An official website of the United States government Here's how you know

OTA contract award moves Army closer to Zero Trust network security in the tactical environment

By Amy Walker, PEO C3T public affairsApril 5, 2024

OTA contract award moves Army closer to Zero Trust network security in the tactical environment
The Army took another step closer toward its Zero Trust network security architecture goals on April 4, 2024, awarding a development contract for software prototypes to support Tactical-Identity Credential and Access Management (T-ICAM). The service will leverage the T-ICAM prototypes to demonstrate the technical and operational feasibility of extending commercial ICAM capabilities to tactical units in denied, disconnected, intermittent, and limited bandwidth (DDIL) operational environments. In the photo: U.S. Army Soldiers from the 44th Expeditionary Signal Battalion Enhanced monitors and reports electronic warfare issues during Exercise Heavy Rain in Grotesquin, France November 9, 2023. Exercise Heavy Rain was a premier contested communication exercise held in France that created a realistic combat training environment conducted with five countries. The 44th Expeditionary Signal Battalion Enhanced, 2d Theater Signal Brigade, is the premiere Expeditionary Signal Battalion, capable of supporting any unit, anywhere in the world with communications. (U.S. Army photo) (Photo Credit: U.S. Army) VIEW ORIGINAL

ABERDEEN PROVING GROUND, Maryland –The Army took another step closer toward its Zero Trust network security architecture goals this week, awarding a development contract for software prototypes to support Tactical-Identity Credential and Access Management, or T-ICAM.

T-ICAM is expected to significantly enhance the security of systems in the tactical environment, as well as interoperability between systems and applications. A critical element of ICAM gives Soldiers authorized access to information through a new identity-based security model, which incorporates authoritative user identities and protection measures across the Army’s Unified Network, in both the enterprise and tactical environments. User access is based on least-privilege, need-to-know Zero Trust principles that presume the network is already compromised.

As part of the Unified Network Operations (NetOps) program, known as (UNO), the service will leverage the T-ICAM prototypes to demonstrate the technical and operational feasibility of extending commercial ICAM capabilities -- including Army Enterprise (E)-ICAM capabilities such as authoritative identity directories -- to tactical units in denied, disconnected, intermittent, and limited bandwidth (DDIL) operational environments.

In line with DoD and Army Zero Trust architecture principles and strategies, ICAM will be a fundamental element of systems that connect to the Army’s Unified Network.

“We have to assume that malicious cyber-attacks and degraded network environments will be a constant threat in future Large Scale Combat Operations,” said Mr. Mark Kitz, program executive officer for Command, Control, Communications-Tactical (PEO C3T), the office of primary responsibility for the Army’s Enterprise and Tactical ICAM capabilities. “Tactical-ICAM will enhance our defenses by more securely and effectively providing network and specific data access only to authorized users, devices, applications and services, even in the harshest operational environments. Simultaneously, it will prevent adversaries from accessing our network sites and services.”

Following an extensive market research and source selection process, PEO C3T awarded the UNO T-ICAM OTA on April 4, 2024, through the Consortium Management Group (CMG) via the C5 Program Management Office, to Akamai Technologies, Inc., a non-traditional defense contractor with extensive experience providing modular security services to Fortune 500 companies, U.S. banks and all branches of the U.S. military. OTAs give the DoD the flexibility necessary to adopt and more rapidly incorporate new technology and business practices based on commercial industry standards and best practices.

Earlier this year, the Army Acquisition Executive authorized the T-ICAM effort to be managed using the DOD’s new Software Acquisition Pathway, which requires an agile software development approach using constant Soldier feedback to make rapid enhancements to the software. As part of this path, the Army will leverage operational units to support field assessments on the initial T-ICAM prototypes beginning this fiscal year and will incorporate the Soldier feedback into future updates. After T-ICAM has further matured, the Army will conduct a larger rollout of the new capability, which, on the current timeline, is expected in the next 12-18 months.

ICAM LAYS THE FOUNDATION FOR ZERO TRUST

ICAM creates a secure and trusted environment where authorized users, applications/workloads, devices, services, can securely access data and information technology resources based on mission need-- from any place and at any time, said Lt. Col. Keith Jordan, product manager for Tactical Cyber and Network Operations (PdM TCNO), assigned to Project Manager Interoperability, Integration and Services (PM I2S), PEO C3T, which manages T-ICAM for the Army.

“ICAM provides critical insight to the Army on exactly who and what is operating on the tactical network and what data they are accessing,” Jordan said. “This unprecedented level of insight and visibility has never existed on the tactical network and will be a major development in the network security, while laying the foundation for network modernization priorities as the Army moves towards the implementation of Zero Trust.”

Zero Trust assumes that no implicit trust is granted to assets or users based solely on their physical or network location or asset ownership, but rather, continuously authenticates, authorizes, and validates access to systems, applications, and data.

Zero Trust is not possible without ICAM; it is a core requirement in the Army’s Zero Trust network architecture, Jordan said.

ICAM TO FUEL NETWORK OPERATION

The T-ICAM OTA solutions will fuel the Army’s goal to establish a global, unified, scalable, robust network that leverages authoritative identity data to grant access to Army information technology resources at the point of need.

To enable the implementation of Zero Trust, the Army will deliver a common and consistent approach to ICAM across the Army Unified Network by ensuring interoperability through a common framework with standard interfaces to ICAM services. The service is providing ICAM capabilities that are intentionally designed to function regardless of the operational conditions under which they are operating. This approach ensures flexibility to support a wide variety of Army use cases.

“From an operational perspective, Soldiers need secure anytime anywhere access to the network to share intelligence and other data with joint services and coalition partners, so Commanders can act on that data to make rapid informed decisions. That access also needs to be secured from enemy intrusion,” said Col. Stuart McMillan, project manager for Tactical Network, PEO C3T. “The network operations and security work hand-in-hand and will both play a critical role in the Army’s future data-centric operational environment.”

-----------------------------------------

The U.S. Army Program Executive Office Command, Control and Communications-Tactical (PEO C3T) develops, acquires, fields and supports the Army's Unified Network (Tactical and Enterprise) to ensure force readiness in both current missions and potential future large scale combat operations. This critical Army modernization priority delivers resilient terrestrial and satellite communications capabilities to ensure commanders and Soldiers remain connected and informed at all times, even in the most austere and hostile environments. PEO C3T is delivering an integrated Unified Network to regions around the globe, enabling high-speed, high-capacity voice, data and video communications to an Army user base that includes joint, coalition and other mission partners.