determine the specific combinations of clearance levels and permission attributes required to access them — down to the individual data objects in an information file. Each individual accessing the shared information products sees and works with only the data objects whose metadata tags match their user profile attributes.

The attribute-based access control, or ABAC, capability works in tandem with identity, credential and access management control functions, referred to as ICAM, as part of a zero-trust security approach, providing fine-grained precision to data protection in contrast with a network-centric approach. 

The logical separation of data enables information products to be readily shared between peer partners and between groups at different levels in combined military operations with the proper security protections in place, whether it's a strategic commander moving a critical data file to another commander or that same commander sending it to tactical operators from a different nation. This ability to distribute command data is a key part of the JADC2 concept of linking command and control directly with the closest or best shooter at the target for the most effective kill chain. 

Both MPCO's SABRE and USCENTCOM's CPE are shaping up to be tent-pole pieces for streamlining the infrastructure needed to accelerate data flows and battle decisions. While both systems are still in their nascent steps of being fielded, CPE could potentially serve as the blueprint for the larger SABRE system and how other combatant commands can modernize and consolidate their bilateral and multilateral mission networks into singular data-centric information domains in support of the MPE and JADC2 frameworks.

Much work remains ahead, but the continuing support by our C4ES team to CPE and to the information-sharing work for SABRE is enabling the DOD to become a data-centric organization and realize its JADC2 vision for the Mission Partner Environment.