Objectsecurity LLC SBIR Phase I Award, July 2018

DoD needs smarter technical security policy implementation, esp. for access control. However, technical security policies are increasingly unmanageable (esp. access control) because there are too many rules & configurations, too many changes to manage manually, across too many security features, devices, applications, layers etc. ObjectSecurity OpenPMF is a security policy automation “umbrella� that lets security professionals author security policies in generic/intuitive/consistent terms. From these, it calculates the matching technical rules and configurations, by filling in imported technical details. It is not yet used by the military/government but has strong potential and is highly innovative. We therefore propose a military/government feasibility study of OpenPMF security policy automation (with special focus on Air Force needs). OpenPMF has been developed for 10+ years, is patented (since 2007), award-winning, and has been deployed in other industries. It is an ideal candidate for rapid transitioning into military/government use. The proposed effort will research the viability and benefits of OpenPMF Security Policy Automation for Air Force and the wider military/government. The effort will address the 7 questions stated in the solicitation and additional technical objectives outlined in the accompanying slide deck. The effort will include the development of a functional prototype for a mock-up military/government environment.