PAGE * | CONFIDENTIAL | TSCP|

Aerospace & Defense Industry Challenges

PAGE * | CONFIDENTIAL | TSCP|

Government-industry partnership specifically focused on mitigating the risks related to compliance, complexity, cost and IT that are inherent in large-scale, collaborative programs that span national jurisdictions.

To do business in the world today, A&D companies must balance the need to protect intellectual property (IP) while demonstrating willingness and ability to meet contractual requirements from government customers for auditable, identity-based, secure flows of information. Common Framework for Federated CollaborationIdentity Management & Assurance:Provide assurance that collaborative partners can be trustedMeet government agencies emerging requirements for identity assurance across domainsEstablish common credentialing standards that accommodate and span national jurisdictionsProtect personal privacy data of employeesData Protection:Define fine grain access right attributes for data labeling and data rights managementEstablish Application Awareness Demonstrate compliance with export control regulationsProtect corporate IP in collaborative and other information sharing programsFacilitate Secure Collaboration:Provide collaborative toolsets that will interoperate with customers and suppliersFacilitate re-use collaborative capabilities among multiple programs

PAGE * | CONFIDENTIAL | TSCP|

Leverages business processes for the A&D IndustryReduced Supplier on boarding/network costs (benefit to both A&D and Supply Base)Accelerated time to value for supply chain management technology initiativesEnhanced Security through strong authenticationAuthenticated Assurance through access managementThe chain of trust to extend to our contractors. A&D companies are responsible for vetting and supplying . At any given time, within the A&D global supply-chain, there are approximately 300,000 supplier companies working on government contracts, representing roughly 3 to 4 million individuals.

Certification and Accreditation of components inherent to the Credentialing ProcessLeveraging the A&D Supply chainTSCP A&D Companies discussingCost sharing for a supplier credential using TSCP specifications e.g. ECAs & Keyfobs

PAGE * | CONFIDENTIAL | TSCP|

TSCPs Strategic Plan Development Business DrivenExport Control RegulationsPrivacyCompanyPoliciesEg. ITAR, Export Control Act. Company-specificpoliciesEg. Privacy Act of 1974, Data Protection Act..Areas of Common Business ChallengeHolistic Approach to Addressing Common Security Concerns- Identity Management Information Protection Information Labeling.AdvancePersistentThreatsHSPD 7, cooperation with the DoD & IndustryTSCP Strategic ObjectivesStrategic ArchitectureCapability Roadmaps, Action Plans and Project Schedules Mapped toResults inExecution and Deployment InformationManagementeg. IAPPrioritized Areas of TSCP AttentionIdentity & AccessManagementEg. Web authenticationSecure Electronic Exchange

Document sharingSecure e-mail

PAGE * | CONFIDENTIAL | TSCP|

Problem Statements Use Cases TSCPMethodologyApproved Product List SpecificationsParticipantImplementTSCPMembersTSCP Development & Delivery Process Stage 0 Stage 1 & 2 Stage 3 Stage 4PlatinumPlatinum, Gold, SilverPlatinum, Gold, SilverPlatinumPlatinumPlatinum, Gold

PAGE * | CONFIDENTIAL | TSCP|

TSCP specification in public domainInformation sharing types and TSCP progressPersistent

Transient

TSCP participant has testedTSCP have tested / in production

TypePriorityNeed to secureTypePriorityNeed to secureDocument sharingHHEmailHMWeb forumsMMInstant MsgHHAccess to info on intranetsHHVoiceHMCollaborativeEngineeringHHVideo ConfLMUser access to web applicationHHWeb ConfMHApplication to applicationHH

PAGE * | CONFIDENTIAL | TSCP|

TSCP Objectives: Deploying Capabilities to the Programs2003

Phase 1Secure Collaboration FrameworkGeneric DMZ Requirements

2008 2009 - 2010

Phase 2Export Compliance and Collaborative Identity Mgmt Commercial Bridge Requirements

2007TSCP RoadmapPhase 3 Present

Validation through Pilots/Prototypes e.g. Secure e-mail, PKI identity management, Data Model for Export Compliance, Federation testing and compliance Development of international policy on identity managementIncreasing international engagement with governments, companies and vendorsTransition to production CertiPath, Secure Email, Document SharingAcceptable export compliance rule sets to enable decision makingTSCP RoadmapTSCP Roadmap.A&DSecure Email

CompanyEnterpriseArmyProgramsFCSNavyProgramsAstuteAir ForceProgramsEuroHawkNewBusinessProposalsWar Fighter& other ProgramsProposalsAccessManagement/Secure Badge PortalsSiteMinderEnterpriseShare PointGlobalSupplierPortalMicrosoftGenevaADFSCompanyPortalsMS Team CenterShare CentersDataAppsMSOfficeEnterprise Secure Information SharingEnterprise Secure Information SharingTSCP Significant Milestones & AchievementsDoD PKI Policy Change: Memorandum for Approval of External Public Key Infrastructures (PKI) at medium or higher hardware level of assurance - working directly with DoD on joint test plan for secure collaborative email and web AuthenticationA&D companies Bi-Lateral Trust with DODA&D Credentials accepted by DOD ProgramsJoint Interoperable Testing Command(JITC) testing completed as a result of TSCP.TSCP Secure Collaborative Email with A&D CertiPath members completed.

PAGE * | CONFIDENTIAL | TSCP|

TSCP Fun Facts - Things to KnowOver 100 engineers work TSCP work streams dailyDefining requirements Secure Email and Data Sharing Architecture and design teams, Development and integration teamsPrototyping, Documentation and configuration managementExecutive CIO Forum CIOs & CTOs of Government & A&D Companies Key decision makers that create or implement Policies TSCP Government Issues Committee New TSCP Government representatives DOD, GSA, UK MOD, France, Netherlands MODEvaluate policies that relate to TSCPs work and objectives to identify and address gaps between policy requirements and commercial solutionsTSCP Cyber Committee NewTSCP GB Members including Government Cyber LeadsTSCP Government Industry Outreach organizationLegal Advisor Working Group (LAW)15 attorneys including Commercial & Government membersCommon Intellectual Property Issues for Global supply-chainTeaming documents and related Program contractual flow downProcurement Supply Chain Business ModelTSCP Member and Government procurement representativesHSPD-12 PIV-I Credentialing Committee (Logical / Physical)TSCP GB and Governments membersDraft PIV-I Specification document released to governments end of AugustOn-boarding, proofing & vetting in global supply chain Export / ITAR Team (EIT) New ITAR and Export Usage data mapping New DOD Data Label Document working team, Compliancy

PAGE * | CONFIDENTIAL | TSCP|

TSCP Value PropositionCommon approaches among TSCP participants leverages each others investment and maximizes expertise and solutions to support business needs.Brings more resources and experts to bear on problem areas and gaps coordinated solutions with product vendors (eg Microsoft)

Common solutions used across all programs facilitate trusted information sharing resulting in lower costs.Enhances supplier/partner business relationships by evolving secure collaborative solutions encourages solution re-use

United industry and government influence on vendor product directions and solutions.Support for standards-based solutions versus proprietary solutionsT S C P

PAGE * | CONFIDENTIAL | TSCP|

* CONFIDENTIAL Questions?

**