We propose a study to assess the feasibility and efficacy of using a COTS solution to provide data level Attribute-Based Access Control (ABAC) in an integrated Battle Management Aid data lake to expose the data available to developers for reuse while maintaining proper security boundaries for the software applications to protect intellectual property rights of all developers. Currently, the government has an urgent and expensive need to enhance developer collaboration in mixed government and non-government-controlled environments. As such, our analysis intends to assess the technical feasibility of sharing across BMAs and applications in near-real time. This Phase I Small Business Innovation Research (SBIR) proposal presents our research plan to determine future courses of action and best practices to enhance Back End Data Lake and Microservices (BEDLAM) strategy for Battle Management Aid development.
Benefit: The research and development of an industry-standards compliant and best-of-breed back-end data lake and appropriate microservices (BEDLAM) solution will provide the Navy with the ability to eliminate duplicative storage of data, eliminate duplicative data requests, and unify a single repository for all relevant data for the Navys DevSecOps environment. The BEDLAM solutions fine-grained data tagging with access controls is key to convince developers that their intellectual property rights are being appropriately protected and helps to empower the Navy to finally compel those developers to develop in the Navys DevSecOps environment. The BEDLAM solutions bulk data transformation capability in addition to the fine-grained data access control allows the Navy to push the right data in the right format to the right applications with the right IP-protections at the right time. With this powerful BEDLAM capability proven out in a first use case, the Navy could commoditize the offering as a government furnished software to other Navy developer teams, other Service Branches, or uniquely protect mixed sensitivities of data on more classified networks; eg. Top Secret developers developing on JWICS with fine-grained data access controls enforcing the appropriate SCI handling caveats in that data environment.
Keywords: identity management, identity management, microservices, Data Lake, Attribute-Based Access Control, Access Control, ABAC, feasibility analysis,
