Asynchronous Transfer Mode (ATM) User Security Services

Abstract

ATM USA provides the framework for building security solutions for DoD ATM users. This architecture can be configured to support encryption devices at the local workstation, at the ATM switch, and at enclave boundaries (including cell and link encryptors). The enclave security policy can be used to provide a fine grain control over who has access to ATM services, the type and nature of the services that can be accessed, when they can be accessed, etc. The policy can also provide flexibility to balance the quality of services with the quality of protection for a connection and can provide dynamic management of both quality of service and quality of protection. The ATM USA is also compatible with emerging ATM standards, providing a solid basis for future compatibility as these standards develop in the future. In addition, we have specified the ATM USA security extension to the ATM Native Services APL. In addition to specifying the two API primitives, we defined how these primitives are invoked by an application in conjunction with its Connection Manager to manage the security services. This document describes the Asynchronous Transfer Mode (ATM) User Security Architecture developed by ORA for the US Air Force Rome Lab under Contract No. F30602-95-C-O234. This architecture is designed to meet the user requirements for security services for DoD ATM networks. The requirements for this architecture were derived from the security requirements of four programs designated by the Air Force: the Global Grid Security Architecture, the Defense Information System Network Security Architecture (DISN), the Multilevel Information System Security Initiative (MISSI), and the Theater Battle Management C41 Architecture for Deployable Operations. These derived requirements are described in Section 2.

Document Details

Document Type

Technical Report

Publication Date

Jun 01, 2001

Accession Number

ADA393422

Entities

Tags