One of the great challenges of is the rapid collection, processing, and dissemination of information. However, information security remains one of the biggest hurdles for effective information exchange. In this article, we will analyze the security issues and present innovative concepts towards a solution.

The success of defence missions is largely determined by superior technology and better, faster, and reactive information exchange. Networked IT systems have the power to make timely quality operations information available, which improves reactive coordination and command & control. This communications process based on an integrated, networked IT infrastructure includes several main on-going activities: information collection, information processing, and information dissemination.

The potential of wide-spread use of integrated networked IT infrastructure for defence is vast. There are many benefits, in particular faster, better information-sharing and decision-making. As a consequence, many efforts are currently undertaken to design and build the IT infrastructure required for network-centric communications for command & control in defence.

However, a number of challenges still need to be resolved to make this vision a reality. In particular, information security and information sharing is a major concern, because the success of the entire operation often depends on the confidentiality, integrity and availability of the communications. Most defence agencies are very aware of the need for good communications and information sharing. However, due to the lack of appropriate and interoperable infrastructure, many organizations today still revert back to low-tech communications methods in real-world situations.

The complexity of IT security policy management is to a large extent due to the many different (also legacy) platforms and security technologies that need to be managed. This complex environment makes it hard to enforce and administer a uniform, coherent, organization-wide security policy across the many different systems used today by many agencies.

As a result, many insular security solutions are typically put in place and administered separately in incompatible ways by administrators who are only concerned with their part of the overall IT landscape. The result is often a mishmash of conflicting, redundant, and incoherent policies. Moreover, it is often unclear if and how the abstract organizational security policy has been enforced adequately by the infrastructure.

To solve this complex problem, we have developed OpenPMF, an innovative security policy management framework for distributed IT environments. OpenPMF makes security management in any large, complex, heterogeneous, networked IT environments more efficient and more accurate, and therefore less expensive. OpenPMF has been designed to secure the complex IT environments involved in net-centric command & control.

More information about ObjectSecurity's involvement in the defence sector can be found in the case studies menu.