SWIM-SUIT Information Models & Services

Slides:

Advertisements

Similar presentations

Presented to: By: Date: Federal Aviation Administration Registry/Repository in a SOA Environment SOA Brown Bag #5 SWIM Team March 9, 2011.

Advertisements

Authentication Applications. will consider authentication functions will consider authentication functions developed to support application-level authentication.

Practical Digital Signature Issues. Paving the way and new opportunities. Juan Carlos Cruellas – DSS-X co-chair Stefan Drees - DSS-X.

Policy interoperability in electronic signatures Andreas Mitrakas EESSI International event, Rome, 7 April 2003.

<<Date>><<SDLC Phase>>

Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.

Connect. Communicate. Collaborate Click to edit Master title style MODULE 1: perfSONAR TECHNICAL OVERVIEW.

Figure 1: SDR / MExE Download Framework SDR Framework Network Server Gateway MExE Download + Verification Using MExE Repository (Java sandbox) MExE Applet.

6/4/2015National Digital Certification Agency1 Security Engineering and PKI Applications in Modern Enterprises Mohamed HAMDI National.

Understanding Active Directory

1 IP Security Outline of the session –IP Security Overview –IP Security Architecture –Key Management Based on slides by Dr. Lawrie Brown of the Australian.

PAWN: A Novel Ingestion Workflow Technology for Digital Preservation

Applied Cryptography for Network Security

A Heterogeneous Network Access Service based on PERMIS and SAML Gabriel López Millán University of Murcia EuroPKI Workshop 2005.

Automated Policy Enforcement Adam Vincent, Layer 7 Federal Technical Director

PAWN: A Novel Ingestion Workflow Technology for Digital Preservation Mike Smorul, Joseph JaJa, Yang Wang, and Fritz McCall.

Web Service Architecture Part I- Overview and Models (based on W3C Working Group Note Frank.

Web services security I

Christopher Chapman | MCT Content PM, Microsoft Learning, PDG Planning, Microsoft.

Key Management in Cryptography

Wolfgang Schneider NSI: A Client-Server-Model for PKI Services.

WP6: Grid Authorization Service Review meeting in Berlin, March 8 th 2004 Marcin Adamski Michał Chmielewski Sergiusz Fonrobert Jarek Nabrzyski Tomasz Nowocień.

Requirements for Epidemic Information Management Farrukh Najmi XML Standards Architect Sun Microsystems

1SWIM-SUIT Public Launch – 23 April 2007 System Wide Information Management in OATA Bert Nijhof OATA Technical Manager EUROCONTROL DAS/SAS/OCA.

1 Secure Distributed Objects for Grid Applications Laurent Baduel, Arnaud Contes, Denis Caromel OASIS team ProActive

Introduction to Secure Messaging The Open Group Messaging Forum April 30, 2003.

Mechanism to support establishment of charging policies Group Name: WG2-ARC Source: InterDigital Meeting Date: TP8 Agenda Item:

SWIM-SUIT SWIM-SUIT Prototype preliminary architecture Dario Di Crescenzo (Selex SI) 14/05/2008 AP4/SWIM Technical Interchange Meeting (TIM) 1.

Java Security Pingping Ma Nov 2 nd, Overview Platform Security Cryptography Authentication and Access Control Public Key Infrastructure (PKI)

Chapter 9: Using and Managing Keys Security+ Guide to Network Security Fundamentals Second Edition.

ArcGIS Server and Portal for ArcGIS An Introduction to Security

DigCCurr Professional Institute: Curation Practices for the Digital Object Lifecycle Digital Curation Program Development Nancy Y McGovern Research Assistant.

Privacy Communication Privacy Confidentiality Access Policies Systems Crypto Enforced Computing on Encrypted Data Searching and Reporting Fully Homomorphic.

Security Overview  System protection requirements areas  Types of information protection  Information Architecture dimensions  Public Key Infrastructure.

February 8, 2005IHE Europe Educational Event 1 Integrating the Healthcare Enterprise Basic Security Robert Horn Agfa Healthcare.

Ocean Observatories Initiative Data Management (DM) Subsystem Overview Michael Meisinger September 29, 2009.

