Role-Based Access Control Models
Computer
A survey of key management for secure group communication
ACM Computing Surveys (CSUR)
Secure information sharing enabled by Trusted Computing and PEI models
ASIACCS '06 Proceedings of the 2006 ACM Symposium on Information, computer and communications security
Shamon: A System for Distributed Mandatory Access Control
ACSAC '06 Proceedings of the 22nd Annual Computer Security Applications Conference
Design and implementation of a TCG-based integrity measurement architecture
SSYM'04 Proceedings of the 13th conference on USENIX Security Symposium - Volume 13
Stale-safe security properties for group-based secure information sharing
Proceedings of the 6th ACM workshop on Formal methods in security engineering
Foundations for group-centric secure information sharing models
Proceedings of the 14th ACM symposium on Access control models and technologies
Group-centric models for secure and agile information sharing
MMM-ACNS'10 Proceedings of the 5th international conference on Mathematical methods, models and architectures for computer network security
Group-Centric Secure Information-Sharing Models for Isolated Groups
ACM Transactions on Information and System Security (TISSEC)
Survey: Usage control in computer security: A survey
Computer Science Review
Using community structure to control information sharing in online social networks
Computer Communications
| Hi-index | 0.00 |
Secure Information Sharing (SIS) or "share but protect" is a challenging and elusive problem both because of its broad scope and complexity ranging right from conception (objective and policy) to culmination (implementation). In this paper, we consider how to solve SIS challenges with three main and conflicting objectives: scalability, usability and high-assurance. In the context of SIS, high-assurance requires strong controls on the client. It is widely accepted that such controls cannot be entirely software-based. In this regard, we consider solutions based on commercially emerging hardware-rooted Trusted Computing Technology. For SIS, we argue super-distribution ("protect once and access wherever authorized") and off-line access are necessary to achieve scalability and usability. We limit super-distribution to occur within a group of Trusted Platform Module [1] or TPM-enabled machine. For simplicity, we assume all content that are distributed to be read-only. Drilling down, we discuss Policy, Enforcement and Implementation (PEI) models for SIS within a group (group-based SIS or g-SIS).