CAPSA: Controlling Access using Proximity-focused Semantic Analysis
Small Business Information
215 Wynn Dr., 5th Floor, Huntsville, AL, -
AbstractABSTRACT: Establishing adequate access controls that limit access to information without adversely denying access is critically needed by our warfighters in today"s complex battlefield environment. To address this need, CFDRC is proposing an innovative method called CAPSA (Controlling Access using Proximity-focused Semantic Analysis) for granting access based on a warfighters proximity to information. By leveraging CFDRC"s existing technology for numerically quantifying information relevance using fuzzy logic techniques based on the semantic web, CAPSA will provide a flexible method of determining proximity. CAPSA avoids a ridged definition of proximity, allowing it to identify proximity beyond the spatial, organizational, and operational realms. During Phase I, CFDRC will create an initial version of CAPSA based on its existing semantic-based technology to demonstrate the feasibility of this approach. At the end of Phase I, CFDRC will conduct a security analysis on CAPSA to confirm its security and its ability to detect insider threats. In Phase II, CAPSA will be expanded and optimized to utilize more proximity information available in various military systems and demonstrate scalability to the Global Information Grid (GIG). BENEFIT: The Air Force will greatly benefit from a proximity-based access control solution like CAPSA that provides a new dimension to access control. Additionally, CAPSA"s semantic-based approach to numerically quantifying proximity provides a more flexible, data-driven approach that other proximity-based access control solutions do not provide. Any military IT system, especially those using Role-Based Access Control (RBAC), can benefit from the CAPSA technology since it provides an extra dimension (proximity) of access control. Additionally, the CAPSA technology can help identify insider threats by their complete lack of proximity to information. Due to the semantic-based approach to determining proximity, detecting insider threats will have very low false positives since CAPSA can detect hidden connections between the individual and the information they are attempting to access. Commercial institutions will also benefit from the CAPSA technology and its ability to reduce the maintenance cost of access control. By using its data-driven approach, CAPSA can eliminate the manual process of defining and updating user"s roles and attributes. Therefore, CAPSA will result in better and automated access control while providing a cost savings to the organization.
* information listed above is at the time of submission.