SMART: SecureMail
Northrop Grumman Mission System's Secure Messaging and Routing Terminal (SMART) provides classified message distribution throughout the Command's organization. SMART:SecureMail, which is an application within SMART, extends message distribution by enabling users to send and receive e-mail-like messages to and from the AUTODIN over existing networks with complete privacy. SMART:SecureMail facilitates the user/analyst's ability to create a mail message on their desktop workstation or PC and send the mail through AUTODIN with the assurance that SMART will validate the authority of the user to generate and send the message. As the name implies, SMART:SecureMail satisfies the security services of confidentiality, integrity, authentication, non-repudiation, access control, availability, and audit. All of these security services are requirements under the Defense Message System (DMS) being implemented by the Department of Defense (DOD). SMART:SecureMail interfaces with existing COTS communication applications available at the subscriber's workstation.
SMART:SecureMail messaging services are used in conjunction with the Communications Support Processor (CSP) messaging domain. The SMART:SecureMail messaging architecture consists of five components: (1) CSP connection; (2) SMART; (3) Web Server; (4) a computer with a Web Browser, and (5) Certificate Server software (optional). All network transactions are encrypted between the Web browser, the Web server, SMART, and CSP.
Features available in SMART: SecureMail include:
- User login based upon user ID, password, and optional X.509 certificate
- Design and layout especially for military messaging, including user and system templates
- Use of HTML and Java for platform and operating system independence
- Administrative options for organizational assignments, user account maintenance, and administration
Using SMART's powerful Automatic Routing Module (ARM), messages can be routed to SMART:SecureMail addresses based upon simple or complex sets of message-evaluation criteria. In addition, SMART:SecureMail can process the same message to many different addresses based upon the same or different criteria.
Messages received from the DoDIIS AUTODIN Bypass System (DABS), the Defense Message System (DMS), and the DMS Transition Hubs (DTHs) undergo rigorous security checking by CSP before transmission to the SMART:SecureMail domain. SMART contains the same security engine found in the CSP that is accredited for Multi-level Security (MLS) operations. The SMART system security manager has complete control over the assignment and restriction of message dissemination down to the individual recipient. Regardless of whether the routing criteria are based upon classification, codeword, caveat, handling instruction, a key word, or a phrase - SMART will not transmit the message to the Web server unless all pre-defined security criteria are satisfied. Additional security can be achieved by purchasing the optional X.509 certificates that authenticate users.
Security
- User identification and password
- Host network links utilize 56-bit data encryption standard (3DES)
- 128-bit encryption with secure sockets layer (SSL) between browser and host
- X.509 certificates for user authentication (optional)
- Advanced user-permission schemes based on user identification
- Color-coded security labels on all windows
- Message level protocol security with CRC validation
Communications Protocols
- TCP/IP FDMP
- SSL-protected TCP/IP HTTP
Hardware and Operating Systems
- Netscape Navigator 3.0+
- Microsoft Internet Explorer 4.0
- Certificate server (for X.509 authentication)
- Netscape Enterprise Server 2.0+
- Windows NT Server with IIS 3.0
- Sun SPARC and UltraSPARC series
- Solaris 2.6, Solaris 7 and Solaris 8