Building Security into Your System Bill Major Gregory Ponto.

SWIM-SUIT: Laying the technological foundation for SWIM Massimiliano De Angelis May 2008 ICNS 2008.

SOA-39: Securing Your SOA Francois Martel Principal Solution Engineer Mitigating Security Risks of a De-coupled Infrastructure.

SWIM-SUIT prototype architecture Dario Di Crescenzo / SELEX Sistemi Integrati Georg Trausmuth / FREQUENTIS.

EGEE-II INFSO-RI Enabling Grids for E-sciencE EGEE and gLite are registered trademarks Security Token Service Valéry Tschopp - SWITCH.

Web Services Presented By : Noam Ben Haim. Agenda Introduction What is a web service Basic Architecture Extended Architecture WS Stacks.

8/31/2012ISC329 Isabelle Bichindaritz1 Database Environment.

What’s MPEG-21 ? (a short summary of available papers by OCCAMM)

Module 5: Designing Security for Internal Networks.

1 3GPP2 GBA Overview Adrian Escott Chair, TSG-S WG4 24 May 2006.

Database Environment Session 2 Course Name: Database System Year : 2013.

Cryptography and Network Security Chapter 14 Fourth Edition by William Stallings Lecture slides by Lawrie Brown.

1 reTHINK Deliverables, How To Read reThink deliverables quick starter.

Security Patterns for Web Services 02/03/05 Nelly A. Delessy.

Module 2: Introducing Windows 2000 Security. Overview Introducing Security Features in Active Directory Authenticating User Accounts Securing Access to.

Authorization GGF-6 Grid Authorization Concepts Proposed work item of Authorization WG Chicago, IL - Oct 15 th 2002 Leon Gommans Advanced Internet.

Technical Support to SOA Governance E-Government Conference May 1-2, 2008 John Salasin, Ph.D. DARPA

EbXML Registry and Repository Dept of Computer Engineering Khon Kaen University.

1 Database Environment. 2 Objectives of Three-Level Architecture u All users should be able to access same data. u A user’s view is immune to changes.

Cryptography and Network Security Chapter 1. Background  Information Security requirements have changed in recent times  traditionally provided by physical.

Basic Security Cor Loef Philips Medical Systems Co-Chair IHE Radiology Technical Committee.

Ocean Observatories Initiative Common Operating Infrastructure (COI) Overview Michael Meisinger, Munindar Singh September 29, 2009.

Active Directory Domain Services (AD DS). Identity and Access (IDA) – An IDA infrastructure should: Store information about users, groups, computers and.

SWIM-SUpported by Innovative Technologies Antonio Strano 14/04/2010 SWIM-SUIT Overview.

Dr. Ir. Yeffry Handoko Putra

Cryptography and Network Security

Authentication Applications

Module 8: Securing Network Traffic by Using IPSec and Certificates

Brief Introduction to IEEE P802.1CF

NAAS 2.0 Features and Enhancements

Module 8: Securing Network Traffic by Using IPSec and Certificates

Chapter 2 Database Environment Pearson Education © 2014.

Chapter 2 Database Environment Pearson Education © 2009.

Security Mechanisms Network Security.

Presentation transcript:

SWIM-SUIT Information Models & Services

Overview This presentation refers to work in progress –It shows some directions the work on the SWIM-SUIT prototype will go –It is the intention to raise some questions related to FAA SWIM and to start discussion on topics being presented 15/05/2008 AP4/SWIM TIM, Brussels 2

Outline Information Models Services 15/05/2008 AP4/SWIM TIM, Brussels 3

15/05/2008 AP4/SWIM TIM, Brussels 4 Information Models Specification of Information Models –Goal of SWIM-SUIT project: Reuse & Adaptation of suitable Information Models Usage of scenarios to identify requirements for prototype –Information to be contained in SWIM-SUIT model –Technology to be used for data transport including wire representation / serialization / marshalling

15/05/2008 AP4/SWIM TIM, Brussels 5 Information Domains Information Model for Prototype limited to –Flight Data –Surveillance Data

