Web Service Security in an Air C2 System.

摘要

With the development in information and network technologies, more systems began to be connected to each other in a network environment and interoperability between them became a crucial requirement. In order to achieve this interoperability, systems should be adapted to more net-centric solutions where the information is shared, rather than stovepipe approaches where the information is for local use only. Although net-centric solutions require sharing the information among different systems in the enterprise, this information should be shared with the trusted parties only but not to every system in the network. Therefore there should be enterprise level security mechanisms which ensure that information is securely shared among the providers and consumers. This is one of the most important criteria to meet for the utilization of network enabled capability in a trusted manner. This paper will focus on the experiences of NC3A C2 team from its Network-Enabled Capability (NEC) studies with the Integrated Command and Control (ICC) capability and will aim to share the lessons learned with the community especially related to the security issues.