A new version of the High Level Architecture (HLA), with the working name HLA 4, is under development. One security aspect that this new version addresses is authorization. The current version of HLA provides no standardized way to control which federates are allowed in a federation. HLA 4 adds new functionality for authorization, enabling control of which federates are allowed to connect to a Runtime Infrastructure (RTI) and to join a particular federation.
The new functionality is provided using a flexible plug-in design. Many types of authentication can be supported, for example passwords, X.509 certificates, and connection to Active/Open Directory servers. This paper describes a number of use cases for authentication in HLA federations. It also describes the technical design of the new security plug-in. Finally, it discusses the potential and limitations of the selected approach.
Authors: Björn Möller, Mikael Karlsson, Reinhard Herzog, Doug Wood
Publication: Proceedings of 2021 Virtual Simulation Innovation Workshop, 2021-SIW-013, Simulation Interoperability Standards Organization, February 2021