Operational Information Management Security Architecture

Abstract

This effort developed and demonstrated a basic security architecture for the Operational Information Management (OIM) project (previously known as Joint Battlespace Infosphere (JBI), with a particular focus on authentication and authorization. New security techniques, concepts of user privileges and access policies were investigated to support efficient and accreditable access control in a multi-level, secure environment implemented using a OIM-based infrastructure. Emphasis was on future compatibility with Net-Centric Enterprise Services (NCES) and Global Information Grid Enterprise Systems (GIG-ES) protocols, policies and processes for secure sharing of information between tactical assets, Command and Control (C2) platforms and intelligence, Surveillance and Reconnaissance (ISR) systems connected via an OIM infrastructure, as well as compliance with Director of Central Intelligence Directive (DCID) 6/3 guidance and requirements. The architecture specification includes a series of flow diagrams to show how information enters and propagates through the security components. The intent of the architecture design is not to prescribe how to implement each module, rather it shows what steps are necessary for the architecture to function properly. As part of the architecture development process, a methodology for assessing the risk associated with the architecture was also defined. The resulting architecture recommendations were demonstrated for a small OIM Reference Implementation instance and covered authentication and authorization, security policy management, and access control for increasing levels of security.

Document Details

Document Type

Technical Report

Publication Date

Dec 01, 2006

Accession Number

ADA462036

Entities

Tags