Document-Based and Message-Centric Security Using XML Authentication and Encryption for Coalition and Interagency Operations

Different agencies and different nations are not able to securely communicate and share structured information due to differences in security policies and data formats. The current evolution of security and data policies is not solving this fundamental problem. Document-based message-centric XML security can provide satisfactory security within a diversified communications framework between traditional and nontraditional partners by utilizing existing Web standards for XML canonicalization, XML digital signature, XML compression and XML encryption. Vulnerabilities related to the exchange of cryptographic technologies are minimized by strictly adhering to open-standards technology. This approach thus resolves multi-partner trust challenges in regards to using another entitys equipment, software, or policy requirements through the proper adoption of standards-based structured data and alternative cryptographic algorithms. Exemplar results demonstrated in this thesis show that XML Security is a feasible approach for operations that include multiple agencies and coalition partners. Alternative solutions are also available using proprietary technologies, but such approaches lock participants into commercial contracts, prohibit distribution and provide suspect capabilities. Therefore, they cannot attain interagency or international acceptance. Such methods involve the use of unique or proprietary message formats with customized encryption and compression algorithms that are not available for broad scrutiny by open source communities. Closed approaches cannot gain group trust. This thesis specifically investigates XML standardization methods for various categories of unclassified data to provide secure information exchange among a wide audience, e.g. multi-agency task force or multinational coalition partners.