Proximity-Based Access Control

Award Information
Agency: Department of Defense
Branch: N/A
Contract: FA8750-13-C-0190
Agency Tracking Number: F131-034-1906
Amount: $149,993.00
Phase: Phase I
Program: SBIR
Awards Year: 2013
Solicitation Year: 2013
Solicitation Topic Code: AF131-034
Solicitation Number: 2013.1
Small Business Information
232 East Java Drive, Sunnyvale, CA, -
DUNS: 797735883
HUBZone Owned: N
Woman Owned: N
Socially and Economically Disadvantaged: N
Principal Investigator
 Gerardo Pardo-Castellote
 (408) 990-7471
Business Contact
 Catherine Mekler
Title: VP Operations
Phone: (408) 990-7422
Research Institution
ABSTRACT: The focus of this effort is to develop a standards-based"proximity-based access control"(PBAC) mechanism that goes beyond (yet leverages) traditional Attribute/Role Based Access Control (ABAC/RBAC) approaches. We propose to develop an innovative, generic PBAC architecture, leveraging several reference technologies: (1) ObjectSecurity"s OpenPMF model-driven security policy automation technology, which allows the flexible authoring and management of human-understandable, generic policies in models and the automatic generation of the technical ABAC enforcement, and (2) OpenPMF"s ABAC features for fine-grained, contextual access enforcement across distributed, interconnected software applications, and (3) our TRL 9 standards-based RTI DDS data-centric publish-subscribe middleware as a flexible application platform to showcase our PBAC solution. By using a model-driven security approach integrated with the state-of-the art DDS middleware we can automate much of the PBAC policy management, and can produce novel, highly useful proximity attributes (e.g. business process centric proximity, data-distribution centric proximity etc.). RTI and Object Security are uniquely qualified to deliver and support this framework. RTI is the leading vendor of DDS middleware and has extensive experience with sensor fusion, defense networks, and supporting TRL 9 technology in mission-critical applications. ObjectSecurity has been the leading provider of model-driven security technologies for access control for over 10 years. BENEFIT: The benefits of a mature proximity-based access control capability will be significant -- both because it can expose information to those who might need it, and because it will keep whose without a need to know from accessing it. This measurably improves upon current approaches (attribute-based, and role-based) by adding much finer-grained information access control than exists today. Military, Intelligence Community, and Commercial Markets that focus on the dissemination of, and controlled access to, information will be able to leverage this technology.

* Information listed above is at the time of submission. *

Agency Micro-sites

SBA logo
Department of Agriculture logo
Department of Commerce logo
Department of Defense logo
Department of Education logo
Department of Energy logo
Department of Health and Human Services logo
Department of Homeland Security logo
Department of Transportation logo
Environmental Protection Agency logo
National Aeronautics and Space Administration logo
National Science Foundation logo
US Flag An Official Website of the United States Government