Security and provenance in M3GS for cross-domain information sharing

Modern military activities involve significant data sharing across security domains. We present the concepts and architecture of a Mission-oriented Multi-domain Multi-level security Graphics Server (M3GS) in the environment of GIG 2.0 and cloud computing. M3GS aims at providing information support for a dynamic team collaborating on a mission of warfighting, intelligence, anti-terrorism, or rescue and disaster relief; information providers input data (with various security labels in different security domains) into M3GS, and through M3GS, those data are displayed with proper widgets on the screens of information clients permitted to access; what data can flow to which screen is governed by security policies. While the Bell-LaPadula model is used to enforce traditional mandatory access control, a new challenge is that the data shared have different owners from different security domains, and are subject to their own security policies. We address this problem by using dynamic provenance-dependent attribute-based policies.

[1]  Len LaPadula,et al.  Secure Computer Systems: A Mathematical Model , 1996 .

[2]  Paul Watson A Multi-Level Security Model for PartitioningWorkflows over Federated Clouds , 2011, CloudCom.

[3]  Barack Obama Executive Order 13526: Classified National Security Information , 2009 .

[4]  Tracy Noel,et al.  National Security Certificate o Funded by Office of the Director of National Intelligence , 2013 .

[5]  K. J. Bma Integrity considerations for secure computer systems , 1977 .

[6]  Juliana Freire,et al.  Provenance and scientific workflows: challenges and opportunities , 2008, SIGMOD Conference.

[7]  James Cheney,et al.  Report on the Principles of Provenance Workshop , 2008, SGMD.

[8]  Paul T. Groth,et al.  The provenance of electronic data , 2008, CACM.

[9]  David M. Nicol,et al.  TrustGraph: Trusted Graphics Subsystem for High Assurance Systems , 2009, 2009 Annual Computer Security Applications Conference.

[10]  Pierangela Samarati,et al.  Providing Security and Interoperation of Heterogeneous Systems , 2004, Distributed and Parallel Databases.

[11]  Dorothy E. Denning,et al.  A lattice model of secure information flow , 1976, CACM.

[12]  V. S. Subrahmanian,et al.  Merging Heterogeneous Security Orderings , 1996, ESORICS.

[13]  Barack Obama Executive Order 13526: Classified National Security Information, Memorandum of December 29, 2009, Implementation of the Executive Order 'Classified National Security Information', Order of December 29, 2009, Original Classification Authority , 2009 .

[14]  David M. Nicol,et al.  A framework integrating attribute-based policies into role-based access control , 2012, SACMAT '12.

[15]  Elisa Bertino,et al.  Secure interoperation in a multidomain environment employing RBAC policies , 2005, IEEE Transactions on Knowledge and Data Engineering.

[16]  Jingwei Huang,et al.  Knowledge Provenance: An Approach to Modeling and Maintaining The Evolution and Validity of Knowledge , 2008 .