160 likes | 319 Views
Evaluation and Testbed Development. Bhavani Thuraisingham The University of Texas at Dallas bhavani.thuraisingham@utdaallas.edu Jim Massaro and Ravi Sandhu The University of Texas at San Antonio Tim Finin University of Maryland, Baltimore County. Outline. Project Tasks Accomplishments
E N D
Evaluation and Testbed Development Bhavani Thuraisingham The University of Texas at Dallas bhavani.thuraisingham@utdaallas.edu Jim Massaro and Ravi Sandhu The University of Texas at San Antonio Tim Finin University of Maryland, Baltimore County
Outline • Project Tasks • Accomplishments • NCES/GIG Security • AIS Questionaire • Next Steps
Project Tasks • Year 1: Determine Base-line, Gather requirements from AIS Community, Develop scenarios • Year 2: Testbed architecture design and preliminary prototype addressing subset of the requirements • Year 3: Enhanced prototype for evaluation by interested organizations • Optional years: Continue with the development
Accomplishments • Base-Line: NCES and GIG Security/Information Assurance • Questionaire to be distributed to the Services to gather requirements • Will work with Dr. Herklotz to identify people to send the questionaire to • Two courses taught at AFCEA (Armed Forces Communications and Electronics Association) May 2008 with units on Assured Information Sharing
What is NCES? • NCES enables information sharing by connecting people/systems who have information* with people/ systems who need information • For people who have information, NCES provides global information advertising and delivery services • For people who need information, NCES provides global services to find and receive information • http://www.disa.mil/nces/about_nces/NCES_Overview_06-15-2007.ppt * Information – data and services (web services)
What is the Global Information Grid (GIG)?* • The GIG represents a globally interconnected, end-to-end set of information capabilities and processes for collecting, processing, and managing information on demand to warfighters, policymakers, and support personnel. • The GIG provides a critical foundation for the DoD’s Network-Centric vision by: (1) supporting the posting of data to shared spaces as early as possible; (2) providing users with an enhanced capability to pull required data from wherever they are, whenever they need it; and (3) ensuring information assurance measures are applied effectively and across the enterprise. • The enterprise services component of the GIG consists of a suite of reusable core enterprise services such as (1) discovery of potential new users or data sources, (2) mediation between various data formats, (3) discovery of data and applications to solve problems, and (4) provisioning of the appropriate security services and keys to allow access to the data required. • *Source: http://www.globalsecurity.org/intell/systems/gig.htm
Portal Application Service Provider Service Consumer Policy Enforcement Point Service Consumer Security Services: Detail View User Request / Response Policy Retrieval Service Policy Admin Service Attribute Service Policy Decision Service Certificate Validation Service NCES Security Services
Logical Component Overview Application Service Provider User Policy Enforcement Point Authentication Service Consumer Identity Store NCES Service Security DOD PKI & LDAP Certificate Validation Service Policy Decision Service Policy Retrieval Service Attribute Store Attribute Service Policy Admin Service Policy Store
Questionaire • The purpose of the (Web-based) Questionaire is to gather requirementds from DoD and its partners for Assured Information Sharing to guide our research • For each question, if you answer “yes”, please elaborate on your answer. For each question you answer “no”, please state your future plans with respect to that question
Questionaire: Basic questions • Is your organization adopting DoD’s Information Sharing Strategy? • If no, what information sharing strategy is your organization following? • If there is no strategy, then are you planning to have one in the future? • Is yes, are you planing to implement all five implementation strategies proposed by the DoD?
Questionaire: Policies • What policies are important to your organization for AIS • Confidentiality, Privacy, Trust, Integrity, Other • Explain each type of policy • Is multilevel security important to your organization for AIS? If so, how do you handle information flow from High to Low? • Are you utilizing a trusted guard/filter for information sharing across security levels?
Questionaire: Partners and Trust • Do you have to share information with partners at different trust levels? • How do you handle partners of different trust levels? • How are trust levels assigned in your environment? • Are the trust levels changing with time for a partner?
Questionaire: Standards • Is you organization adopting NCES and GIG strategies? • What standards is your organization adopting? • E.g., Web 2.0, SOA? • Are you using XACML, SAML for policies? • Are you preparing for Web 3.0? • Is your organization adopting DODAF?
Questionaire: Technologies • Do you belong to a federated environment? • What knowledge management practices do you enforce? • Will you adopot the DoD KM strategy (e.g., AKM)? • Are their incentives for you to share data? • Describe how social networking is gaining importance in your organization and what are the tools you are using? • What information management strategies do you follow? • Describe any other activities/scenarios related to AIS
Next Steps • Send questionaire to government agencies; work with AFRL and other DoD Labs • Present our research results to DoD agencies and get feedback • Work with our partners (e.g., Raytheon) and discuss opportunities for technology transfer • Scenario development