AAAI '98/IAAI '98 Proceedings of the fifteenth national/tenth conference on Artificial intelligence/Innovative applications of artificial intelligence
Reasoning with Individuals for the Description Logic SHIQ
CADE-17 Proceedings of the 17th International Conference on Automated Deduction
KNOW Why your access was denied: regulating feedback for usable security
Proceedings of the 11th ACM conference on Computer and communications security
PeerAccess: a logic for distributed authorization
Proceedings of the 12th ACM conference on Computer and communications security
Debugging and repair of owl ontologies
Debugging and repair of owl ontologies
The Description Logic Handbook
The Description Logic Handbook
A Cryptographic Decentralized Label Model
SP '07 Proceedings of the 2007 IEEE Symposium on Security and Privacy
Fuzzy Multi-Level Security: An Experiment on Quantified Risk-Adaptive Access Control
SP '07 Proceedings of the 2007 IEEE Symposium on Security and Privacy
Design and Semantics of a Decentralized Authorization Language
CSF '07 Proceedings of the 20th IEEE Computer Security Foundations Symposium
Verified enforcement of stateful information release policies
Proceedings of the third ACM SIGPLAN workshop on Programming languages and analysis for security
Fable: A Language for Enforcing User-defined Security Policies
SP '08 Proceedings of the 2008 IEEE Symposium on Security and Privacy
Scalable semantic retrieval through summarization and refinement
AAAI'07 Proceedings of the 22nd national conference on Artificial intelligence - Volume 1
P-CLASSIC: a tractable probablistic description logic
AAAI'97/IAAI'97 Proceedings of the fourteenth national conference on artificial intelligence and ninth conference on Innovative applications of artificial intelligence
Towards a fuzzy description logic for the semantic web (preliminary report)
ESWC'05 Proceedings of the Second European conference on The Semantic Web: research and Applications
Trust-based probabilistic query answering
WISE'11 Proceedings of the 12th international conference on Web information system engineering
SecureGov: secure data sharing for government services
Proceedings of the 14th Annual International Conference on Digital Government Research
Hi-index | 0.00 |
In both the commercial and defense sectors a compelling need is emerging for highly dynamic, yet risk optimized, sharing of information across traditional organizational boundaries. Risk optimal decisions to disseminate mission critical tactical intelligence information to the pertinent actors in a timely manner is critical for a mission's success. In this paper1, we argue that traditionally decision support mechanisms for information sharing (such as Multi-Level Security (MLS)) besides being rigid and situation agnostic, do not offer explanations and diagnostics for non-shareability. This paper exploits rich security metadata and semantic knowledgebase that captures domain specific concepts and relationships to build a logic for risk optimized information sharing. We show that the proposed approach is: (i) flexible: e.g., sensitivity of tactical information decays with space, time and external events, (ii) situation-aware: e.g., encodes need-to-know based access control policies, and more importantly (iii) supports explanations for non-shareability; these explanations in conjunction with rich security metadata and domain ontology allows a sender to intelligently transform information (e.g., downgrade information, say, by deleting participant list in a meeting) with the goal of making transformed information shareable with the recipient. In this paper, we will describe an architecture for secure information sharing using a publicly available hybrid semantic reasoner and present several illustrative examples that highlight the benefits of our proposal over traditional approaches.