Presentation on theme: "NRL Security Architecture: A Web Services-Based Solution"— Presentation transcript:
1 NRL Security Architecture: A Web Services-Based Solution Anya KimNaval Research LabWashington D.C.
2 NRL Security Architecture Initially developed to support a DoD projectWSnodeWSnodeidentify potential threats with increased speed, timeliness, and accuracyWSnode
3 NRL Security Architecture Security RequirementsInformation sharingWhile each node is autonomous, some information may need to be shared with coalition partners, law enforcement community, etcUses complex sharing rules based on MOA, coalition participation, location, roles, etcAutonomy and survivabilityEach node should be able to function (even in degraded mode) independent of other nodesSecure data managementData is coming from various sources and security levelsLabel data based on sources, classification (e.g., levels of trust)Enforce access control based on data labels and requestor credentialsDerived from the overview of CMA slide
4 NRL Security Architecture Architecture FeaturesUses web servicesMultiple instances of autonomous web service nodes deployed within a service oriented architecture (SOA) infrastructureEach organization maintains its own usersEach organization determines and maintains its own web service access policyCross organizational access policies will be based on pre-written agreements (MOU, MOA, etc)
5 NRL Security Architecture Security FeaturesOracle Label SecurityFederated A&A ModelAuthenticationAuthorizationNetwork security *All data in transit is transmitted across the network in encrypted mode
6 Oracle Label SecurityTwo aspects of data protection: access mediation to data and data separationOracle Label Security (OLS) provides mechanisms for data protection via access mediation and has Common Criteria (CC) Evaluation Assurance Level (EAL) 4.By using correctly created data labels we can enforce policies by allowing us to label the data source.It is important to understand that OLS in this system is not used to protect data from different security levels (e.g., Top secret, secret, unclassified). Rather, it is used to protect data from various organizations (e.g., Coast Guard, DoD) within the same security level.
7 Oracle Label Security (cont.) Use OLS to separate and label data from various organizations and implement label security policy that satisfies data owners’ rules and regulationsRegular user application is label unaware, and all data separation and access mediation is performed by the OLS that implements the project’s overall label security policyUser applications (i.e., Web services) do not mediate access to data. They pass user information to Oracle and OLS returns data that the user is allowed to read
8 Federated A&A Based on a service-oriented architecture Users access the data via a series of web servicesThe web apps require the user to authenticate himself before gaining access to the web pages. Additionally, the user’s attributes, such as role and organization are included to provide input to access control decisionsBased on OASIS Security Assertion Markup Language (SAML) 2.0, and Access Control Markup Language (XACML)2.0Peer-to-peer trust relationships rather than multilateralProvides better flexibility
9 Federated A&A (cont.) SSO/SLO (Single Sign-on, Single Logout) Users need only to authenticate locally, hence required to only know one username/password comboReduces password associated risksEase of managementEnables each organization to use pre-existing authentication mechanisms independent of othersAllows organizations to create authorization policies according to their own policiesSimplifies user management in a dynamic environment
11 Conclusion NRL Security Architecture Uses commercial standards Enables independent nodes to run in degraded mode if necessary (survivability)Provides strong authentication and authorization, while preserving unique security and data sharing requirements of entitiesIs applicable to other areas where security, information sharing (e.g., need-to-know) and survivability are issues