Case Study: Army Materiel Command Technical Security Evaluations


Published on

Booz Allen Hamilton delivers rigorous security testing and evaluation of the Research in Motion (RIM) BlackBerry® Smart Card Reader, ensuring secure, reliable mobile communications for the Army and, ultimately, all the military services.

Published in: Technology
  • Be the first to comment

  • Be the first to like this

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

Case Study: Army Materiel Command Technical Security Evaluations

  1. 1. A S S U R A N C E & R E S I L I E N C E | I N F O R M AT I O N T E C H N O L O G Y | S Y S T E M S E N G I N E E R I N G & I N T E G R AT I O N Technical Security Evaluations Booz Allen Hamilton delivers rigorous security Secure, Mobile Communications testing and evaluation of the Research in Motion (RIM) BlackBerry®Smart Card Reader, ensuring The Chief Information Of cer (CIO) at the Army secure, reliable mobile communications for the Materiel Command (AMC) selected the strategy and Army and, ultimately, all the military services. technology consultants at Booz Allen Hamilton to perform the security testing, provide the necessary information, and integrate stakeholders so the Uncompromising Testing Standards Army could make an informed decision regarding The Army deploys tens of thousands of RIM future guidance and implementation of the RIM BlackBerry®devices to its personnel for mobile BlackBerry®Smart Card Reader. voice and data communications. To ensure Booz Allen brought together an expert team that secure communications, many Army users would understands the deep protocol level in Bluetooth® physically connect Common Access Card (CAC) technology, such as its algorithms and cryptographic readers to their BlackBerry®devices, a cumbersome functions. We also drew upon our extensive approach that was susceptible to multiple failures relationships throughout the Army, Department of and potential breakdowns in mission-critical Defense and National Security Agency (NSA) to create communication. The Army needed small, durable a stakeholder team that could quickly and effectively and mobile CAC readers that could provide the address security issues raised during testing. highest level of security. Along with its team of technical experts, Booz Allen When it appeared that RIM’s Bluetooth®-enabled also had a facility, the equipment, and a rigorous BlackBerry®Smart Card Reader could meet this methodology for security testing that had already requirement, Army of cials needed to move been validated and approved by Department of quickly to test and evaluate the reader’s security. Defense and intelligence agencies. In its tasking Normally, a security evaluation of this depth would to perform a rapid six-week evaluation of the take at least six months, requiring both intensive BlackBerry® Smart Card Reader, Booz Allen tested engineering and testing as well as extensive three main areas: coordination among a large stakeholder group of military, intelligence, and civilian agencies. To meet • Bluetooth® Link. Analyzed the Bluetooth® traf c operational demands of war ghters around the passing between the smart card reader and the globe, the Army needed the evaluation completed desktop. Simulated attacks, intercepted sensitive in just six weeks. data, and assessed the security of the link. Ready for what’s next.
  2. 2. • Smart Card Reader. Examined whether CAC signi cantly improving communications, information transactions can be subverted by an attacker sharing and decision making—in the of ce and on and whether the smart card reader poses a the battle eld. threat to the Army enterprise. But the value of the security evaluation goes • SCR Desktop Software. Analyzed how the beyond just this one product test. Booz Allen’s desktop software interoperates with the smart methodology provides the Department of Defense card reader and determined whether any with an approach for testing the security of all vulnerabilities were introduced on the desktop. Bluetooth®-enabled smart card readers. In addition, DISA has built upon the Booz Allen study to create Within the operationally-required six weeks, a new technical implementation guide for securing Booz Allen completed the evaluation and BlackBerry® devices. And Booz Allen is working issued its report demonstrating that the RIM with DISA and NSA to analyze additional wireless Bluetooth®-enabled BlackBerry ® Smart Card technologies and devices, such as Microsoft® Reader meets Army security requirements. Mobile Messaging and Bluetooth® headsets, for use Our report also provided the Army with by the military services. technical guidance on how to ensure secure communications with the RIM wireless card reader; and the evaluation provided RIM with Ready to Help You feedback to help the company con gure the Our engineering and analytical work on wireless card reader and other products to meet US technology for the Army Materiel Command is just government standards. one example of how Booz Allen Hamilton’s strategy and technology consultants can help military Following these tests, the BlackBerry® Smart Card leaders adapt and respond to elusive enemies and Reader was approved for use not just by the Army, unpredictable threats. Our consulting teams draw but by all branches of the military. from the rm’s wide range of technical capabilities “Using leading-edge implementation of existing in engineering and information technology as well technologies, AMC, through Booz Allen, has created as our depth in complex program management, a surge of which the Army, much less the DoD, has organization change, operations and logistics. We not experienced in decades,” said Rick Walsh, AMC bring both battle eld and boardroom experience CIO/G6 Deputy Information Assurance Manager. to every engagement. Guided by an independent “The ability to use untethered secure identity perspective and collaborative approach, Booz Allen management tools will change the face of the DoD.” delivers customized solutions that address each client’s unique challenges. To learn more about the Helping the Army—and All Military know-how behind this project and how it can help your Services—be Ready for What’s Next team be ready for what’s next, visit The security testing performed by Booz Allen has enabled our globally deployed military forces to use wireless RIM BlackBerry® devices with con dence, contact: Cameron Mayer, Senior Associate email: phone: 703/850-4924 contact: Michael Zirkle, Senior Associate email: phone: 703/984-1465