Accession Number : ADA462036


Title :   Operational Information Management Security Architecture


Descriptive Note : Final rept. Mar 2005-Sep 2006


Corporate Author : ITT INDUSTRIES ROME NY ADVANCED ENGINEERING AND SCIENCES DIV


Personal Author(s) : Choo, Vic ; Muehrcke, Carol ; Vienneau, Rob


Full Text : http://www.dtic.mil/dtic/tr/fulltext/u2/a462036.pdf


Report Date : Dec 2006


Pagination or Media Count : 137


Abstract : This effort developed and demonstrated a basic security architecture for the Operational Information Management (OIM) project (previously known as Joint Battlespace Infosphere (JBI), with a particular focus on authentication and authorization. New security techniques, concepts of user privileges and access policies were investigated to support efficient and accreditable access control in a multi-level, secure environment implemented using a OIM-based infrastructure. Emphasis was on future compatibility with Net-Centric Enterprise Services (NCES) and Global Information Grid Enterprise Systems (GIG-ES) protocols, policies and processes for secure sharing of information between tactical assets, Command and Control (C2) platforms and intelligence, Surveillance and Reconnaissance (ISR) systems connected via an OIM infrastructure, as well as compliance with Director of Central Intelligence Directive (DCID) 6/3 guidance and requirements. The architecture specification includes a series of flow diagrams to show how information enters and propagates through the security components. The intent of the architecture design is not to prescribe how to implement each module, rather it shows what steps are necessary for the architecture to function properly. As part of the architecture development process, a methodology for assessing the risk associated with the architecture was also defined. The resulting architecture recommendations were demonstrated for a small OIM Reference Implementation instance and covered authentication and authorization, security policy management, and access control for increasing levels of security.


Descriptors :   *COMPUTER NETWORKS , *COMPUTER ACCESS CONTROL , REQUIREMENTS , COMMUNICATIONS NETWORKS , INFORMATION ASSURANCE , RISK ANALYSIS , INFORMATION PROCESSING , STANDARDS


Subject Categories : Computer Systems Management and Standards


Distribution Statement : APPROVED FOR PUBLIC RELEASE