Document-based message-centric security using XML authentication and encryption for coalition and interagency operations
Williams, Jeffrey Scott
MetadataShow full item record
Different agencies and different nations are not able to securely communicate and share structured information due to differences in security policies and data formats. The current evolution of security and data policies is not solving this fundamental problem. Document-based message-centric XML security can provide satisfactory security within a diversified communications framework between traditional and nontraditional partners by utilizing existing Web standards for XML canonicalization, XML digital signature, XML compression and XML encryption. Vulnerabilities related to the exchange of cryptographic technologies are minimized by strictly adhering to open-standards technology. This approach thus resolves multi-partner trust challenges in regards to using another entity's equipment, software, or policy requirements through the proper adoption of standards-based structured data and alternative cryptographic algorithms. Exemplar results demonstrated in this thesis show that XML Security is a feasible approach for operations that include multiple agencies and coalition partners. Alternative solutions are also available using proprietary technologies, but such approaches lock participants into commercial contracts, prohibit distribution and provide suspect capabilities. Therefore, they cannot attain interagency or international acceptance. Such methods involve the use of unique or proprietary message formats with customized encryption and compression algorithms that are not available for broad scrutiny by open source communities. Closed approaches cannot gain group trust. This thesis specifically investigates XML standardization methods for various categories of unclassified data to provide secure information exchange among a wide audience, e.g. multi-agency task force or multinational coalition partners. Using an XML document-centric approach is a helpful organizing principle for this problem that provides levels of security consistent with common business practices achieved, within the constraints of the respective organizational security policies of each participant. The resulting design patterns for XML document development enhance confidentiality, integrity, and authentication commensurate with the nature of the unclassified document generated, while maintaining information objects at an appropriate level of security and acceptable level of risk.
RightsThis publication is a work of the U.S. Government as defined in Title 17, United States Code, Section 101. Copyright protection is not available for this work in the United States.
Showing items related by title, author, creator and subject.
Shu, Jonathan Lee Yee (Monterey, California. Naval Postgraduate School, 2009-06);As information sharing becomes increasingly necessary for mission accomplishment within the Department of Defense, the rules for protecting information have tightened. The sustained and rapid advancement of information ...
Ware, Ryan T. (Monterey, California. Naval Postgraduate School, 2010-06);In this thesis, we attempt to analyze the effectiveness of defense-in-depth mechanisms. As an example of defense-indepth, we study two layers of encryption to protect network traffic. At a quick glance, two layers of ...
Hall, Derek; Sands, Timothy (ccsenet.org, 2020-01);The nuclear inventory of Russia and the USA currently comprises 12,685 warheads in a large network of vehicles; and the interconnected network is managed by a command and control communication system. This command and ...