The Department of Defense is expanding its identity, credential and access management, or ICAM, efforts to include the secretive Five Eyes intelligence partners and multiple U.S. services.
What Is ICAM?
ICAM is one of the most critical efforts in the digital transformation space. The goal of the DOD’s ICAM program is to provide a secure computing environment where users can securely access all authorized resources based on mission need and to let the Pentagon know who and what is on its networks at any time.
The DOD’s ICAM strategy recently achieved a milestone when it expanded its trust to another nation—Canada. Leslie Beavers, principal deputy chief information officer, said a U.S. identity provider trusted Canadian users while a Canadian identity provider trusted U.S. users.
“We had a big win … when we made that happen for 35 people,” Beavers, a Wash100 Award winner, told FedScoop in a Dec. 3 article. “It sounds like a small number, but it was the first technology solution where we truly federated our identity, credential and access management. … That is a big step.”
Leslie Beavers is the keynote speaker at the Potomac Officers Club’s 2025 Digital Transformation Summit on April 24. This GovCon-focused event is a great opportunity to learn what Beavers has in store for the DOD’s digital transformation. Sign up now!
Following this breakthrough achievement with Canada, Beavers and the DOD now want to expand ICAM to the U.S.’s other Five Eyes intelligence partners: the United Kingdom, Australia and New Zealand. Beavers told FedScoop the next steps include evaluating the policy and engineering challenges in a way that would allow the DOD to expand ICAM to, eventually, every NATO member.
What Is Five Eyes?
Five Eyes has its roots in intelligence sharing from World War II and is a collective of the U.S. and its closest intelligence partners. The Five Eyes nations agree to trade, by default, all signals intelligence gathered, in addition to techniques and methods related to signals intelligence operations. Signals intelligence, or SIGINT, is derived from electronic systems and signals employed by foreign targets. These include radars, weapon systems and communication systems that provide a critical view into foreign adversaries’ intentions, capabilities and actions.
Multi-Phase Framework
Beavers on Nov. 26 issued the DOD ICAM Federation Framework, which creates a phased approach for enacting scalable and secure identity federation within the DOD and its partners. Phase one addresses standardization of Pentagon-wide ICAM services to enable internal information sharing.
Phase two creates connections with mission teammates through aligned federation policies and trust agreements. Identity federation is an outline of trust between parties for validating user identity, providing user authentication assertions or claims and conveying information as attributes that would be required to approve access to resources.
The DOD has a goal to have a ICAM connection on unclassified computer networks across all services by the end of fiscal year 2025, or Sept. 30. Breaking Defense, on Feb. 21, reported that the Defense Information Systems Agency, or DISA, in early FY 2025, created a federation hub that allowed it to have a “total picture” of all the information accessible to a user, almost assuring that ICAM is functioning properly.
Brian Hermann, program executive officer for cyber at DISA, said that the agency, with this hub, has started working with the U.S. Army to federate its ICAM services. Hermann anticipates this to wrap up by March with the U.S. Navy, followed by the U.S. Air Force, federating its ICAM options by the end of FY 2025.
“We’re going to use the lessons that we learned out of [the services] to go ahead and do the federation across all the other ICAM solutions that exist within the department,” Hermann said.
Listen to a star-studded lineup of DOD leaders and IT experts at the Potomac Officers Club’s 2025 Digital Transformation Summit on April 24. It promises to be a fruitful day of discussion for the GovCon community. Don’t miss out!
