Quality of Information Services for Trusted Service Oriented Architecture Systems
Small Business Information
215 Wynn Dr., 5th Floor, Huntsville, AL, -
Sr. Software Engineer
Sr. Software Engineer
AbstractABSTRACT: Operating in a Service-Oriented Architecture (SOA) environment is risky because there is limited ability to gauge information"s trust level. Existing solutions track information pedigree, but do not consider other prerequisites to trust. This project proposes to build METSI (Metadata Establishing Trust in SOA-based Information) to quantify trust using six Quality of Information (QoI) metrics and an overall QoI Rating. Warfighters use the QoI Rating as an overview to information"s trust, and use the individual QoI metrics to evaluate trust based on what aspects are important to them. METSI will build upon CFDRC"s existing DINES technology which provides data integrity protection to both information and metadata in SOA environments allowing METSI to protect against insider threats that maliciously alter trust in information. In Phase I, a prototype will be developed and tested in a representative SOA environment. To show feasibility, different types of SOA services across multiple different domains will use METSI to quantify the trust in information. We will also conduct a performance assessment of METSI to demonstrate its minimal storage and bandwidth requirements. During Phase II, the QoI metrics will be expanded and the revised prototype will be tested for scalability and robustness against insider threats and external attackers. BENEFIT: The SOA-based trust management solution developed under this project, called METSI (Metadata Establishing Trust in SOA-based Information), will be greatly beneficial to the Air Force and the rest of DoD by providing a Quality of Information (QoI) Rating that provides an overview of how much trust should be placed in SOA information. This QoI Rating will be based on six independent QoI metrics that quantify six different aspects of trust of information. Individual warfighters will use these QoI metrics to make their own determination of trust based on which aspects of trust are most important to them. During Phase II, CFDRC will work with prime contractors currently providing SOA solutions to the Air Force to design the prototype to operate in a SOA environment representative of Air Force networks. In Phase III, CFDRC will work with prime contractors to incorporate the METSI technology into existing SOA product lines. In addition to incorporating METSI into military SOA environments, CFDRC will also market and deploy the technology to healthcare IT providers. During Phase II, CFDRC will market the METSI technology and its ability to protect the integrity of both information and metadata to IT service providers that manage electronic health records. At the end of the Phase II effort, CFDRC will demonstrate the METSI technology to these service providers to demonstrate the benefits of data integrity and trust of information in service-oriented networks such as electronic health records. During Phase III, CFDRC will partner with a healthcare IT provider to deploy the METSI technology into their electronic health record services to quantify the trust in the health records and protect their integrity against accidental modification.
* information listed above is at the time of submission.