nasa use cases for secure service oriented architectures to support geoss karen moe nasa earth...

NASA Use Cases for Secure NASA Use Cases for Secure Service Oriented Architectures Service Oriented Architectures

to Support GEOSSto Support GEOSS

Karen MoeNASA Earth Science Technology Office

CEOS WGISS-28CSIR, Pretoria, South Africa

28 September 2009

WGISS-27 Security Recommendations

• What are GEOSS security needs for interoperability? Describe levels of security needs in user scenarios, capture in ‘white paper’ from WGISS-27 session– Sensor web pilots– Grid processing pilots– Portal pilots

• Facilitate working session with security experts within agencies to resolve way forward

• POC Michael Burnett

page 3

Motivation

• As SOA and web services are new – • Pro-actively work with agency office

responsible for cyber-security• Enable web services in systems with

firewall security mechanisms• Determine nature of the end users and

associated risks• Bottom line: Protect assets – data,

processors, sensors

page 4

NASA Activities for Secure SOA

• A collaboration between NASA’s Earth Science and Constellation programs was initiated in July 2009

• Each program will independently assess needs for secure access to data and web services

• A joint session will seek common security drivers and identify program-unique drivers (if any)

• Results to be presented to NASA CIO this fall

page 5

SOA Security Needs - Approach

• A small Earth science team was established to address web service and sensor web security implications for – Science data operations– Data acquisition / sensor webs

• Team members will develop use cases to address “80%” of the needs (more typical cases to be captured) initially focusing on– Authentication– Authorization

page 6

Earth Science Use Cases

• ECHO data services• UAH / MSFC public server to invoke web

services• JPL / GSFC data service to control

computing resources needed to deliver services

• GSFC EO-1 satellite pre-planned sensor web services with external organizations

• ARC Ikhana / Global Hawk UAV user operations registration for field campaigns

page 7

Next Steps

• Collect use cases• Review with Constellation • Present to NASA CIO