There are clear tradeoffs among security, flexibility, and cost in possible designs for such SOAs. Traditional (pre-GIG) DoD network architectures have created logical airgaps between different networks such as the NIPRNET and SIPRNET, and services are replicated in each such network environment. Information security is, in principle, guaranteed with separated networks, since there is no network path from the more secure to the less secure network. Although the GIG is a DoD-specific project,

more »

... y of the trust management problems it exposes also occur naturally in existing and emerging commercial and other public networked computing environments, particularly those based on SOAs. In particular, traditional decentralized trust management architectures, 1 while useful, do not directly address questions such as policy changes under rapidly changing network conditions or revocation and autonomous versus centralized control. These problems occur in any large-scale system based on a rapidly changing, potentially unreliable network framework such as the Internet. Therefore, we believe that the GIG architecture is a useful platform and opportunity for studying trust in large-scale computing in general, not just in the military and government. Published by the IEEE Computer Society 0018-9162/09/$25.00 © 2009 IEEE A service-oriented architecture (SOA) separates functions into services, which process requests from peers over a network. In processing a request, the service can, in turn, send requests to secondary services and so on. The Global Information Grid (GIG), an ongoing effort by the US Department of Defense (DoD) and Intelligence Community (IC), rationalizes and modernizes the architecture of US network-centric operations. It couples a common network architecture to advanced information assurance techniques and, as GIG's name implies, focuses on the information the network carries and the services it provides, rather than on the network's attributes.