Secure Collaboration Is Coming

After the first Gulf War, the US Department of Defense (DOD) took a close look at its logistics performance with a goal or improving performance and eliminating waste. In that deployment, logistics was both a hero and a villain. The military delivered, but with a lot of just-in-case ordering and inventory. One estimate is that, by the end of the conflict, $2 billion in excess materials were left behind.

Add the image of soldiers searching through stacks of ocean containers looking for specific shipments, and it was clear something more needed to be done to improve the ability of the military to track and trace goods in its supply chain. "DOD looked at this and said, FedEx doesn't lose things; DHL doesn't," says Bruce Jacquemard, executive vice president and managing director of the international business unit of Savi Technologies (www.savi.com). "Once something gets into their network, they [have visibility] as long as they keep their hands on it."

DOD started with a tender to apply active radio frequency identification (RFID) tags to ocean containers so that soldier who had wandered around the desert in 1990 looking for the container of boots could easily locate the container with the size nine, desert camouflage combat boots.

Ultimately, the tag would be able to provide a manifest of the contents of the container, alerting the soldier, with both an audible and visual indicator on a handheld device, which container had the size-nine boots, explains Jacquemard. Further, if a pallet were removed, updating the handheld device triggers an update to the container's tag so that the next person looking for similar goods would not be directed to the container where the pallet had already been removed.

That started in 1994, and since then, Savi has worked with DOD to install a network for the US DOD in 47 countries—about 2,000 fixed locations— says Jacquemard.

In about 2003, Jacquemard recalls, DOD mandated that everything that moves must have a tag on it. "Every pallet, every container must have a tag, which gave you significant payback," he continues. Now, with a widespread network and ubiquitous tagging, DOD has visibility all along the supply chain. Features continue to expand using the network not just to say where something is in the world, but what is the state and condition of the shipment? Sensors can keep track of heat and humidity on shipments such as food or medicine so that shipments that have been compromised and arrive in unusable condition don't get used by mistake.

With a major network in place and plenty of physical products flowing through the supply chain, the automatic identification technology has been proven and has evolved. But, says Jacquemard, you also need the software to do interesting things with the data when it is passed to the back-end logistics systems.

By the time of the second Gulf War, the network was extended to coalition partners such as the United Kingdom. "They've got this built out all through the UK and in several different countries throughout Europe and into Southwest Asia," Jacquemard explains. The North Atlantic Treaty Organization (NATO) has also created a mandate similar to the US mandate requiring all NATO countries to be interoperable with this network, says Jacquemard. The list is growing to include Spain, Sweden, Australia and Singapore, along with the US, UK, and NATO.

With all of this interoperability, is access a problem? No, says Jacquemard. He describes it as throwing a switch which basically tells the tag, "I don't want anyone to be able to see my data." Access is controlled from the server which routes data back to the user based on rules that establish who can have access to what data.

Many of the non-munitions shipments are handled by commercial infrastructure, explains Jacquemard, so Savi created a joint venture with Hutchinson Wampoa about two years ago. In addition to operating terminals at both ends of the Panama Canal, Hutchinson Wampoa's Hutchinson Port Holdings (www.hph.com) lists nearly 50 port operations worldwide. Recent announcements include a new container terminal being constructed in Ba Ria Vung Tau Province, Vietnam, and a 30-year concession with the Manta Port Authority to build and operate a new container terminal at the port of Manta Ecuador.

Jacquemard contrasts the military control of munitions and sensitive shipments to the commercial side. For someone sourcing in China and shipping to the US or Europe, as many as 13 to 20 different parties will handle the shipment, he says. The active tags comply with ISO 18000-7 and other standards, so some of the commercial standards did migrate into the defense applications and commercial carriers and terminal operators are comfortable with it. DOD doesn't want to own the network, so a common network with secure data satisfies DOD but doesn't exclude commercial operators.

Secure collaboration is crucial for the defense/aerospace industry, but it's certainly not easy. Ask Jeff Nigriny, outreach director for the Trans-Global Secure Collaboration Program (TSCP-www.tscp.org). The group started as the Trans-Atlantic Secure Collaboration Program with a goal to look at collaborative scenarios and figure out what it takes to make those secure from a corporate and government security perspective, says Nigriny.

Where TSCP is leading the way for commercial enterprises as well is that it is establishing policy and process technology specifications to address security issues. These vary from the highly sensitive, classified data a military organization or supplier might handle to ensuring that a manufacturer's unclassified intellectual capital is only being shared with known and trusted partners.

Sensitivity can start with a request for proposal (RFP). Keeping data secure means establishing a set of rules and security requirements. Whether an RFP includes design specifications or data and forecasts on shipments, "everywhere that data is going to reside needs to be able to enforce those security requirements and to comply with them," says Nigriny. With a long supply chain, that's a pretty decent trick, he quips.

"If I'm a procurement agent at the Department of Defense, for this RFP, I'd like to be able to go to Boeing and Lockheed and Raytheon. But I do not want them to be able to send the RFP to any of their suppliers. Or, I don't want them to be able to print these four pages of the document—those are really only for the prime supplier's eyes. After two weeks, I don't want anyone to be able to view the RFP," continues Nigriny.

With rules like that established by members, TSCP worked on perfecting the tools to make it happen. "In a collaborative scenario, you want to define when certain security requirements and technologies are appropriate and when they may be overkill."

The environment TSCP entered included some countries' defense organizations banning all use of e-mail. One goal was to demonstrate how security rules could be put into action that would allow the use of e-mail to share data in a collaborative setting where the parties are known and trusted but where data use can be constrained to fit the parameters of individual security needs. The aerospace/defense sector is in effect leading the way for the commercial sector where access to design specifications or the forecasts in a third party logistics RFP can be switched off when the deadline for the RFP is reached.

Another concept Nigriny discusses is central to collaboration. He describes "document federation" and "identity federation" as a means of aggregating identity to allow secure access to data. A first level of security may be a digital certificate or smart card that authenticates the user on his or her network. That authentication event may occur when the individual logs on at a desktop terminal in the morning and, because the level of security at the enterprise is judged to be acceptable by an outside system, access is granted for that system as well. What that looks like in real-world terms is that once a procurement manager logs on at his system in DOD, he can go to the Boeing system and look at various records indicating order and shipment status.

Many organizations are deploying the highest level of credentials internally, says Nigriny, and then with that digital certificate in place, they are free to operate along their entire supply chain. So, explains Nigriny, "When I go to an application at Honeywell, it will say, Boeing, you're passing me a guy named Bob and I'm willing to trust that it's Bob because you're telling me that you already dealt with this guy this morning. And because I trust Boeing, I'm trusting that this is Bob. But I will never actually see Bob's credentials. It's just purely based on an organization-level assertion."

Data federation is similar to identity federation but the data can stay in the system and allow trusted individuals to access it. In one maintenance scenario, Nigriny suggests the maintenance contractor can look at maintenance records, diagrams, and parts lists, but cannot download or print any of the data. The access can be set to expire at the end of the contract period, so the contractor has easy access to accomplish his job knowing he's looking at the most up-to-date information, but no proprietary or sensitive data leave the host system.

From a supply chain perspective, aerospace/defense may be leading the way in creating the technology tools, policies, and rules for a new collaborative environment that could benefit a much larger supply chain community. Data collection and aggregation are getting easier, securing access to all of that sensitive data is also moving forward.

(See - "Supply Chain Dreamin' at Boeing," Logistics Today April 2007)

Hide comments

Comments

  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.
Publish