Title :
High assurance authorization for the global information grid
Author_Institution :
Planning Syst., Inc., Reston, VA, USA
Abstract :
In order to design a high assurance mechanism to allow access to all information on the global information grid (multiple levels of security), architects must create small components that satisfy operational requirements for authorization, operate in a services oriented architecture, yet are certifiable to a high level using the security functional classes of the common criteria. Current Web services functionality contains complex development that is difficult to certify to a high level, and is resident on low assurance platforms. This paper discusses authorization components that enforce policy for information access and argues for the development of a protocol that can be used to develop components to produce a trusted path to information that can receive high engineering assurance levels.
Keywords :
Internet; authorisation; grid computing; open systems; telecommunication security; Web service; authorization; common criteria; engineering assurance level; global information grid; high assurance mechanism; information access; protocol; security functional class; service oriented architecture; Access protocols; Assembly; Authorization; Certification; Data security; Information security; Internet; Service oriented architecture; Spine; Web services;
Conference_Titel :
Military Communications Conference, 2005. MILCOM 2005. IEEE
Conference_Location :
Atlantic City, NJ
Print_ISBN :
0-7803-9393-7
DOI :
10.1109/MILCOM.2005.1606082