Document-based message-centric security using XML authentication and encryption for coalition and interagency operations
Loading...
Authors
Williams, Jeffrey Scott
Subjects
Advisors
Brutzman, Don
Date of Issue
2009-09
Date
Publisher
Monterey, California. Naval Postgraduate School
Language
Abstract
Different agencies and different nations are not able to securely communicate and share structured information due to differences in security policies and data formats. The current evolution of security and data policies is not solving this fundamental problem. Document-based message-centric XML security can provide satisfactory security within a diversified communications framework between traditional and nontraditional partners by utilizing existing Web standards for XML canonicalization, XML digital signature, XML compression and XML encryption. Vulnerabilities related to the exchange of cryptographic technologies are minimized by strictly adhering to open-standards technology. This approach thus resolves multi-partner trust challenges in regards to using another entity's equipment, software, or policy requirements through the proper adoption of standards-based structured data and alternative cryptographic algorithms. Exemplar results demonstrated in this thesis show that XML Security is a feasible approach for operations that include multiple agencies and coalition partners. Alternative solutions are also available using proprietary technologies, but such approaches lock participants into commercial contracts, prohibit distribution and provide suspect capabilities. Therefore, they cannot attain interagency or international acceptance. Such methods involve the use of unique or proprietary message formats with customized encryption and compression algorithms that are not available for broad scrutiny by open source communities. Closed approaches cannot gain group trust. This thesis specifically investigates XML standardization methods for various categories of unclassified data to provide secure information exchange among a wide audience, e.g. multi-agency task force or multinational coalition partners. Using an XML document-centric approach is a helpful organizing principle for this problem that provides levels of security consistent with common business practices achieved, within the constraints of the respective organizational security policies of each participant. The resulting design patterns for XML document development enhance confidentiality, integrity, and authentication commensurate with the nature of the unclassified document generated, while maintaining information objects at an appropriate level of security and acceptable level of risk.
Type
Thesis
Description
Series/Report No
Department
Modeling, Virtual Environments, and Simulation Institute (MOVES)
Organization
Naval Postgraduate School
Identifiers
NPS Report Number
Sponsors
Funder
Format
xxiv, 303 p. : ill., maps (some color) ;
Citation
Distribution Statement
Approved for public release; distribution is unlimited.
Rights
This publication is a work of the U.S. Government as defined in Title 17, United States Code, Section 101. Copyright protection is not available for this work in the United States.