Trusted Global Supply Chain Architecture 2010

8/14/2019 Trusted Global Supply Chain Architecture 2010

1/7

Enterra Solutions 2005 - 2010 All Rights ReservedProprietary and Confidential

SecureInformationSharingforaGlobalSupplyChainTechnicalOverviewJanuary2010

[email protected]

703.626.6678(c)703.592.6678
mailto:[email protected]:[email protected]


2/7

1

Enterra Solutions, 2010 All Rights Reserved PROPRIETARY AND CONFIDENTIAL

Background

ABAC concepts are mature and have been implemented invarious commercial products

XACML is an open industry-based standard to implementsecurity controls

Enterras ABAC framework uses XACML and addsinformation sharing policy compliance for proprietary data tobalance and de-conflict controls with sensitive information

requirements. Industry Standards like ISO 28000 and Federal policies like

the Safe Port Act, Patriot Act, Cyber Security Act (draft), andC-TPAT have security controls that can be met using an

ABAC framework while protecting proprietary information.

Enterras framework adapts to the situation and dynamicallymanages the security rules with a semantic reasoner

1


3/7

2


Transportation Law

Enforcement

PortAuthorities

HomelandSecurity

Shippers

Operators

Operators

Billing and Receiving

Billing and Receiving

Warehouses

Warehouses

Inspectors

Inspectors

Drivers

Drivers

First Responders

First Responders

Federal

State, Local, Tribal

Foreign Partners

Private Sector

Supply Chain I nformationas it relates to Security

ABAC Enables Secure Information Exchange with Partners AcrossDifferent Data and System Resources

ABAC keys enables informationsharing internal and external


4/7

3


ABAC Lowers Administration and Configuration Management Costs

3

Systems Devices Applications

Security Policies

TomorrowWith ABAC

Today Without ABAC


5/7

4


C&A

XYZ COMPANY

SAFE Port, NIST 800Series, CIP controls

Laws, agency policy,Directives, etc.

Business Rules Activity diagram foranalysts, admin, etc.

Codify XML Process

CIP

HSPDs

Rules Library

Customized Access Management InterfacesBusiness ProcessIntegration

Transportation LawEnforcement

PortAuthorities

HomelandSecurity

Shippers

Federal

State, Local, Tribal

Foreign Partners

Private Sector

Terrorism, HomelandSecurity, and Law

Enforcement Informationas it relates to Terrorism

Project Overview for ABAC


6/75 Enterra Solutions, 2010 All Rights Reserved PROPRIETARY AND CONFIDENTIAL

Notional Scenario for Ports and Harbors

5

CCTV

ManagementSystems

TruckingSchedule

Trucksareneararrival

Information

Sharing RulesInformation Access Rules

Real Events


7/76 Enterra Solutions, 2010 All Rights Reserved PROPRIETARY AND CONFIDENTIAL

TSA Terminals Truck & RailPorts

All views into thetrusted supply chaindata are driven by the

rules to access,manage, and use

knowledge in context

of the situation

Time and Location

Represents different user rule sets (compliance, performance, security)

USN USCGNorthComCustoms

Shared Maritime Domain Awareness

Intel AIS

Global Supply Chain Thinking is a Requirement to Be Resilient

6

Shippers

Supplier/Factory

ConsolidatorCenter

RoadTransport

Port ofLoading

VesselDestination

PortRoad

Transport

De-consolidator

Center

ImporterDistribution

Center

Trusted Global Supply Chain Architecture 2010

Documents

Transcript of Trusted Global Supply Chain Architecture 2010