JICPAC: Sun Helps Government Support Coalition Forces
Customer Testimonial
The JICPAC TWS solution scales extremely well with negligible impact on the administration of the infrastructure and is seamless to user applications and associated data within the existing enterprise.
May 2004 JICPAC: Sun Helps Government Support Coalition Forces
When the Joint Intelligence Center of the Pacific (JICPAC) needed to support coalition forces from a single secure desktop, they turned to Sun.
JICPAC needs to provide secure access to multiple information classifications for coalition forces in the battlefield. The Sun Infrastructure Solution for Secure Network Access Platform provides the necessary secure access using existing applications and infrastructure.
Company Highlights
Company
Joint Intelligence Center of the Pacific (JICPAC)
Industry / Market
Key Business Issues
Require single desktop to provide secure access to multiple information classifications and existing applications
Reduce acquisition costs
Provide scalability to add users or communities quickly and easily
Reduced acquisition costs through the consolidation of multiple PC clients into a single Sun Ray ultra-thin client
Improved end-user operational efficiencies in the secure information workflow
Compatible with existing applications
Delivers effective INFOSEC tools
Requires minimal training
Highly scalable, with reduced administration, rock-solid security, and easy deployment
Provides complete audit trail facilities
Tested and validated
The Joint Intelligence Center of the Pacific (JICPAC) has successfully completed a pilot that established the feasibility of using thin-client devices to provide a single desktop capable of high assurance and simultaneous access to multiple information classifications using existing applications and infrastructure. The requirement is driven by the increasing need to support coalition forces in the battlefield with information assurance across multiple security domains that have separation enforced with labeled security policy mechanisms.
Sun Ray server software configured properly on the Trusted Solaris Operating System provides a unique capability that connects each JICPAC TWS user to multiple security domains from a single Sun Ray ultra-thin client. The successful integration of trusted thin-client computing with additional components such as the DIA accredited SecureOffice suite from TCS and AFDI software are being used to effectively manage the security of the infrastructure at JICPAC.
Using the Sun Ray client, any JICPAC TWS user may be authorized to access applications and associated classified information from multiple networks through the labeled trusted networking facility in a way that is virtually transparent to the user. The security label for each window is reliably displayed and its data is protected from inappropriate access by applications running in other security domains. Sun continues its long history with evaluated products and the Common Criteria EAL4 certification for the Trusted Solaris Operating System complies with the requirements in the NSA Labeled Security Protection Profile.
In addition to mandatory access control policy enforcement, JICPAC is leveraging another security advantage provided by the Trusted Solaris Operating System. The Trusted Solaris RBAC mechanism for authorization fully implements the principle of least privilege as a fine grained alternative to the superuser kernel policy. The Common Criteria EAL4 certification for the Trusted Solaris Operating System also complies with the requirements in the NSA Controlled Access and the Role-Based Access Control Protection Profiles.
The JICPAC TWS solution scales extremely well with negligible impact on the administration of the infrastructure and is seamless to user applications and associated data within the existing enterprise. Connecting the Sun Ray clients to the centralized Trusted Solaris server greatly reduces the administrative burden of managing multiple network connections for each JICPAC TWS user. It increases the effectiveness of secure data access controls by eliminating removable media in the users' hands and requires labeled security protection for transfer mechanisms with complete audit trail facilities.
The effort to integrate Sun Ray clients with the Trusted Solaris Operating System into the existing JICPAC infrastructure was simplified by the fact that many of the its features such as JumpStart software, Pluggable Authentication Modules, NFS software, audit administration, Common Desktop Environment customizations, Solaris application binary compatibility, and office automation interoperability are already part of the baseline for and easily merged into the AFDI software.
This product was the result of a unique partnering effort by JICPAC, AFDI, Sun Microsystems, Trusted Computer Solutions, and Commercial Data Systems. The combined engineering resources of this partnership solved a number of critical problems including:
Resolving application conflicts in a multiuser environment without modification of the application
Integrating the infrastructure management of AFDI with the Trusted Solaris Operating System
Creating a familiar user environment that minimized the need for training
Testing and validation of applications in a trusted Environment
