Architecting Information Security Services for Federated Satellite Systems

Abstract

This paper investigates the provision of information security services in federated satellite systems. The discussion is initiated by describing possible threats that the system faces, as well as the specific security services that have to be provided in order to mitigate them. Next, a set of five primal security functions that a federated satellite system has to implement is defined, and an interaction state model is propose to characterize the security state when two federates are interacting with each other. Differences in these security states are then used to define the interaction state machine, which is a transition state diagram that can be used to rapidly identify which security functionality has to be provided in order to securitize an unreliable interaction. Finally, the interaction state model and interaction state machine are applied in a multihop setting where information is relayed through multiple federated satellite system participants. Based on this discussion, the concept of best-effort versus guaranteed services is defined as applied to the context of federated satellite systems and information security services. Their usefulness in architecting information security services is finally demonstrated through an illustrative example.