An Application Security Framework for SOA-Based Mission Data Systems

ESA is developing, deploying, and operating a wide variety of mission data systems. These are mainly used for the command & control of spacecraft and the exploitation and dissemination of space-based services to end users. A new ESA activity, the European Space Situational Awareness (SSA) Initiative, requires a novel generation of mission data systems to be developed. These systems are based on a service-oriented architecture (SOA) and capable of supporting a large system-of-systems environment. At the same time, information security is an area of growing concern in the space business and among space agencies. Especially in the area of SOA-based environments, where interconnectivity of components is a core principle, an efficient and robust security concept needs to be put in place to ensure secure mission operations. In this paper, we describe an application security framework for SOA-based mission data systems. This framework increases significantly the robustness and security of web services and web applications through use of a Secure Software Development Lifecycle (SSDLC) and provision of tools & templates for SSA mission data system developers. We are confident that the application security framework will drastically improve the security and robustness of SOA-based mission data systems that will be used in the European SSA Initiative and other ESA projects, while at the same time keeping the related additional effort minimal.