SeaSWIM ensures secure information exchange for STM
A secure information exchange, which protects the ownership of information end ensures that only authorized persons and systems receive the provided information, is crucial for the acceptance by service providers and service users and thus the success of STM. The Maritime Service Infrastructure that is developed within the STM Validation project is supposed to enable service discovery as well as secure information exchange based on the principles of the SeaSWIM (System-Wide Information Management) concept. By creating a standard interface to the Maritime Service Infrastructure, the so-called SeaSWIM connector, the actual complexity of the infrastructure is hidden, ensuring simple access and use for both service providers and service user.
OFFIS – Institute for Information Technology is coordinating the Maritime Service Infrastructure of STM with activity leader Cilli Sobiech, Viktoria Swedish ICT.
Cilli, Could you give us a brief overview of what SeaSWIM is:
We are developing the maritime service infrastructure for Sea Traffic Management based on SeaSWIM (System-Wide Information Management), a concept adopted from the aviation sector and adapted – via the MONALISA 2 project – for shipping. SeaSWIM is a space in which you can securely share data and information with parties to whom you have given access. The service-oriented architecture makes services available via this maritime service infrastructure. We want to lower the entry barrier for providers and users so that it is easy to provide or use services by, for example, a port or shore centre (service provider) or a shipping company (user).
The infrastructure is a crucial aspect of information exchange, how does it work?
SeaSWIM can be described as a marketplace for the provision and use of interoperable maritime services. In order to achieve service interoperability, we rely on some guiding principles and standards. For example, all communication for user authentication, user authorization as well as service discovery proceeds via the SeaSWIM connector, which itself is a service provided by the maritime service infrastructure – a proxy, concealing the complexity of the underlying information sharing infrastructure. This infrastructure includes as central components the Service Registry and Identity Registry that enable the access to a library of available services as well as the user authentication and authorization for and by service provider and service users.
Simply speaking, if you enter the SeaSWIM-area – e.g. the test beds in this step of the project – you authenticate yourself and then can discover services accessible to you in your regional area. Then, whatever service you desire can be used by communicating directly with the respective service provider, so the system ensures your data remains solely between you and the service provider. The maritime service infrastructure is one single contact point to discover and use all kinds of maritime services via SeaSWIM, i.e. no additional log-in is necessary in order to use several different services. SeaSWIM ensures this secure data sharing and access by simple guiding principles and standards.
You have developed a prototype of the SeaSWIM connector during this summer; can you describe what it is and how it operates?
The SeaSWIM connector is the interface of the maritime service infrastructure for application and operational services – like those that are developed in the Port Collaborative Decision Making and Voyage Management activities of the STM project as first instances of interoperable maritime services. It is a reference service, a proxy that we make available to project partners to enable them to use the maritime service infrastructure. The SeaSWIM connector handles all the communication between application and operational services and the maritime service infrastructure in a way that ensures that the STM security standards are met.
During this summer we developed a prototype version of the SeaSWIM connector that is now being tested together with the Service Registry and the Identity Registry prototypes from the EfficienSea2 project.
In line with our time schedule, we have elaborated in the past months an initial service-oriented architecture and first technical specifications of maritime service infrastructure components in cooperation with the other STM activities as well as partners from the EfficiencSea2 project. We are now in the phase of prototype development and component testing. Integration and (sub-)system testing in simulators and testbeds will be the next phase.
How is the test progressing and what can the results offer?
So far, we are at the stage of component testing, e.g. for the SeaSWIM Connector. When we go increasingly deeper into (sub-)system and integration testing, we will see which concepts and components need to be refined and developed further in order to achieve a working, reliable infrastructure that complies with the defined requirements and supports the identified use cases. A concrete example is e.g. whether the current password method will be sufficient. Passwords and certificates are used right now for persons and machines but we need to investigate whether multifactor security methods are required. We are also addressing cyber security and governance of the maritime service infrastructure at this stage. Especially cyber security – e.g. vulnerability against hacker attacks – is a crucial issue that needs to be considered right from the start to ensure secure communication and information exchange.
As yet, software component tests are in progress. At this stage, we check whether the prototype components work according to their specification. We create, for example, dummy services as stubs and drivers and check if the prototype components behave as intended. Then we will enter sub-system testing and integrate a first prototypical version of the maritime service infrastructure into the simulators and test beds of the STM project, in order to test the interplay of the maritime service infrastructure with the services developed in the Port Collaborative Decision Making and Voyage Management activities. This phase will start in October.
How do you feel the activity is progressing, what are the upcoming challenges?
Our main challenge is to make SeaSWIM work as an interoperable system and to include various stakeholders and partners in the test beds, thereby upgrading them to large scale to enable realistic physical tests outside the laboratory environment.
What is the most interesting aspect of your current activities?
The complexity and interdependencies of our activity in combination with a tight schedule is challenging. The most interesting aspect will be the successful integration of the maritime service infrastructure and the services supplied by the other activities and to make the whole system running in the simulators and test beds on a large scale. It is good to see that numerous partners and people with different backgrounds cooperate to make this happen. And this cooperation is not limited to the partners and people within the STM project – there is also a close cooperation and alignment with partners and people from other projects like EfficienSea2 and initiatives like the Maritime Cloud Developer Forum.