Enabling Dynamic Security Policy Evaluation for Service-Oriented Architectures in Tactical Networks

  • Vasileios Gkioulos Norwegian Information Security Laboratory, Gjøvik University College
  • Stephen Wolthusen Norwegian Information Security Laboratory, Gjøvik University College, Royal Holloway, UK


Tactical networks are typically a combination of wireless ad-hoc and mesh networks, with varying connectivity that may also suffer from temporary partitioning. The implemented mechanisms must provide secure and reliable communication and service delivery, across a wide range of possible network capabilities, structures and composing entities. Furthermore, the ability to compose services dynamically is highly desirable, as is the possibility of accessing services in temporarily available networks. The adoption of the Service Oriented Architecture paradigm has been recognized as a valuable solution towards the realization of the arising requirements. SOA allows the loose and dynamic coupling of services, implicitly also offering a degree of resilience where services can be substituted if a provider becomes unavailable. In this article we therefore explore the requirements and constraints of the implementation of the SOA paradigm over tactical networks. Aiming to dynamic security policies where policy decision and enforcement points can coincide and be distributed, also incorporating situational knowledge. To allow both (partial) pre-computation and dynamic evaluation of policies. Additionally, we provide a constrained ontology framework for the realization of dynamic security policies over this environment, based on the identified constraints.