Automate Ontological Representation of security classification guides
Small Business Information
3 Sigma Research, Inc.
503 S. River Oaks Dr., Indialantic, FL, -
Senior Principal Engineer
Senior Principal Engineer
Abstract3 Sigma Research proposes to develop and implement an innovative prototype and demonstrate a suite of tools to assist with the automated creation of security classification guides and application of the guide in classifying information. Building on the research from the Phase I Ontology-based Security Classification Guide Investigation (OSCG-I), the prototype will show that a robust and accurate ontological approach can indeed overcome the complex issues related to this problem, and instead become an opportunity. Phase I focused on two areas of feasibility, 1) development of approaches for specifying a formal ontological open standard for the information contained in a security classification guide (SCG), including security classification rules, and validating the consistency whether a single, or multiple, ontology-based SCGs apply to a given situation, and 2) tools to facilitate and automate creation of SCG and the inherent security classification rules. Phase II will focus on building an enhanced prototype suite of tools to demonstrate the benefits of automated SCG creation and maintenance to provide more rapid and agile responses to dynamic environments. BENEFIT: Our advantage over existing methods is that OSCG assists users in the creation, maintenance, and application of security classification management through the entire SCG lifecycle. This will result in increased efficiency, lower cost, and most importantly increased security. Since the ontology captures the relationships among the SCG component items, the OSCG system automatically checks for consistency within the SCG by capturing SCG components using a formally defined and verifiable ontology. Another advantage to our approach is reusability. Many SCGs have relationships and references that are similar within a hierarchy of security regulations. Our approach, further developed in Phase II, allows existing security classification regulations and documents to be easily incorporated into new SCGs. This reuse capability, along with consistency validation, will help ensure that existing and validated regulations are incorporated and propagated correctly during the SCG lifecycle. We can envision this approach as a strong complement to cross-domain solutions. Above any other benefit is that, wherever warfighters are, secure information at the right level of detail and appropriately accessed or disseminated can greatly increase the efficiency of their activities.
* information listed above is at the time of submission.