SIGIR '92 Proceedings of the 15th annual international ACM SIGIR conference on Research and development in information retrieval
A calculus for cryptographic protocols: the spi calculus
Proceedings of the 4th ACM conference on Computer and communications security
A decentralized model for information flow control
Proceedings of the sixteenth ACM symposium on Operating systems principles
On the design and quantification of privacy preserving data mining algorithms
PODS '01 Proceedings of the twentieth ACM SIGMOD-SIGACT-SIGART symposium on Principles of database systems
Machine learning in automated text categorization
ACM Computing Surveys (CSUR)
PI-Calculus: A Theory of Mobile Processes
PI-Calculus: A Theory of Mobile Processes
Bezier and B-Spline Techniques
Bezier and B-Spline Techniques
The consensus operator for combining beliefs
Artificial Intelligence
Information Theory, Inference & Learning Algorithms
Information Theory, Inference & Learning Algorithms
A Cryptographic Decentralized Label Model
SP '07 Proceedings of the 2007 IEEE Symposium on Security and Privacy
Fuzzy Multi-Level Security: An Experiment on Quantified Risk-Adaptive Access Control
SP '07 Proceedings of the 2007 IEEE Symposium on Security and Privacy
Trust management for secure information flows
Proceedings of the 15th ACM conference on Computer and communications security
Modeling data flow in socio-information networks: a risk estimation approach
Proceedings of the 16th ACM symposium on Access control models and technologies
Poster: using quantified risk and benefit to strengthen the security of information sharing
Proceedings of the 18th ACM conference on Computer and communications security
Using community structure to control information sharing in online social networks
Computer Communications
| Hi-index | 0.00 |
In both commercial and defense sectors a compelling need is emerging for rapid, yet secure, dissemination of information to the concerned actors. Traditional approaches to information sharing that rely on security labels (e.g., Multi-Level Security (MLS)) suffer from at least two major drawbacks. First, static security labels do not account for tactical information whose value decays over time. Second, MLS-like approaches have often ignored information transform semantics when deducing security labels (e.g., output security label = max over all input security labels). While MLS-like label deduction appears to be conservative, we argue that this approach can result in both underestimation and overestimation of security labels. We contend that overestimation may adversely throttle information flows, while underestimation incites information misuse and leakage. In this paper we present a novel calculus approach to securely share tactical information. We model security metadata as a vector half-space (as against a lattice in a MLS-like approach) that supports three operators: Γ, + and · . The value operator Γ maps a metadata vector into a time sensitive scalar value. The operators + and · support arithmetic on the metadata vector space that are homomorphic with the semantics of information transforms. We show that it is unfortunately impossible to achieve strong homomorphism without incurring exponential metadata expansion. We use B-splines (a class of compact parametric curves) to develop concrete realizations of our metadata calculus that satisfy weak homomorphism without suffering from metadata expansion and quantify the tightness of values estimates in the proposed approach.