Trusted Global Supply Chain Architecture 2010
-
Upload
dlowery9327 -
Category
Documents
-
view
219 -
download
0
Transcript of Trusted Global Supply Chain Architecture 2010
-
8/14/2019 Trusted Global Supply Chain Architecture 2010
1/7
Enterra Solutions 2005 - 2010 All Rights ReservedProprietary and Confidential
SecureInformationSharingforaGlobalSupplyChainTechnicalOverviewJanuary2010
703.626.6678(c)703.592.6678
mailto:[email protected]:[email protected] -
8/14/2019 Trusted Global Supply Chain Architecture 2010
2/7
1
Enterra Solutions, 2010 All Rights Reserved PROPRIETARY AND CONFIDENTIAL
Background
ABAC concepts are mature and have been implemented invarious commercial products
XACML is an open industry-based standard to implementsecurity controls
Enterras ABAC framework uses XACML and addsinformation sharing policy compliance for proprietary data tobalance and de-conflict controls with sensitive information
requirements. Industry Standards like ISO 28000 and Federal policies like
the Safe Port Act, Patriot Act, Cyber Security Act (draft), andC-TPAT have security controls that can be met using an
ABAC framework while protecting proprietary information.
Enterras framework adapts to the situation and dynamicallymanages the security rules with a semantic reasoner
1
-
8/14/2019 Trusted Global Supply Chain Architecture 2010
3/7
2
Enterra Solutions, 2010 All Rights Reserved PROPRIETARY AND CONFIDENTIAL
Transportation Law
Enforcement
PortAuthorities
HomelandSecurity
Shippers
Operators
Operators
Billing and Receiving
Billing and Receiving
Warehouses
Warehouses
Inspectors
Inspectors
Drivers
Drivers
First Responders
First Responders
Federal
State, Local, Tribal
Foreign Partners
Private Sector
Supply Chain I nformationas it relates to Security
ABAC Enables Secure Information Exchange with Partners AcrossDifferent Data and System Resources
ABAC keys enables informationsharing internal and external
-
8/14/2019 Trusted Global Supply Chain Architecture 2010
4/7
3
Enterra Solutions, 2010 All Rights Reserved PROPRIETARY AND CONFIDENTIAL
ABAC Lowers Administration and Configuration Management Costs
3
Systems Devices Applications
Security Policies
TomorrowWith ABAC
Today Without ABAC
-
8/14/2019 Trusted Global Supply Chain Architecture 2010
5/7
4
Enterra Solutions, 2010 All Rights Reserved PROPRIETARY AND CONFIDENTIAL
C&A
XYZ COMPANY
SAFE Port, NIST 800Series, CIP controls
Laws, agency policy,Directives, etc.
Business Rules Activity diagram foranalysts, admin, etc.
Codify XML Process
CIP
HSPDs
Rules Library
Customized Access Management InterfacesBusiness ProcessIntegration
Transportation LawEnforcement
PortAuthorities
HomelandSecurity
Shippers
Federal
State, Local, Tribal
Foreign Partners
Private Sector
Terrorism, HomelandSecurity, and Law
Enforcement Informationas it relates to Terrorism
Project Overview for ABAC
-
8/14/2019 Trusted Global Supply Chain Architecture 2010
6/75 Enterra Solutions, 2010 All Rights Reserved PROPRIETARY AND CONFIDENTIAL
Notional Scenario for Ports and Harbors
5
CCTV
ManagementSystems
TruckingSchedule
Trucksareneararrival
Information
Sharing RulesInformation Access Rules
Real Events
-
8/14/2019 Trusted Global Supply Chain Architecture 2010
7/76 Enterra Solutions, 2010 All Rights Reserved PROPRIETARY AND CONFIDENTIAL
TSA Terminals Truck & RailPorts
All views into thetrusted supply chaindata are driven by the
rules to access,manage, and use
knowledge in context
of the situation
Time and Location
Represents different user rule sets (compliance, performance, security)
USN USCGNorthComCustoms
Shared Maritime Domain Awareness
Intel AIS
Global Supply Chain Thinking is a Requirement to Be Resilient
6
Shippers
Supplier/Factory
ConsolidatorCenter
RoadTransport
Port ofLoading
VesselDestination
PortRoad
Transport
De-consolidator
Center
ImporterDistribution
Center