Federated multi-agency credentialing

Author

Ayhan, Samet ; Comitz, Paul ; Gerberick, Gary

Author_Institution

Boeing Res. & Technol., Chantilly, VA, USA

fYear

2015

fDate

21-23 April 2015

Abstract

This paper describes various approaches to secure interagency information sharing. The common objective of these approaches is to use federated credentialing as the basis for controlled access to federated, multi-agency information. The exemplary scenario for federated information sharing consists of FAA flight information being shared with authorized persons or organizations within a partner agency, such as the Department of Defense (DoD) and the converse. Approaches we explored involve an identity provider (IdP) entity that authenticates a user/client and provides a security token for consumption by a service provider (SP) entity accessed by the client. Since the emulated agencies maintain distinct security domains, secure information-sharing approaches involve varying combinations of IdP and SP entities spanning the emulated interagency boundary.

Keywords

authorisation; message authentication; smart cards; FAA flight information; IdP entities; SP entities; access control; client authentication; emulated interagency boundary; federated information sharing; federated multiagency credentialing; interagency information sharing security; security token; smart card; user authentication; Authentication; Browsers; FAA; Simple object access protocol; Smart cards;

fLanguage

English

Publisher

ieee

Conference_Titel

Integrated Communication, Navigation, and Surveillance Conference (ICNS), 2015

Conference_Location

Herdon, VA

Print_ISBN

978-1-4673-7549-8

Type

conf

DOI

10.1109/ICNSURV.2015.7121250

Filename

7121250