The request covers spending from the NSA's Information Assurance Directorate, which provides products and services to secure national security systems -- think cybersecurity for military command and control and weapons systems, among numerous things. The Department of Defense, naturally, is the IAD's largest customer, though other agencies can request its services on a case-by-case basis.
The NSA is decreasing its spending on information assurance from $972 million last year to $915 million this year and $902 million next year, though those decreases come as the military ramps up its own spending on information assurance. About half of the NSA's budget will be spent on research, development, and testing, while much of the other half will be spent on operations. The little left over will be spent on procurement.
The document lays out the NSA's information assurance efforts and plans across a number of categories, including computer network defense, encryption, identity, access management, and workforce development, and goes into some specifics in a few of those areas.
For example, the NSA plans to spend $112 million in fiscal 2011 on cryptographic systems, including those integrated into combat systems and nuclear command and control, secure voice and data links, and a program it calls "space cryptography." NSA plans to spend an additional $46 million on cryptographic key management.
NSA's public key infrastructure spending includes the addition of new protocol support for its certificate validation services, development of biometrics support, a monitoring capability for Red Hat Certificate Management Systems, and the capability for NSA-developed PKI to interoperate with other systems across the government and private sector.
The NSA will also spend $18.6 million training cyber warriors working at the DoD. "Providing a continuum of learning activities is fundamental for recruitment and retention of highly qualified cyber warriors," the document says. "Their work roles require ensuring effective development to perform proactively or in response to executed threats and to ensure accomplishment of operationally assigned tasks."
NSA is continuing work on what's known as the High Assurance Platform, which it has referred to as "a framework for the development of the next generation of secure computing platforms." HAP includes enabling such capabilities as multiple security domains -- and therefore, for example, potential access to multiple levels of classified information -- on the same client using virtualization. IBM and VMware have both publicly announced their support as contractors for the HAP program. In fiscal 2011, NSA will operationalize the second generation of HAP and begin work on the third generation.
NSA is also continuing advanced research on secure hardware. "The Advanced Computing Research program will continue to promote ideation in the creation of new chip multiprocessor technologies that will benefit the missions of NSA in cryptology, digital signal processing, filtering and selection, intrusion detection, knowledge discovery, voice recognition, natural language machine translation, and event simulation," the document says.
Despite the details, in many places, the information assurance efforts the NSA carries out for the DoD are outlined in largely broad strokes, so it's difficult to tell what's actually going on at the program level. Further, many of the line items in the budget are labeled either "N/A" or "Classified and Intelligence," so, other than the general category of spending (e.g., "IA Engineering and Development") and the total dollar figures attached, it's impossible to know much more about their details.
Not included in this spending is a large data center NSA is constructing at Camp Williams in Utah to support the partially classified Comprehensive National Cybersecurity Initiative. NSA is requesting $398 million to continue construction on that project, which according to another DoD budget document, is expected to be completed by May 2014.
However, the request does detail a few of the NSA's accomplishments from last fiscal year, including: the development of a tool called USBDetect that reports unauthorized use of USB thumb drives and other external storage devices; the development of a smartphone called SME-PED that protects voice communications classified up to Top Secret and data connectivity classified up to Secret; the development of next-generation encryption through a program called programmable objective encryption technologies; and the installation of POET technologies into bombers, reconnaissance planes, and the Air Force's command and control systems, among other places.