Lockheed Martin, Data Vendors Team on Secure Spy Database

Geospatial intelligence is among the hottest and most data-intensive tools being used by U.S. military analysts to sweep up huge amounts of satellite and other sensor imagery. This highly classified data is often combined with other emerging intelligence sources like social media. Much of the satellite imagery is highly classified to shield prying eyes from capabilities like image resolution and operational details like spectrum frequencies being used.

Hence, there is a growing need for advanced databases with multiple levels of security used to store geospatial intelligence.

Lockheed Martin, the nation’s largest military contractor, along with partners like Red Hat and Crunchy Data Solutions Inc. rolled out an open-source relational database at a geospatial intelligence symposium in Washington, D.C., this week that as billed as supporting multilevel security.

Lockheed Martin and Crunchy Data (Charleston, S.C.), a provider of enterprise PostgreSQL technology, jointly unveiled a multi-level security version of the open source object-relational database. They said it is designed to meet the relational database requirements of the U.S. National Reconnaissance Office’s Centralized Super Computer Facility.

NRO oversees the design, launch and maintenance of U.S. spy satellites.

Open source leader Red Hat and data storage specialist Seagate Technology also contributed to development of the secure open-source database.

The partners said they implemented the multilevel security configurations using Red Hat Enterprise Linux 6.5+ for both single system image and cluster configuration. Lockheed Martin said it took the open-source route as way to enable “data fusion” and as a way to consolidate hardware and software. The data fusion capability eliminates data duplication while displaying real-time intelligence data on a single screen for analysts cleared to view it.

The multilevel secure version of the PostgreSQL open-source database leverages the RHEL 6.5+ Linux kernel security module called SELinux, for Security-Enhanced Linux. That allows the geospatial intelligence database to manage data creation and access permissions based on SELinux security policies. The framework also manages SELinux security policy through both network connections and the security level of users.

In one scenario, the secure database would allow an analyst with a “Top Secret” clearance to read lower-level security data. The system could also re-label the data security level if changed by higher-level users.

Crunchy CEO Bob Laurence said the secure version of PostgreSQL provides an “open source alternative to legacy relational database technologies,” adding that “mission-critical programs can benefit from the combined cost efficiencies of multi-level security and open source software.”

Other U.S. spy agencies have also taken the open source route on recent projects. IT automation specialist Puppet Labs announced last week the National Security Agency was releasing to the open source community a set of security tools based on Puppet Labs’ technologies for a system called the Systems Integrity Management Platform.

Last November, NSA expanded its open source portfolio by releasing the source code for software designed to manage data network interoperability.

The open source tool dubbed “Niagarafiles,” or “Nifi,” was released through the Apache Software Foundation. The spy agency said the release was the first in a series of open source software tools from its technology transfer program that shares agency-developed technologies with academia, industry and research organizations.

Other contributors to the NRO secure database project included Splunk, which provided a “universal machine data platform,” along with a 100 Gb/s scalable network from Mellanox Federal Systems and supercomputer technologies from SGI and Cray. The latter worked with the NRO supercomputing facility to certify the Red Hat cluster operating system with SELinux in applying multi-level security policies.

Recent items:

NSA Releases Data Management Tool

EnterpriseDB Throws Down PostgreSQL Gauntlet