Solution

Government Open Source Access Control—Next Generation (GOSAC-N) provides the Department of Defense (DoD) and Intelligence Community (IC) with a deployable, ABAC reference implementation. Additionally, ABAC provides programs or records (PORs) with a platform for ABAC demonstration, testing, and open standards based interoperability.

GOSAC-N furnishes a mechanism for DoD, IC and federal customers to incorporate best-of-breed commercial Open Source Software (OSS), as well as providing a model for extending components to comply with ABAC requirements such as those portrayed in the Defense Information Systems Agency’s (DISA’s) ABAC Engineering Blueprint.

GOSAC-N is a solution composed of the following elements:

  • XACML 2.0 and 3.0 Compliant Policy Decision Service (PDS)
  • Policy Service (PS)
  • Attribute Service (AS)
  • Policy Graphical User Interface (GUI) Service
  • PDS Interface for support of open standards based Policy  Enforcement Points (PEPs). Various PEPs are also included (see Services & Offerings).
  • Policy Administration Point (PAP) Widgets utilizing the Ozone Widget Framework (OWF).

One of the most interesting elements of GOSAC-N is its mutually beneficial relationship to Government Open Source (GOS). GOSAC-N will not only provide a valuable ABAC RI to the DoD/IC community, it will also leverage GOS components. Considering the case of ABAC GUIs, OWF provides an out-of-the-box (via Forge.mil) standards-based mechanism for the creation of Web 2.0 GUIs and Dashboards.

Widgets are micro-applications that perform a specific task. Special purpose widgets can be created for specific ABAC tasks, such as policy administration, and then shared throughout the DoD/IC community by using the DoD Storefront. These interoperable widgets can be displayed in Web 2.0 Dashboards like NSLDSS, portals, Microsoft SharePoint 2010, and mobile devices.