SIMS: a secure information management system for large-scale dynamic coalitions

When two (or more) entities (or members) enter into a coalition, they agree to share information, resources and other assets according to some set of negotiated rules. This paper addresses the issue of controlled and secure information sharing. Each member may have a large number of agents (people) who run programs that access information from the large number of servers run by the other member. The problem arises in managing the authentication and the access control at these service points. The issues are technical, as well as administrative. Compounding the problem is the large number of autonomous information servers that contain the information published by a single member. Administering and securing these is in reality intractable. We present a solution to the secure information-sharing problem, by separating the authentication function from the data access function. Then, by having only one authenticator per member and the use of digital certificates we show how a multiplicity of information sources can be managed and secured.

[1]  W. A. Ferrell,et al.  Arizona State University , 2019, Organizational Heartbeats.

[2]  David L. Spooner,et al.  Concurrent engineering with delta files , 1995, IEEE Computer Graphics and Applications.

[3]  Randall J. Atkinson,et al.  Security Architecture for the Internet Protocol , 1995, RFC.

[4]  David A. Wagner,et al.  A Secure Environment for Untrusted Helper Applications , 1996, USENIX Security Symposium.

[5]  Jean Bacon,et al.  Access control in an open distributed environment , 1998, Proceedings. 1998 IEEE Symposium on Security and Privacy (Cat. No.98CB36186).

[6]  Hugo Krawczyk,et al.  A Security Architecture for the Internet Protocol , 1999, IBM Syst. J..

[7]  Bernhard Plattner,et al.  Efficient security for large and dynamic multicast groups , 1998, Proceedings Seventh IEEE International Workshop on Enabling Technologies: Infrastucture for Collaborative Enterprises (WET ICE '98) (Cat. No.98TB100253).

[8]  W. Douglas Maughan,et al.  Internet Security Association and Key Management Protocol (ISAKMP) , 1998, RFC.

[9]  Robert Grimm,et al.  Providing Policy-Neutral and Transparent Access Control in Extensible Systems , 2001, Secure Internet Programming.

[10]  Mike Hibler,et al.  The Flask Security Architecture: System Support for Diverse Security Policies , 1999, USENIX Security Symposium.

[11]  David Mazières,et al.  Separating key management from file system security , 1999, SOSP.

[12]  David Mazières,et al.  Self-certifying file system , 2000 .

[13]  Partha Dasgupta,et al.  Efficient and Secure Information Sharing in Distributed, Collaborative Environments , 2000 .

[14]  David Mazières,et al.  Fast and secure distributed read-only file system , 2000, TOCS.

[15]  Dan Boneh,et al.  Proceedings of the 11th USENIX Security Symposium , 2002 .

[16]  J William,et al.  IEEE Computer Graphics and Applications , 2019, Computer.