MECS is a computer program for the automated, secure, rapid, and efficient transfer of data between a central source and users at multiple distant locations. "MECS" signifies "Multi-mission Encrypted Communication System." MECS enables many users to collaborate securely on a shared plan or set of data.
MECS was part of the Mars polar lander mission operations environment, and enabled for the first time in NASA's history, distributed operations over the Internet during a mission operational readiness test. It has allowed remote scientists to lead field tests of the FIDO rover, which is the prototype for the Mars '03 rover.
MECS transfers data from a mission control center to remote users, and from the remote users back to the mission control center. MECS is designed to work with previously developed mission application programs that, in their original forms, do not support secure distributed operation; MECS can often enable secure distributed operation with little or no modification of the previously developed application programs. MECS operates in such a way as to be transparent to a remote user. Files simply appear on the remote user's computer as they become available, and files are transmitted back to a server computer at the mission control center when the user saves them in specific directories.
All MECS connections are authenticated by use of the NASA public key infrastructure, and all communications are encrypted by use of the Secure Sockets Layer (SSL) protocol. It is nearly impossible to decipher intercepted data that have been transmitted via MECS, and in order to defeat the authentication protocol, it would be necessary to compromise the NASA Ames Certificate Authority, which is highly protected. A copy of the MECS client software cannot be activated unless the remote user to whom the copy has been assigned presents a personal security profile that is kept on a floppy disk in the possession of the user. To obtain a security profile, a remote user must appear in person and provide positive identification at a security office at a NASA center. The NASA public key infrastructure handles the periodic updating of users' security profiles and protects the central certificate authority.
MECS is implemented as two Java programs. For each mission, there is typically one server program operating on a computer behind the mission firewall, and many client programs, each running on a remote user's computer. The MECS administrator indicates which files should be received by the remote users, and the MECS clients automatically download the data as it becomes available. All data is compressed and encrypted while in transit, and is automatically decompressed and moved to the proper locations on the client's computer.
Each remote user starts the MECS client program and specifies the address of the MECS server. The MECS client and server programs authenticate each other, and then the client program transmits the current state of the remote user's data base to the server. The server then transmits all of the files necessary to bring the remote user's data base up to date. Periodically, the MECS client program automatically communicates with the server to determine whether new data have arrived.
In its original form, MECS can be used to implement secure on-line discussions, shared workspaces, and collaborative generation of command sequences. There are also potential commercial applications for suitably modified versions of MECS: Many organizations need an efficient means of secure synchronization of remote systems. Inasmuch as nearly every software system developed previously to satisfy this need requires that the client initiate a request for specified data, there is no guarantee that a client has received the latest update to the shared data; in contrast, MECS, keeps client data files up to date.
This work was done by Paul Backes and Jeffrey Norris of Caltech for NASA's Jet Propulsion Laboratory. For further information, access the Technical Support Package (TSP) free on-line at www.nasatech.com/tsp under the Information Sciences category.
In accordance with Public Law 96-517, the contractor has elected to retain title to this invention. Inquiries concerning rights for its commercial use should be addressed to
Intellectual Property group
Mail Stop 202-233
4800 Oak Grove Drive
Pasadena, CA 91109
Refer to NPO-20844, volume and number of this NASA Tech Briefs issue, and the page number.
This Brief includes a Technical Support Package (TSP).
Software for Secure Distribution of Data
(reference NPO-20844) is currently available for download from the TSP library.
Don't have an account? Sign up here.