The Security Services provide code, transport, and service security in the Openwings
framework. The basic strategy for implementing Openwings security is to use existing
security technology to achieve secure systems. Openwings focuses on transport, code, and
service security as solutions exist for platform and network security already. This
document covers all aspects of security including authorization, authentication,
confidentiality, integrity, attack detection, and attack response.
Key functionality/requirements for Security Services
- The security services provide for a generic security mechanism that will allow
implementations for different levels of security oriented towards commercial, military,
and international systems.
- The security services will support Multiple Security Levels (MSL). Ideally the security
services will allow MSL to operate in the same platform simultaneously.
- Military security implementations will comply with the Common Criteria and ARS 380-19.
- Commercial security implementations will comply with the Common Criteria and FIPS 140.
- The security services provide network, platform, and service security to an Openwings
system.
- Security services provide the authentication/authorization mechanism for users and
executables.
- Security services provide data confidentiality and integrity.
- Security Services provide auditing and automated audit analysis.
- Security Services provide attack detection and counter measures.
Documentation and Tutorials
Security Services Specification (Coming Soon)
Security Services JavaDoc Documentation (Coming Soon)
