Examining SOA Attribute-Based Security in Tactical Networks: A Web Services Security Engineering Initiative
Abstract
Emerging net-centric warfare technologies will provide military decision support personnel with access to significant amounts of battlefield information that is real-time. These technologies offer the potential to significantly transform command and control in Battle Management. Effective, intuitive information sharing will be a key driver for that improvement. The war-fighter operates in dynamic situations where human factors impact the security environment. Systems employing enterprise Service Oriented Architecture (SOA) must implement advanced security that reflects this context. Current approaches to information sharing are largely coarse-grained and do not take environmental factors into account - this posture discourages effective information sharing. Assured Information Sharing (AIS) attempts to strike a balance between protecting information and enabling the sharing of that information. This technical report presents findings on research into Assured Information Sharing. It examines the best practices in implementing Attribute-Based Access Control (ABAC) via security policies in an SOA. In order to better inform SOA development, the focus is on operations within an airborne tactical network environment. It explores how fine-grained security mechanisms perform when disconnected, intermittent, and low-bandwidth network characteristics are imposed. The primary objective is to gain insight into associated tradeoffs.
Document Details
- Document Type
- Technical Report
- Publication Date
- Apr 01, 2009
- Accession Number
- AD1107285
Entities
People
- Adam Jenkins
- Ronald Albuquerque
Organizations
- MITRE Corporation