project | people | ||
---|---|---|---|
NATO_ABAC |
|
The successful operation of NATO missions requires the effective and secure sharing of information among coalition partners and external organizations, while avoiding the disclosure of sensitive information to unauthorized users. To resolve the conflict between confidentiality and availability in a dynamic coalition and network environment while being able to dynamically respond to changes in protection requirements and release conditions, NATO is developing a new information sharing infrastructure called the NATO High Assurance ABAC Guard (HAAG for short).
In this project, we develop the Content-based Protection and Release (CPR) access control model for the HAAG by defining a declarative specification language for CPR based on the first-order logical framework underlying a class of efficient theorem-proving tools, called Satisfiability Modulo Theories (SMT) solvers, and showing how they can support answering authorization queries together with policy analysis to help policy designers and administrators.
The project is developed in collaboration with NATO Communications and Information Agency (NCIA in the major location of The Hague, The Netherlands).