The Georgetown Center for Secure Communications (GCSC) has a singular focus: to create the transformative capability for enterprises and individuals to protect, assist, and collaborate securely using real-time interactive multimedia, including voice, video, and instant messaging.
The exponential growth in cloud computing and wireless technologies is a fundamental driver for the formation of the GCSC. Many believe secure cloud initiatives will drive down enterprise costs by hosting IT services and data in the cloud. The work of the GCSC leverages cloud capabilities to provide secure communications between collaborating organizations and individuals.
Wireline networks historically relied on customer premises (CPE) encryption devices at each end of a point-to-point link. Wireless historically relied on proprietary software running over a packet interface. Today, users roam between wired and wireless, public and private, secure and open networks. There is a mission need to securely access people and data anywhere in the world through the communication cloud and computing cloud. Thus, the need for harmonization in the trusted communications world is evident. Moreover, these trends show it will become more important over time.
Individual vendors and service providers have pieces of the secure communication puzzle. The GCSC brings together proprietary products and services with consumers of secure communications to create the environment where all of the players benefit from interoperating. The GCSC is as much about the business opportunities as it is about enterprise security.
There are many technical challenges to the secure interoperable communications problem, such as how to do inter-operator hand-off and QoS, how to do mutual authentication in a semi-open environment, and how to appropriately connect different individuals and organizations with varying, dynamic levels of trust. However, the GCSC goes beyond the technology and seeks to establish organizational trust and a mutually beneficial ecosystem model amongst a small community.
Part of the work of the GCSC is an opportunity to harmonize the plethora of communication standards that exist today. There are many security-related standards. They have many optional features that neither all vendors implement nor all enterprises use. Moreover, some standards that were appropriate for a traditional wired broadband client/server network are not practical in a wireless cloud environment. The work product here are global, interoperable standards. Thus, if there is a need for refining an existing standard or creating a new standard, the GCSC will bring that work to the appropriate SDO, such as the IETF, IEEE, W3C, OASIS, and ITU-T.
Depending on GCSC member interest, the GCSC may establish a test laboratory. Such a facility would enable members and others to bring pre-production and production equipment and software together to prove or improve interoperability in a safe, neutral environment. The development of test plans, training of students, and formal interoperability certification are all potential deliverables of the facility.
The ecosystem model, from the enterprise, endpoint vendor, service provider, directory provider, enhanced service provider, cloud provider, and so on is important because of the nature of interoperable, secure communication. In a closed environment, things are simple: one buys a box that sits on premises or software that runs on the endpoint device and one can then call someone in the organization who has the same equipment. Addressing that person, if there is even the possibility of contacting more than one person, is a matter of enterprise administration. In the interconnected environment, there are issues of interoperability, discovery, trusted cloud-based services, and routing, all of which are tempered by the needs of the secure communications community to have communications available to only those who need to know.
The GCSC expects membership from the Federal enterprise, defense, intelligence, public safety, health care, financial services, Networx participants, endpoint manufacturers, network security vendors, telepresence vendors & consumers, directory or hub services providers, trusted cloud service providers, and large contractors that require trusted communications with government agencies and amongst each other. Other enterprises with secure communication needs will be invited to join as appropriate and over time.
VALUE PROPOSITION FOR ENTERPRISES
There are many enterprise offerings that provide secure communication within a single enterprise, using homogeneous devices and applications. The GCSC will enable existing and new vendors to effectively extend enterprise communications beyond the VPN. As we move our data and communications inexorably into the cloud, ubiquitous, secure communication will become even more important. With vendor, operator, and enterprise cooperation, inter-organizational communications can become much less complex. This will result in lower costs, higher functionality, and higher aggregate security, especially compared to trying to integrate different point solutions from different vendors and operators.
VALUE PROPOSITION FOR SERVICE PROVIDERS AND SYSTEMS INTEGRATORS
The GCSC will nurture the development of products and services to meet the needs of enterprises and organizations for the full suite of secure communications. Today, most value-added communications occurs over the top of the network. Secure interoperable communications opens many opportunities for carriers to offer enhanced services to facilitate interoperability between enterprises as well as between carriers.
Participation in the GCSC will improve your relations with your enterprise customers, expand your secure communications offers, and give you insights into leading-edge secure technologies.
VALUE PROPOSITION FOR VENDORS
By definition, the network effect (Metcalf’s Law) impacts the market for communications products. Enabling interoperable communication means a much larger reach and audience for your current and new products. In addition, participation in the GCSC will have the direct benefit of exposing you to your partners in the ecosystem, enable you to form new channels for your products, and have access to a larger requirements base than you have today talking with your current customers.
- Publish business benefit analysis for interoperable, secure, inter-enterprise communication
- Publish an architecture for interoperable, secure communication
- Provide validation services for the deliverables of the GCSC
- Publish a series of threat models for cross-enterprise communications; cloud computing and communication; and content distribution
- Publish a profile of the technologies needed to implement the architecture, identifying gaps and opportunities
- Publish best practices for operating and using the GCSC architecture
- Work with existing SDOs if necessary to create standards if they do not exist
- Educate Federal and commercial enterprises on the importance of secure communications and the benefits of extending the network across enterprise boundaries
- Ensure vendors and service providers understand the needs of the enterprise for interoperable secure communication products and services
- Ensure a vibrant market for interoperable secure communications products and services
- Access to student interns and preferential recruiting
- Access to professors and research