Architecting Information Security Services for Federated Satellite Systems
This paper investigates the provision of information security services in federated satellite systems. The discussion is initiated by describing possible threats that the system faces, as well as the specific security services that have to be provided in order to mitigate them. Next, a set of five p...
| Main Authors: | , , , |
|---|---|
| Other Authors: | |
| Format: | Article |
| Published: |
American Institute of Aeronautics and Astronautics
2018
|
| Online Access: | http://hdl.handle.net/1721.1/114490 https://orcid.org/0000-0001-8230-5155 https://orcid.org/0000-0001-9438-9712 |
| _version_ | 1826205739950014464 |
|---|---|
| author | Sanchez Net, Marc Del Portillo Barrios, Inigo Cameron, Bruce Gregory Crawley, Edward F |
| author2 | Massachusetts Institute of Technology. Department of Aeronautics and Astronautics |
| author_facet | Massachusetts Institute of Technology. Department of Aeronautics and Astronautics Sanchez Net, Marc Del Portillo Barrios, Inigo Cameron, Bruce Gregory Crawley, Edward F |
| author_sort | Sanchez Net, Marc |
| collection | MIT |
| description | This paper investigates the provision of information security services in federated satellite systems. The discussion is initiated by describing possible threats that the system faces, as well as the specific security services that have to be provided in order to mitigate them. Next, a set of five primal security functions that a federated satellite system has to implement is defined, and an interaction state model is propose to characterize the security state when two federates are interacting with each other. Differences in these security states are then used to define the interaction state machine, which is a transition state diagram that can be used to rapidly identify which security functionality has to be provided in order to securitize an unreliable interaction. Finally, the interaction state model and interaction state machine are applied in a multihop setting where information is relayed through multiple federated satellite system participants. Based on this discussion, the concept of best-effort versus guaranteed services is defined as applied to the context of federated satellite systems and information security services. Their usefulness in architecting information security services is finally demonstrated through an illustrative example. |
| first_indexed | 2024-09-23T13:17:51Z |
| format | Article |
| id | mit-1721.1/114490 |
| institution | Massachusetts Institute of Technology |
| last_indexed | 2024-09-23T13:17:51Z |
| publishDate | 2018 |
| publisher | American Institute of Aeronautics and Astronautics |
| record_format | dspace |
| spelling | mit-1721.1/1144902022-09-28T13:16:42Z Architecting Information Security Services for Federated Satellite Systems Sanchez Net, Marc Del Portillo Barrios, Inigo Cameron, Bruce Gregory Crawley, Edward F Massachusetts Institute of Technology. Department of Aeronautics and Astronautics Massachusetts Institute of Technology. Institute for Data, Systems, and Society Sanchez Net, Marc Del Portillo Barrios, Inigo Cameron, Bruce Gregory Crawley, Edward F This paper investigates the provision of information security services in federated satellite systems. The discussion is initiated by describing possible threats that the system faces, as well as the specific security services that have to be provided in order to mitigate them. Next, a set of five primal security functions that a federated satellite system has to implement is defined, and an interaction state model is propose to characterize the security state when two federates are interacting with each other. Differences in these security states are then used to define the interaction state machine, which is a transition state diagram that can be used to rapidly identify which security functionality has to be provided in order to securitize an unreliable interaction. Finally, the interaction state model and interaction state machine are applied in a multihop setting where information is relayed through multiple federated satellite system participants. Based on this discussion, the concept of best-effort versus guaranteed services is defined as applied to the context of federated satellite systems and information security services. Their usefulness in architecting information security services is finally demonstrated through an illustrative example. 2018-03-30T21:03:44Z 2018-03-30T21:03:44Z 2016-11 2016-09 2018-03-19T11:54:26Z Article http://purl.org/eprint/type/JournalArticle 2327-3097 http://hdl.handle.net/1721.1/114490 Sanchez Net, Marc, Iñigo del Portillo, Bruce Cameron, and Edward F. Crawley. “Architecting Information Security Services for Federated Satellite Systems.” Journal of Aerospace Information Systems 14, no. 8 (January 2017): 439–450. https://orcid.org/0000-0001-8230-5155 https://orcid.org/0000-0001-9438-9712 http://dx.doi.org/10.2514/1.I010425 Journal of Aerospace Information Systems Creative Commons Attribution-Noncommercial-Share Alike http://creativecommons.org/licenses/by-nc-sa/4.0/ application/pdf American Institute of Aeronautics and Astronautics MIT Web Domain |
| spellingShingle | Sanchez Net, Marc Del Portillo Barrios, Inigo Cameron, Bruce Gregory Crawley, Edward F Architecting Information Security Services for Federated Satellite Systems |
| title | Architecting Information Security Services for Federated Satellite Systems |
| title_full | Architecting Information Security Services for Federated Satellite Systems |
| title_fullStr | Architecting Information Security Services for Federated Satellite Systems |
| title_full_unstemmed | Architecting Information Security Services for Federated Satellite Systems |
| title_short | Architecting Information Security Services for Federated Satellite Systems |
| title_sort | architecting information security services for federated satellite systems |
| url | http://hdl.handle.net/1721.1/114490 https://orcid.org/0000-0001-8230-5155 https://orcid.org/0000-0001-9438-9712 |
| work_keys_str_mv | AT sancheznetmarc architectinginformationsecurityservicesforfederatedsatellitesystems AT delportillobarriosinigo architectinginformationsecurityservicesforfederatedsatellitesystems AT cameronbrucegregory architectinginformationsecurityservicesforfederatedsatellitesystems AT crawleyedwardf architectinginformationsecurityservicesforfederatedsatellitesystems |