Proc. SPIE. 9096, Open Architecture/Open Business Model Net-Centric Systems and Defense Transformation 2014
KEYWORDS: Defense and security, Unmanned aerial vehicles, Control systems, Information technology, Plasma display panels, Probability theory, Social networks, Systems modeling, Information security, Computer security
Service Oriented Architecture (SOA) has enabled open-architecture integration of applications within an enterprise. For net-centric Command and Control (C2), this elucidates information sharing between applications and users, a critical requirement for mission success. The Information Technology (IT) access control schemes, which arbitrate who gets access to what information, do not yet have the contextual knowledge to dynamically allow this information sharing to happen dynamically. The access control might prevent legitimate users from accessing information relevant to the current mission context, since this context may be very different from the context for which the access privileges were configured. We evaluate a pair of data relevance measures – proximity and risk – and use these as the basis of dynamic access control. Proximity is a measure of the strength of connection between the user and the resource. However, proximity is not sufficient, since some data might have a negative impact, if leaked, which far outweighs importance to the subject’s mission. For this, we use a risk measure to quantify the downside of data compromise. Given these contextual measures of proximity and risk, we investigate extending Attribute-Based Access Control (ABAC), which is used by the Department of Defense, and Role-Based Access Control (RBAC), which is widely used in the civilian market, so that these standards-based access control models are given contextual knowledge to enable dynamic information sharing. Furthermore, we consider the use of such a contextual access control scheme in a SOA-based environment, in particular for net-centric C2.
IP-based routing for military LEO/MEO satellite ad hoc networks is very challenging due to network and traffic heterogeneity, network topology and traffic dynamics. In this paper, we describe a traffic priority-aware routing scheme for such networks, namely Dynamic Autonomous Routing Technology (DART) for satellite ad hoc networks. DART has a cross-layer design, and conducts routing and resource reservation concurrently for optimal performance in the fluid but predictable satellite ad hoc networks. DART ensures end-to-end data delivery with QoS assurances by only choosing routing paths that have sufficient resources, supporting different packet priority levels. In order to do so, DART incorporates several resource management and innovative routing mechanisms, which dynamically adapt to best fit the prevailing conditions. In particular, DART integrates a resource reservation mechanism to reserve network bandwidth resources; a proactive routing mechanism to set up non-overlapping spanning trees to segregate high priority traffic flows from lower priority flows so that the high priority flows do not face contention from low priority flows; a reactive routing mechanism to arbitrate resources between various traffic priorities when needed; a predictive routing mechanism to set up routes for scheduled missions and for anticipated topology changes for QoS assurance. We present simulation results showing the performance of DART. We have conducted these simulations using the Iridium constellation and trajectories as well as realistic military communications scenarios. The simulation results demonstrate DART’s ability to discriminate between high-priority and low-priority traffic flows and ensure disparate QoS requirements of these traffic flows.
We present an integrated telemetry data link and network architecture system solution, developed by Mayflower for the
Air Force, AFFTC, Edwards AFB, CA, based on third generation UMTS cellular standards. The data link, called COTS
Affordable Data Link System (CADLS), accommodates high mobility user applications typical of tactical fighter
aircraft. The data network, called Telemetry/TSPI Data Network (TDN), uses enhancements such as a multi-tiered
network protocol structure to provide flexible IP-based transport, work with multiple air interface protocols,
accommodate test platform mobility, and integrate seamlessly with unified infrastructure such as Test and Training
Enabling Architecture (TENA). The end-to-end CADLS/TDN datalink network system, described in this paper, is a 2-
way, asymmetric IP-based wireless network system, and as such it is a potential candidate technology to support the
DoD CETIP integrated Network Enhanced Telemetry (iNET) project. The integrated CADLS/TDN system is at an
advanced stage of prototype development. We present the integrated CADLS/TDN system architecture, its features and
capabilities, and the laboratory prototype developed under the Air Force program.
Inefficient use of network resources on the battlefield is a serious liability: if an asset communicates with the network command for data-a terrain map, for instance-it ties up the end-to-end network resources. When many such assets contend for data simultaneously, traffic is limited by the slowest link along the path from the network command to the asset. A better approach is for a local server, known as an infostation, to download data on an anticipated-need basis when the network load is low. The infostation can then dump data when needed to the assets over a high-speed wireless connection. The infostation serves the local assets over an OFDM-based wireless data link that has MIMO enhancements for high data rate and robustness. We aim for data rate in excess of 100 Mbps, spectral efficiency in excess of 5 bits/sec/Hz, and robustness to poor channel conditions and jammers. We propose an adaptive physical layer that determines power levels, modulation schemes, and the MIMO enhancements to use based on the channel state and the level of interference in the system. We also incorporate the idea of superuser: a user who is allowed preferential use of the high data rate link. We propose a MAC that allows for this priority-based bandwidth allocation scheme. The proposed infostation MAC is integrated tightly with the physical layer through a cross-layer design. We call the proposed infostation PHY, MAC, and network technology, collectively, as the Mobile Infostation Network Technology (MINT).