INFOSPACE Concept Exploration and Development Across Secure Community of Interest (COI) Boundaries

Abstract

This effort developed technology to securely compose, maintain and dissolve infospheres, including aspects of service discovery, negotiation, configuration, revocation, and policy enforcement, and basic actions associated with composing and decomposing COIs. A capability was developed to automate the announcement, discovery, request matching, and life-cycle management of information services both within and across security domain boundaries. Requirements and design trade-offs associated with the management of information services across security domains were researched and documented. A requirements analysis indicated that in a multi-domain environment in which information services must be shared between domains, the security framework should include location transparency of both service registries and service providers between the domains. An architecture was defined that enforces location transparency while enabling secure sharing of information services via new methods for secure announcement across security domain boundaries in a manner that allows only intended recipient domains to decrypt the service announcement. The major contribution of this work was the development of a new Trust Model for Secure Service Management incorporating secure service announcements, secure Service Manager processes, a secure Private Registry and an open Application Programming Interface (API) for secure Service Invocation requests. The resulting technology was demonstrated for a combined Federal Aviation Administration (FAA) and DoD scenario regarding Special Use Airspaces.

Document Details

Document Type

Technical Report

Publication Date

Dec 01, 2006

Accession Number

ADA462138

Entities

Tags