ObjectSecurity, the leading solutions provider for secure information sharing in mission-critical industries today announced the very successful completion of the 2-year collaborative EU FP6 IST R&D project AD4. The purpose was to build a next-generation air traffic management system that provides integrated information from a variety of sources and includes innovative visualisation concepts.

ObjectSecurity was the security specialist for the project and worked on the secure communications infrastructure and security management, based on OpenPMF and SecureMiddleware. A number of flight data feeds were securely integrated from heterogeneous data sources, and a scalable integration architecture for a future pan-European integrated air traffic management system

There is a strong trend towards network centric and collaborative decision making in air traffic control and other industries today. The driver is that better, faster, and more accurate decisions are required, based on more information combined from many different sources in real-time. Both newly developed systems and legacy systems need to be integrated. A particularly important aspect of such collaborative environments is that information is integrated across different organisations, such as air traffic control agencies, weather agencies, airports etc. And information security is the critical enabler – without strong security, organisations will not open up their data systems to the outside. According to most national and international air traffic control organisations, airports, and defence agencies, information security plays the most critical role. This includes the protection of the core systems (especially from denial of service attacks and insider attacks) and of the communications. Collaborative information sharing between different organisations means that different security policies, different security levels, different existing security and middleware infrastructures, and different networks need to be integrated. Efficient and secure communications are critical.

ObjectSecurity’s technology suite has been specifically designed to meet all those needs. SecureMiddleware was used as an integration platform for rapid legacy wrapper and model-driven, component based application development; ObjectWall was used to protect the systems (also legacy applications) from security breaches while enabling interactions across domains. The complete distributed system was protected and monitored in real-time by using ObjectSecurity OpenPMF, a central policy management framework that allows expressive security and QoS policies to be specified in a unified representation from within a central management console. OpenPMF automatically enforces the policies locally on the underlying systems. The central graphical console reduces simplifies security administration and improves security effectiveness. Through an innovative modular plug-in model, practically any networked IT system to be protected (e.g. applications, middleware, operating systems, databases, firewalls). OpenPMF also protects against insider attacks because security can be controlled down to a very fine granularity and down to very small software entities both at domain boundaries and directly at the applications.

The project demonstrates that secure, large scale collaborative decision making systems even across domain boundaries are easy to implement using ObjectSecurity’s technologies.