Security in Simulation - New Authorization Opportunities in HLA 4

A new version of the High Level Architecture (HLA) [1], with the working name HLA 4 [2], is under development. One security aspect that this new version addresses is authorization. The current version of HLA provides no standardized way to control which federates are allowed in a federation. HLA 4 adds new functionality for authorization, enabling control of which federates are allowed to connect to a Runtime Infrastructure (RTI) and to join a particular federation. The new functionality is provided using a flexible plug-in design. Many types of authentication can be supported, for example passwords, X.509 certificates, and connection to Active/Open Directory servers. This paper describes a number of use cases for authentication in HLA federations. It also describes the technical design of the new security plug-in. Finally, it discusses the potential and limitations of the selected approach.