ABERDEEN PROVING GROUND, Md. — U.S. Army officials overseeing the modernization of the service’s networks have identified what they call “big bets,” or game-changers that bring the force of the future one step closer to fruition.
Among them is what’s known as identity, credential and access management, or ICAM, a means of tailoring what information is available to a person while also keeping tabs on those plugged in.
The Department of Defense published an ICAM strategy in March 2020, in which the department recognized its own failures to “maximize the strategic, operational, and tactical benefits of information sharing.” Leaders have more recently said ICAM realization is pivotal to Joint All-Domain Command and Control, the Pentagon’s ambitious vision of seamless communication across land, air, sea, space and cyber.
In a recent interview with C4ISRNET, Army Maj. Gen. Jeth Rey, director of the Network Cross-Functional Team, and Nicholaus Saacks, deputy program executive officer for command, control and communications-tactical, talked about ICAM, its repercussions and potential timelines.
Portions of the conversation below were edited for clarity and brevity.
What is ICAM? Why does it matter?
Maj. Gen. Jeth Rey: Identity, credential and access management is huge.
This is where we’re trying to move away from the complexity on the transport and now secure the data at the data layer. If we’re going to truly move to this data-centric environment, identity management is part of that zero-trust architecture that’s going to actually get us there.
So that’s a big bet we’re making. I think all the services, across the board, are on board when it comes to that. When you think about JADC2, identity management is going to be a big part of us achieving it, so that we can know all identities, including our coalition partners.
This is not only from a U.S. service perspective, but also from a joint and coalition perspective.
How does ICAM work? Is it like a banking app?
Rey: Exactly.
You secure a connection with the data environment. It identifies your identity through your eyes, your biometrics, and then it allows you access to data that your credentials will allow for.
And it has boundaries, so you don’t go left or you can’t go right. It quarantines you.
Nicholaus Saacks: I think a good example — just to take that banking app example further — is in our house, we have USAA.
So I have a USAA number, my wife has a USAA number, my kids have USAA numbers. We all have our own accounts, we have joint accounts.
If I log into USAA, I can see all the joint accounts, I can see the kids’ stuff. I can’t see my wife’s IRA. When she logs in, she can see all the joint stuff, the kids’ stuff. She can’t see my IRA. If we log in with one of the kids’ credentials, we can see their stuff. They can’t see our checking account.
Depending on which one I choose to log in with, it’ll show me the data I’m allowed to see.
RELATED
What is the value of ICAM on the battlefield or other areas?
Rey: We believe that in order for the enterprise network and the tactical network, which haven’t been joined as a unified network since the inception, we believe this is the key to getting those two things connected.
If we can truly have identity in our enterprise and have the same seamless identity in the tactical environment, we can truly connect the unified network.
Saacks: I think there’s a correlation. It really drives at data centricity and transport-agnostic. So the more you secure the data, the less reliant you are on a certain type of transport, the security of the transport.
The better you secure the data, the more flexible your transport options are.
I think that ICAM is one of the key ideas behind achieving the secretary’s vision of a data-centric network. You have to be able to secure the data and control the access management.
How soon will ICAM be implemented?
Rey: I don’t want to give an exact timeframe, but I believe that by fiscal 2024, we’ll be there.
We should be where we need to be in FY24. That’s one of Army Lt. Gen. John Morrison’s goals, to get us there.
The implementation plan for the unified network allows us incremental steps to get there.
Colin Demarest is a reporter at C4ISRNET, where he covers military networks, cyber and IT. Colin previously covered the Department of Energy and its National Nuclear Security Administration — namely Cold War cleanup and nuclear weapons development — for a daily newspaper in South Carolina. Colin is also an award-winning photographer.