The Canadian Department of National Defence (DND) is deploying a secure Military Message Handling System (MMHS) for personnel involved in the exchange of confidential mission-critical information, categorised by the military as ‘secret messaging’.
The infrastructure, which uses technology from Nexor (www.nexor.com), will guarantee message confidentiality, integrity and delivery and will be deployed across all Canadian Armed Forces’ bases, supporting up to 10,000 users, the manufacturer reports.
Off the shelf
US-based General Dynamics Decision Systems, chosen by the Canadian DND to oversee and manage the integration project, selected Nexor to deliver secure interpersonal, organisational and role-based messaging using Commercial Off The Shelf (COTS) products. Integrated within the existing Microsoft 2000 / Exchange 2000 environment, the MMHS delivers e-mail confidentiality, content integrity, non-repudiation, access control and security domain checking.
What they say
Humphrey Browning, Head of Technical Consultancy at Nexor, says: ?Managing the confidentiality of email within this environment is of the greatest importance. Any MMHS must be built around a ‘fire and forget’ mentality; the assurance that once a message is sent it will be actioned within a specified time period and that during transit it is secure from third parties. In addition, any messaging system has to be highly reliable and fault tolerant. Nexor has used COTS products, originally designed with military messaging in mind, ensuring features such as speed of service, accountability and reliability are maintained.? The system incorporates security labelling techniques to ensure the accurate classification of information and that the associated security procedures and policies for encryption, authorisation and access control are automatically executed. Secure roles-based messaging is conducted on an individual basis; this eliminates the need for users to hold multiple cryptographic keys for each role they perform. By limiting the number of cryptographic keys held by individuals, the technology limits the opportunities for the integrity of the service to be breached by lost or mismanaged keys. Nexor S/MIME security can also generate tokens for third party applications such as guard or gateway solutions.ÿ This ensures that vital security checks such as virus scanning of content filtering can still be carried out, despite the message being encrypted.ÿ
