November 2007
El Segundo, CA: 28 November, 2007 – With the release of the new CCaR-SMART interface, (click here to read article) IDS has led the way for the Air Force to provide secure Web Services. One of the requirements of the new CCaR-SMART interface was to utilize IBM's Websphere DataPower Integration Appliance as an enforcement point for Web Services interaction. Since CCaR is hosted at individual Air Force Installations and SMART is hosted in the Global Combat Support System - Air Force (GCSS-AF) enclave, the need to secure and authenticate the data transfer between CCAR and SMART was essential. During development, software engineers from IDS, SMART and Lockheed Martin GCSS collaborated and successfully designed, developed and tested a prototype Web Service call from CCaR to SMART that was authenticated using DataPower. To properly authenticate CCaR, the Web Service request required the inclusion of a Public Key Infrastructure (PKI) x.509 certificate in the Simple Object Access Protocol (SOAP) header. GCSS engineers then configured DataPower to authenticate the CCaR certificate and then direct the Web Service request to SMART. When the interface was delivered to the Air Force on 21 October, 2007 the CCaR-SMART interface became the first applications in the Air Force to utilize DataPower to secure Web Services.
For more information on GCSS-AF Web Services Security see the following presentation from GCSS-AF.
Introduction to GCSS-AF WS-Proxy.ppt
The CCaR System is an enterprise program and financial management system that delivers real-time program information to government decision makers. At the core of the CCaR System are automated reports and analysis tools which allow the program and financial managers to define program requirements, formulate program budgets, forecast program execution and track the execution of program funds.
