Systemic Policy Compliance in a Multi-Jurisdictional Defence Program - Defence Suppliers Perspective

Abstract

Contemporary Aeronautical & Defense (A&D) programs require customers (defense agencies) and their suppliers to collaborate in environments that involve partners globally spread over the globe. In such a broad multi-jurisdictional environment, there is an increasingly critical need to ensure that all applicable information protection policies are enforced throughout the lifecycle of the programs, from concept to design, manufacturing, support and program end-of-life. These information protection policies come from multiple sources, such as: national policy authorities, that define policies aimed to protect national security interests, export control policy authorities, that define policies aimed at controlling the export of sensitive goods and information to foreign countries, and corporate policy authorities, that define policies aimed at protecting corporation s intellectual properties. The Transglobal Secure Collaboration program (TSCP, http://www.tscp.org) is a consortium that is formed by major industrial players that serve the aeronautical and defense sector, together with government organizations; their customers. This consortium aims at developing governance, common operating rules and technical specifications that can be used to implement a scalable and interoperable collaboration capability that is compliant with the appropriate policies that govern such systems. In this context, the TSCP has to address a number of collaboration scenarios where information is protected, while allowing for efficient sharing. This paper focuses on some of the issues related to the automation of information protection enforcement, including: the modelling of information protection policies, and the expressiveness required from authorization languages. Although this paper presents a solution framework that addresses the acquisition scenario, the solution framework presented in this paper is useful in other defense industry scenarios as well.

Open PDF

Document Details

Document Type
Technical Report
Publication Date
Nov 01, 2010
Accession Number
ADA592006

Entities

People

  • Jean-paul Buu-sao
  • Roel Vester
  • Vijay Takanti

Tags

Communities of Interest

  • Autonomy
  • Cyber
  • Space

DTIC Thesaurus Topics

  • Air Force
  • Boundaries
  • Commerce
  • Computer Access Control
  • Defense Industry
  • Export Controls
  • Exports
  • Information Exchange
  • Intellectual Property
  • Language
  • Law
  • Organizational Structure
  • Security
  • Specifications
  • Standards
  • United States
  • Word Processors

Fields of Study

  • Computer science

Readers

  • Cybersecurity.
  • Defense Technology Research and Development.
  • Systems Analysis and Design