PEI Models for Scalable, Usable and High-Assurance Information Sharing
نویسندگان
چکیده
Secure Information Sharing (SIS) or “share but protect” is a challenging and elusive problem both because of its broad scope and complexity ranging right from conception (objective and policy) to culmination (implementation). In this paper, we consider how to solve SIS challenges with three main and conflicting objectives: scalability, usability and high-assurance. In the context of SIS, high-assurance requires strong controls on the client. It is widely accepted that such controls cannot be entirely software-based. In this regard, we consider solutions based on commercially emerging hardware-rooted Trusted Computing Technology. For SIS, we argue super-distribution (“protect once and access wherever authorized”) and off-line access are necessary to achieve scalability and usability. As we will see, although a Trusted Platform Module [1] (TPM) provides a range of powerful functionalities, it does not enable true super-distribution in any obvious manner. We therefore limit super-distribution to occur within a group. A group is an abstract set of TPM-enabled machines. For simplicity, we assume all content that are distributed to be readonly. Drilling down, we propose concrete Policy, Enforcement and Implementation (PEI) models for SIS within a group (group-based SIS or g-SIS). In the policy layer, we develop a framework for specifying subject and object group membership. In the enforcement layer, we explore ways to approximate instant and preemptive revocation of group members to support off-line access. We use the UCON [9] model to formally specify the policy and enforcement models. In the implementation layer, we outline protocols using Trusted Computing Technology [1] that would realize our policy model and thereby our objectives. We also demonstrate the value of this layered approach by showing how our enforcement and implementation models can easily accommodate enhancements in the policy model.
منابع مشابه
Authorization models for secure information sharing: a survey and research agenda
This article presents a survey of authorization models and considers their 'fitness-for-purpose' in facilitating information sharing. Network-supported information sharing is an important technical capability that underpins collaboration in support of dynamic and unpredictable activities such as emergency response, national security, infrastructure protection, supply chain integration and emerg...
متن کاملAn Efficient Secret Sharing-based Storage System for Cloud-based Internet of Things
Internet of things (IoTs) is the newfound information architecture based on the internet that develops interactions between objects and services in a secure and reliable environment. As the availability of many smart devices rises, secure and scalable mass storage systems for aggregate data is required in IoTs applications. In this paper, we propose a new method for storing aggregate data in Io...
متن کاملDynamic configuration and collaborative scheduling in supply chains based on scalable multi-agent architecture
Due to diversified and frequently changing demands from customers, technological advances and global competition, manufacturers rely on collaboration with their business partners to share costs, risks and expertise. How to take advantage of advancement of technologies to effectively support operations and create competitive advantage is critical for manufacturers to survive. To respond to these...
متن کاملAn Efficient Approach for State Sharing in Server Pools
Many Internet services require high availability. Server pooling provides a high availability solution using redundant servers. If one server fails, the service is continued by another one. A challenge for server pooling is efficient state sharing: The new server requires the old one’s state to continue service. This paper proposes a simple, efficient and scalable solution, usable for a large s...
متن کاملComputationally secure multiple secret sharing: models, schemes, and formal security analysis
A multi-secret sharing scheme (MSS) allows a dealer to share multiple secrets among a set of participants. in such a way a multi-secret sharing scheme (MSS) allows a dealer to share multiple secrets among a set of participants, such that any authorized subset of participants can reconstruct the secrets. Up to now, existing MSSs either require too long shares for participants to be perfect secur...
متن کامل