15/05/2008 AP4/SWIM TIM, Brussels 6 Information Models Tasks –Create catalogue of available information models FOIPS / ICOG2 AICM4.5 ASTERIX Cat. 62 OATA –Selection of information model and adoption for SWIM-SUIT –Identify missing data items in available models –Create SWIM-SUIT information model

SWIM-SUIT Information Model Focus on Flight Data and Surveillance Data Reuse & Adapt ICOG2 Information Model –Rational Rose Model & Generated XML Schemas –References to Environmental Data (AIXM) Experiment with non-conventional encoding of surveillance data –ASTERIX Cat.62 or XML 15/05/2008 AP4/SWIM TIM, Brussels 7

Outline Information Models Services 15/05/2008 AP4/SWIM TIM, Brussels 8

15/05/2008 AP4/SWIM TIM, Brussels 9 Link to SWIM-SUIT Architecture SWIM ATM Application services (access to added-value ATM functionality, e.g. CDM services) SWIM ATM Information Access Services (i.e. the “SWIM Virtual Information pool”) SWIM Core Technical Services (possibly based on standard IT middleware technologies) SWIM network (i.e. the physical pan-European network) SWIM Network SWIM Core Technical Services SWIM ATM Info Access Services SWIM ATM Application Services SWIM-SUIT Prototype scope

SWIM-SUIT Services Communication patterns –Publish/Subscribe FOIPS Role Model –Example for domain specific Work Flow –Contributor, Manager, Publisher, User –Request/Reply 15/05/2008 AP4/SWIM TIM, Brussels 10

SWIM-SUIT Architectural Issues Data Transport vs. Data Storage Core Technical Services affecting all Service Layers –Lifecycle –Security Implemented by external system vs. Policy based Design issue –Evolution Protocol transparency 15/05/2008 AP4/SWIM TIM, Brussels 11

Core Technical Services Security – Authentication – PKI & Identity Management – Session Context / Key Lifecycle – Repository / Directory (LDAP) – User names, public keys, roles – Services – Trader – Topic lookup 15/05/ AP4/SWIM TIM, Brussels

15/05/2008 AP4/SWIM TIM, Brussels 13 Prototype Security Aspects Security Aspects –Description of how SWIM-SUIT services fulfils established security requirements Authentication Authorization Access Control –Description of how SWIM-SUIT information model fulfils defined security requirements Encryption Digital Signatures

Security The SWIM-SUIT prototype shall ensure that only authenticated external systems can request information from SWIM-SUIT services. shall restrict access of external systems. shall provide means to ensure information integrity. shall provide means to ensure information confidentiality (fully or partial). shall support a restricted form of PKI (local certificate store should be sufficient). should provide enforcement of appropriate security policies. 15/05/ AP4/SWIM TIM, Brussels

Model Driven Security Models for security of prototype –Trust relationships –Policies for information flow, access control, etc. 15/05/ AP4/SWIM TIM, Brussels

Security Framework (optional) shall allow to specify security policies shall support policy enforcement points (=agents) shall automatically generate low-level rules for enforcement points shall detect policy violations 15/05/ AP4/SWIM TIM, Brussels

Lifecycle The SWIM-SUIT prototype shall utilize a service for storage of user data and meta information. shall provide a trader service to register interest for entities fulfilling specified selection criteria (e.g. XQuery expressions). shall provide indications that the set of entities has changed that is relevant to a trader user (= trader service) shall provide mechanisms/services to map entity identities to the underlying publish/subscribe infrastructure and its descriptors (= mapping service) 15/05/ AP4/SWIM TIM, Brussels

Lifecycle Trader Service –Register queries to be updated when objects become relevant based on specified criteria Initial information about objects that fulfil criteria but are not updated at the moment (bootstrapping) Mapping Service –Map object identities to technical infrastructure (topics, etc.) 15/05/ AP4/SWIM TIM, Brussels

15/05/2008 AP4/SWIM TIM, Brussels 19 Evolution support Ensure support of evolution of both Services and Information Models –Show evolution paths using typical examples for Services Information Model(s)

Questions? Thank you for your attention! 15/05/2008 AP4/SWIM TIM, Brussels 20