Information sharing and security in dynamic coalitions

Proceedings of ACM Symposium on Access Control Models and Technologies (SACMAT 2002)

Volumn , Issue , 2002, Pages 87-96

  Phillips Jr , Charles E ^a   Ting, T C ^a   Demurjian, Steven A ^a  

^a UNIVERSITY OF CONNECTICUT   (United States)

Author keywords

Access control; Distributed systems; Dynamic coalitions; Information security

Indexed keywords

CLIENT SERVER COMPUTER SYSTEMS; COMMAND AND CONTROL SYSTEMS; COMPUTER VIRUSES; COMPUTER WORMS; DISTRIBUTED DATABASE SYSTEMS; MILITARY DATA PROCESSING;

ACCESS CONTROL; DYNAMIC COALITION PROBLEM; INFORMATION SHARING;

SECURITY OF DATA;

EID: 0242709333     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1145/507711.507726     Document Type: Conference Paper

References (40)

1. NATO Interoperability from "Advanced Concept Technology Demonstration, Management Plan," PEO C3S HTIO, Fort Monmoth, NJ. 1999.
2. P. Barr, "ABCS ITDS", MITRE Corporation presentation, NJ, Oct. 1998.
3. D. Bell and L. LaPadula, "Secure Computer Systems: Mathematical Foundations Model." M74-244, Mitre Corporation, Bedford, Massachusetts, 1975.
4. E. Bertino, E. Ferrari, and V. Atluri, "The Specification and Enforcement of Authorization Constraints in Workflow Management Systems", ACM Trans. Info. Syst. Security, Vol. 2, No. 1, Feb. 1999.
5. E. Bertino, P. Bonatti, and E. Ferrari, "TRBAC: A Temporal Role-Based Access Control Model," Proc. of the Fifth ACM Workshop on Role-based Access Control, Berlin Germany, July 2000.
6. S. Boutelle and C. Pizzutelli, "Army Battle Command System," Army RD&A, Sept./Oct. 1998.
7. Prepared by PEO C3S HTIO, "Command, Control, Communications, and Computers Interoperability for Coalition Warfare, Advanced Concept Technology Demonstration, Management Plan," Ver. 1.2, 1999.
8. M. Cokus, "XML-MTF, A Military XML Vocabulary," The MITRE Corporation, 2001.
9. DARPA ITO Sponsored Research, Spring, Kohout, Yates, "2000 Project Summary, Flexible Coalition Policies for Secure Information Sharing," Verdian-PSR, 2000.
10. J. Baras, V. Gligor, and R. Poovendran, "Integrated Security Services for Dynamic Coalition Management," DARPA ACT Program March 2001.
11. S. Demurjian and T.C. Ting, "Towards a Definitive Paradigm for Security in Object-Oriented Systems and Applications," Journal of Computer Security, Vol. 5, No. 4, 1997.
12. S. Demurjian, T.C. Ting, H. Ren, J. Balthazar, C. Phillips, and P. Barr, "A User Role-Based Security Model for a Distributed Environment," Research Advances in Database and Information Systems Security, J. Therrien (ed.), Kluwer, 2001.
13. Department of Defense Directive 5200.28-STD, "Department of Defense Trusted Computer Systems Evaluation Criteria," December 1985, Authorized by DoD Directive 5200.28, Dec. 1972.
14. Department of Defense Directive 5200.28, "Security Requirements for Automated Information Systems (AIS)," March 1988.
15. Department of Defense Directive 8320.1-M-1, Department of Defense, "Data Standardization Procedures," March 1996. 1996. http://jcs.mil/htdocs/teinfo/software/8320.html
16. R. Reagan, Executive Order 12356, "National Security Information," The White House, Apr. 1982.
17. D. Ferrailo, "The Role Control Center: An Implementation of Role-Based Access Control on Identity-Based Systems," NIST White Paper, 2000.
18. D. Ferraiolo, "An Argument For The Role-Based Access Control Model," Proc. of Sixth ACM Symp. on Access Control Models and Technologies, Chantilly, VA, USA, May 2001.
19. Joint Operational Support Center. "Global Command and Control Center," DISA 1999. http://gccs.disa.mil/gccs/
20. T. Jaeger "On the Increasing Importance of Constraints," Proc. of the Fourth ACM Workshop on Role-Based Access Control, Fairfax, VA, USA, Oct. 1999.
21. JIEO Handbook 9000, Chapter One, "General Instructions," Joint Information Exchange Operations, Department of Defense Handbook, March 2000.
22. D. Kindred and K. Djahandari, "Adaptive Network Defense, Dynamic Virtual Private Network," Networks Associates Technology, Inc., NAI Labs, 2001, see http://www.pgp.com/research/nailabs/adaptives-network/dynamic-virtual
23. H. Korth and A. Silberschatz, Database Systems Concepts, "Security and Integrity", Chap. 13, McGraw-Hill, 1986.
24. S. Levine, "Army Modernization: Digitization and Transformation Overview," briefing at Pentagon, April 2000.
25. C. Milster, M. Parish, G. Le Fevre, "Taking Digitization to Our Allies," Army RD&A, Sep-Oct 1998.
26. S. Osborn, R. Sandhu, and Q. Munawer, "Configuring Role-Based Access Control To Enforce Mandatory And Discretionary Access Control Policies," ACM Trans. Info. Syst. Security, Vol. 3, No. 2, 2000.
27. W. Peach, "Message Text Formats-A Solution to the Problem of Interoperability," Journal of Battlefield Technology, Vol. 2, March 1999.
28. C. Phillips, S. Demurjian, and T.C. Ting, "Security Engineering for Roles and Resources in a Distributed Environment", in Proc. of the 3rd Annual Information Systems Security Engineering Conf., March 2002.
29. C. Phillips, S. Demurjian, and T.C. Ting, "Toward Information Assurance in Dynamic Coalitions", Comp. Sci. and Engr. Dept., Univ. of Conn. (CSE-TR-02-3), February 2002.
30. P. Samarati, "Access Control: Policies, Models, Architectures, and Mechanisms," FOSAD, Italy, Sept. 2000.
31. R. Sandhu, "Lattice-Based Access Control Models," Computer Journal, Vol. 26, Nov. 1993.
32. R. Sandu and P. Samarati, "Access Control: Principles and Practice." IEEE Communications Magazine, Vol. 32, No.9, Sept. 1994.
33. R. Sandu, "Role-Based Access Control", Advances in Computer Science, Vol. 48, M. Zerkowitz (ed.), Academic Press, 1998.
34. R. Sandu and Q. Munawer, "The ARBAC99 Model for Administrative Roles," Proc. of 15th Annual Computer Security Applications Conf., Phoenix, AZ, Dec. 1999.
35. F. Schneider, "Enforceable Security Policies," ACM Trans. Info. Syst. Security, Vol. 3, No.1, Feb. 2000.
36. S. Spring and D. Gormley, "Information Sharing for Dynamic Coalitions," VPSR Report 2836, Verdian Pacific-Sierra Research, Dec. 2000.
37. R. Tennent, Principals of Programming Languages, Prentice Hall, London, 1981.
38. Quotation from the National Military Strategy, "C4I For Coalition Warfare, Command and Control Systems Interoperability Program," Army Digitization Office, 1999.
39. T.C. Ting, "A User-Role Based Data Security Approach," Database Security: Status and Prospects, Landwehr (ed.), North-Holland, 1988.
40. T.C. Ting, "Application Information Security Semantics: A Case of Mental Health Delivery," Database Security, III: Status and Prospects, D. Spooner and C. Landwehr (eds.), North-Holland, 1990.