SMASHUP: A Formal Framework for Secure Mashups

Award Information
Agency:
Department of Defense
Branch
Air Force
Amount:
$99,997.00
Award Year:
2010
Program:
SBIR
Phase:
Phase I
Contract:
FA8750-10-C-0090
Award Id:
97150
Agency Tracking Number:
F093-038-0298
Solicitation Year:
n/a
Solicitation Topic Code:
AF 09-038
Solicitation Number:
n/a
Small Business Information
709 South Harbor City Blvd., Suite 400, Melbourne, FL, 32901
Hubzone Owned:
N
Minority Owned:
N
Woman Owned:
N
Duns:
130550262
Principal Investigator:
MarkHeileman
VP Advanced Programs
(321) 473-1420
mheileman@modusoperandi.com
Business Contact:
PeterDyson
CEO
(321) 473-1444
pdyson@modusoperandi.com
Research Institute:
n/a
Abstract
The recent development of mashup technologies now enables users to easily collect, integrate, and display data from a vast array of different information sources available on the Internet. The ability to harness and leverage information in this manner provides a powerful means for discovering links between information, and greatly enhances decision-making capabilities. The availability of such services in a Department of Defense (DoD) environment will provide tremendous advantages to the decision-makers engaged in analysis of critical situations, rapid-response, and long-term planning scenarios. However in the absence of mechanisms for managing the validity, provenance, integrity, and usage control over the manner in which mashups are performed, any mashup service in a DoD environment also opens up significant security vulnerabilities to insider threat and accidental leakage of confidential information, just to name a few. In this research project, we will develop a framework that will allow integration via mashups of content from various data sources in a secure manner. The framework will be based on mathematical logic by means of which data units will be wrapped in policies that will provide rules over the manner in which information is collected, aggregated, and rendered in different environments. BENEFIT: The anticipated benefits resulting from this project to provide an end user computing environment that allows Warfighters to aggregate content from multiple DoD sources using Web 2.0 technologies in a provably assured manner are: (a) helps prevent security vulnerabilities such as insider threat and accidental leakage of confidential information; (b) overcomes obstacles to access of wider-ranging data sources and feeds; (c) extends the reach of legacy services (i.e., Net-Centric Data Strategy); and (d) helps users securely solve new problems "on the fly." The potential to apply this work to commercial opportunities is easy to see. The framework is applicable in any end user computing environment where mashups are needed. Therefore much of our work in secure mashups should translate naturally to commercial settings.

* information listed above is at the time of submission.

Agency Micro-sites


SBA logo

Department of Agriculture logo

Department of Commerce logo

Department of Defense logo

Department of Education logo

Department of Energy logo

Department of Health and Human Services logo

Department of Homeland Security logo

Department of Transportation logo

Enviromental Protection Agency logo

National Aeronautics and Space Administration logo

National Science Foundation logo
US Flag An Official Website of the United States Government