Hier finden Sie wissenschaftliche Publikationen aus den Fraunhofer-Instituten.

High-level design process for NATO high assurance ABAC guard

: Wrona, Konrad; Oudkerk, Sander; Hein, Christian; Menz, Nadja; Ritter, Tom

NATO, Science and Technology Organization:
Architecture Definition and Evaluation. Définition et évaluation des architectures : Papers presented at the STO Information Systems Technology Panel (IST) Symposium held in Toulouse, France on 13-14 May 2013
Tallinn: NATO, 2013 (STO Meeting Proceedings MP-IST-115)
ISBN: 978-92-837-0194-1
Symposium on Architecture Definition and Evaluation <2013, Toulouse>
Fraunhofer FOKUS ()
complex systems; architecting; modelling; evaluation; simulation; analysis; system engineering; architecture

In the paper we describe the development process for the High Assurance ABAC Guard (HAAG), which is one of the important security enablers the NATO future information sharing architectures, including Information Exchange Gateway Scenario D and Future Mission Networks. The HAAG implements Attribute-based Access Control (ABAC) for information requests, and enforces Content-based Protection and Release policies. Our system design process incorporates a structured way of collecting requirements and takes into account a security risk assessment of the system. The process is based on industry standards and best practices. It is accompanied by a definition of a Common Criteria Protection Profile, which captures security requirements for the HAAG. All phases of the system design process are perfor med using an integrated modelling environment based on Eclipse and open-source tools. The environment allows us to build and maintain a relatively complex model and, to a large extent, automatically generate the required design documentation.