|
The objective of the policy management service is to provide system administrators with the ability to dynamically manage the system’s behavior without having to change its underlying service implementation. It provides a rich set of policy ontologies and tools that system administrators can use to manage their instance of the Cougaar system without specialized training. The objective of the adaptive engine is to ensure that the Cougaar system achieves adequate security without sacrificing other system goals. It is responsible for promoting a balance between function, reliability, performance, security, and other system objectives. In particular, it is responsible for ensuring that the system adapts to environmental changes, such as detection of cyber attacks, failures in system components, or changes in the system configuration. Whenever such changes occur, the service determines the best course of action and executes it. One course of action may be to change the system security policies. Another course of action may be to restarting a faulting component on another hardware platform. The objective of the preventive enforcers is to provide sound and comprehensive protection and authorization mechanisms to counter the cyber attacks. The services are implemented using security mechanisms such as identification and authorization protocols, encryption protocols, Java security mechanisms, firewalls, operating system security, and virtual private networks to prevent users from accessing unauthorized information. The objective of the monitoring and response (M&R) service is to adapt to a change in the threat environment. The service monitors for potential attacks and in the event of an attack, determines the best course of action and executes it. Possible course of actions include heightening its security posture (i.e., threat level), deploying more sensors and filters, disconnecting perceived attackers from accessing the system, migrating critical agents to more secure nodes. And then, once the attack has been thwarted, the M&R service can lower its security defense posture back to normal. |
|
Overview |
|
Welcome to the Cougaar Security Services project site. The security services for the Cougaar platform provide mechanisms to enable security in large-scale distributed agent-based applications. They allow Cougaar users and components to share sensitive data safely and effectively. The users and components have assurance that their computing environment is secure and does not allow unauthorized disclosure or modification of their data. |
|
Cougaar Security Services |
|
Adaptive security services for the Cougaar platform |
