DOE’s Federated Model aims to identify security threats

BY Cara Garretson, NETWORKWORLD.COM

Argonne National Laboratory, a division of the Department of Energy (DOE) operated out of the University of Chicago, is spearheading an effort to collect information about cyber security events that is beginning to gain steam.

Called The Federated Model, this information-sharing initiative among government, universities, and research labs began last fall and currently has about half a dozen active members, says Scott Pinkerton, manager of network services for the lab in DuPage County, Ill.

The initiative is open to any organization wanting to share details, or even just view information, regarding attempts by different IP addresses to access networks and how organizations have responded to these attempts, in an effort to spot patterns of malicious behavior and proactively block security threats, says Pinkerton.

…Argonne has taken on the development of The Federated Model’s repository and laid out specifications to be used for submitting and accessing information. Following IETF standards, data is submitted in XML format that is encrypted. The lab is working on adding features, such as an RSS feed that would tell members when new information has been added to the repository, Pinkerton says.