CAPSA: Controlling Access using Proximity-focused Semantic Analysis

Period of Performance: 09/02/2014 - 08/28/2016

$750K

Phase 2 SBIR

Recipient Firm

CFD Research Corp.
701 McMillian Way NW Suite D
Huntsville, AL 35806
Principal Investigator

Abstract

ABSTRACT: Establishing adequate access controls that limit access to information without adversely denying access is critically needed by our warfighters in today s complex battlefield environment. To address this need, CFDRC is developing an innovative method called CAPSA (Controlling Access using Proximity-focused Semantic Analysis) for granting access based on a user s proximity to information. By leveraging CFDRC s existing technology for numerically quantifying information relevance using fuzzy logic techniques based on the semantic web, CAPSA provides a flexible method of determining proximity. CAPSA avoids a ridged definition of proximity, allowing it to identify proximity beyond the spatial, organizational, and operational realms. In Phase I, a demonstration version of CAPSA was developed to show the feasibility of the Proximity Metric calculation and its use in determining access to information. During the Phase II, this metric will be enhanced and optimized to utilize more proximity information from different original sources. A full prototype will be developed and integrated into several military systems including AFRL s Phoenix architecture to demonstrate and fine-tune CAPSA. Additionally, CAPSA will be validated by evaluating it with real-world data. Throughout the Phase II, CFDRC will ensure the design and development of the CAPSA technology is compatible with all relevant DoD standards, security, certification processes, and procedures. BENEFIT: The proximity-based access control solution developed under this project, called CAPSA (Controlling Access using Proximity-focused Semantic Analysis), will be greatly beneficial to the Air Force and the rest of DoD in addressing identity and access management concerns in future military cloud environments. Specifically, CAPSA s semantic-based approach to access control allows it to examine multiple types of proximity and find non-obvious connections between a user and the information they attempt to access. CFDRC s commercialization strategy is focused in three areas. First, CFDRC will develop and market the CAPSA technology for the Air Force. During Phase II, CFDRC will integrate CAPSA into AFRL s Phoenix Prime software to demonstrate its capabilities and fine-tune its Proximity Metric, which numerically evaluates the user s proximity to information. After the Phase II, CFDRC will continue to support Phoenix Prime by integrating CAPSA s ability to detect insider threats based on semantic analysis. The second focus is to market the CAPSA technology to potential military customers. In Phase III, CFDRC will integrate CAPSA into other military systems and provide consulting on incorporating new proximity types. Lockheed Martin has already indicated its customers have expressed interest in the CAPSA technology. The last focus is to market the CAPSA technology to providers of Electronic Medical Record (EMR) solutions and demonstrate how CAPSA can provide accurate access control in the dynamically changing team-based environments of hospitals and healthcare information systems. CFDRC will use its existing relationship with Systems Made Simple, a provider of EMR technology, to market and commercialize the technology in the medical IT market.