Security Requirements for the Deployment of Services Across Tactical SOA [chapter]

Vasileios Gkioulos, Stephen D. Wolthusen
2017 Lecture Notes in Computer Science  
Service Oriented Architectures (SOA) have been identified as a suitable mediator towards the attainment of the requirements imposed by modern warfare. Earlier studies focused primarily on the strategic domain, or the adaptation of such systems to the requirements of the tactical domain. Yet, the underlying constraints are significantly different between the two, with direct impact both on security and quality of service. In this article we approach the security aspect of tactical SOA, focusing
more » ... n the specifics of the services while operating under the constrains and requirements of modern battlefields. Selected elements of our analysis within the project TACTICS are presented, as they have been utilized for the extraction of operational and technical requirements towards the development of a suitable tactical service infrastructure. NCW (Network Centric Warfare) paradigms within the domain of military networks, promoted the use of SOA for the attainment of these functionalities. However, the majority of existing SOA implementations have been developed focusing towards the enterprise domain, relying on infrastructures that can provide bandwidths of 100Mbits/sec or more on a permanent basis. Contrary to that, the common capacity of tactical networks is less that 1Mbits/sec, and they are deployed for short periods of time, while the common operational status is within the military VHF/UHF bands. Additionally to the use of an error-prone and constraint communication medium, mission (e.g. enforcement of radio silence) and terminal (e.g. computational capacity, buffer size, battery) related constraints can also impede communications. Thus, both message and service delivery cannot be guaranteed. Accordingly, our earlier studies [1-9] within the EDA (European Defence Agency) project TACTICS focused on the investigation of suitable techniques, for the deployment of such mechanisms across contemporary C2 (Command and Control) and C4I (Command, Control, Communication, Computers and Intelligence) systems. TACTICS, aims to enable NCW and NEC, through the integration of information sources, effectors and services. Under this scope, the overarching objective is the definition, development and demonstration of a Tactical Service Infrastructure (TSI) architecture compatible with the realistic constraints and requirements of contemporary military operations. The developed TSI must allow existing tactical radio networks to participate in a core SOA infrastructure, while providing and consuming a set of required functional services. Additionally, the TSI must provide robust and efficient information transport within the tactical domain, but also to and from the strategic domain. Maintaining a distinction between the information resources and the services (as the means to process information), is crucial for the attainment of security requirements in the environment of tactical SOA. Thus, in this article we focus on the services as the core element of TSI, presenting selected elements of our study, towards the extraction of corresponding operational and technical requirements for their development. The selected methodology allowed the identification of assets, threats and security requirements, according to tactical scenarios, developed based on contemporary and future operational perspectives from the participating member states (non-disclosed). This allowed the extraction of operational and technical requirements, for the development of the TSI architecture with increased security related impact. Under this scope, risks have been assessed according to three evaluation criteria. These refer to the strategic value of the involved information assets, the criticality of the underlay information management services and the attainment of corresponding protection goals. The remainder of this paper is structured as follows. Section 2 introduces related work. Sections 3 and 4 present the assets, and direct or transitive threats that emerged from the analysis of the aforementioned scenarios. Finally, sections 5 and 6 highlight the identified operational and technical requirements for the development of services within tactical SOA.
doi:10.1007/978-3-319-65127-9_10 fatcat:aymztd2bqna4veypv7xqjku4pq