Realistic combined arms training and mission rehearsal, particularly at the command level, often requires the use of classified information. Typically such exercises are performed in system high security enclaves that do not accurately represent the battle space. The ability to train in a multi-level secure distributed simulation environment would permit a more realistic emulation of real warfare which is increasingly influenced by information warfare. A concept for implementing encryption to support multi-level secure distributed simulation is described. The concept makes use of hardware and software components developed as a part of the National Security Agency sponsored Multi-level Information Systems Security Initiative (MISSI). A principal element of the concept is the securing of sensitive information at the point of origin through encryption at the application level. This represents a major shift from the usual bulk encryption at the system high enclave boundary and potentially makes possible multi-level secure information flow within a simulation as well as between distributed enclaves at differing levels of security.

The scope of this paper is focused on the technical feasibility of application level information encryption within a distributed simulation and between distributed simulation sites. Security issues associated with setting up and processing secure information flows within a distributed multi-level secure network configuration are addressed; however, it is assumed that a common security policy has been defined satisfactory to participants operating at differing security levels within the distributed simulation federation.

A planned international demonstration of the Fortezza-based MLS concept is described. The demonstration will consist of a simple military battle interaction between three widely distributed MODSAF simulation workstations, two located in the United States (STRICOM and SPARTA in Orlando, Florida) and the third in Europe (TNO-FEL in the Netherlands). Selected data labeled and handled as secure during the simulation execution will only be viewable at certified locations. Projected estimates of the effect of Fortezza response on the interactive simulation are presented and implications discussed.