Accession Number:

ADA592006

Title:

Systemic Policy Compliance in a Multi-Jurisdictional Defence Program - Defence Suppliers Perspective

Descriptive Note:

Conference paper

Corporate Author:

EXOSTAR LLC HERNDON VA

Report Date:

2010-11-01

Pagination or Media Count:

22.0

Abstract:

Contemporary Aeronautical Defense AD programs require customers defense agencies and their suppliers to collaborate in environments that involve partners globally spread over the globe. In such a broad multi-jurisdictional environment, there is an increasingly critical need to ensure that all applicable information protection policies are enforced throughout the lifecycle of the programs, from concept to design, manufacturing, support and program end-of-life. These information protection policies come from multiple sources, such as national policy authorities, that define policies aimed to protect national security interests, export control policy authorities, that define policies aimed at controlling the export of sensitive goods and information to foreign countries, and corporate policy authorities, that define policies aimed at protecting corporation s intellectual properties. The Transglobal Secure Collaboration program TSCP, httpwww.tscp.org is a consortium that is formed by major industrial players that serve the aeronautical and defense sector, together with government organizations their customers. This consortium aims at developing governance, common operating rules and technical specifications that can be used to implement a scalable and interoperable collaboration capability that is compliant with the appropriate policies that govern such systems. In this context, the TSCP has to address a number of collaboration scenarios where information is protected, while allowing for efficient sharing. This paper focuses on some of the issues related to the automation of information protection enforcement, including the modelling of information protection policies, and the expressiveness required from authorization languages. Although this paper presents a solution framework that addresses the acquisition scenario, the solution framework presented in this paper is useful in other defense industry scenarios as well.

Subject Categories:

  • Computer Systems Management and Standards

Distribution Statement:

APPROVED FOR PUBLIC RELEASE