Technologies for federation and interoperation of coalition networks
Abstract
When data from two or more coalition members is used in a joint mission, the flow of any information over the respective networks must be tightly controlled. Data sent over the networks would be routed through nodes that should enforce policies concerning: what information about each coalition member's assets will be exchanged with other coalition members; who, with what authentication, and under what conditions can access the information, and in what form it can be provided. We discuss the requirements of such a policy-enabled federated network, in which any node could be responsible for enforcement of all policies applicable to it and the data that flows through it. We describe the high-level architecture of the system currently under development, and the design trade-offs that were made to balance ease of deployability and flexibility in policy enforcement. We also present our initial implementation with performance evaluation results that showcase its applicability to the scenario considered. ©2009 ISIF.