Interpretation of the Department of Defense Goal Security Architecture Using the Reference Model for Open Distributed Processing

Abstract

U.S. defense information systems and those of its coalition partners are increasingly networked among themselves and to other information systems, all of which are frequently managed by different organizations and subject to different security policies. This is especially true in coalition and joint operations where the networks may be very dynamic. These systems must be capable of protecting multiple changing classifications of information. IDA has previously found the DoD Goal Security Architecture (DOSA) provides a suitable model for expressing the information security of such systems. This paper uses the Reference Model for Open Distributed Processing, an international standard, to present information system security concepts found in the DUSA. The result is several frameworks that can be instantiated to form an architecture for a particular system. Each framework represents a different concern of the security architect. We illustrate these concepts and concerns using a simple military example of a military operations plan and order for a coalition task force employing forces drawn from three coalition nations. Relevant security requirements from the DUSA are imposed to aid the description of the system. On finishing the paper, the reader should understand the principles of the DOSA; have a rudimentary knowledge of the RM-ODP and understand why it is useflil in describing security in distributed systems; and begin to understand how an automated system could be designed that would support coalition operations

Document Details

Document Type

Technical Report

Publication Date

Nov 01, 1999

Accession Number

ADA381883

Entities

Tags