Abstract
In this paper we describe the design and implementation of cloud-based assured information sharing systems. In particular, we will describe our current implementation of a centralized cloud-based assured information sharing system and the design of a decentralized hybrid cloud-based assured information sharing system of the future. Our goal is for coalition organizations to share information stored in multiple clouds and enforce appropriate policies.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
NSA Pursues Intelligence-Sharing Architecture, http://www.informationweek.com/news/government/cloud-saas/229401646
DoD Information Enterprise Strategic Plan (2010-2012), http://cio-nii.defense.gov/docs/DodIESP-r16.pdf
Department of Defense Information Sharing Strategy (2007), http://dodcio.defense.gov/docs/InfoSharingStrategy.pdf
DoD Embraced Cloud Computing, http://www.defensemarket.com/?p=67
Finin, T., Joshi, A., Kargupta, L., Yesha, Y., Sachs, J., Bertino, E., Li, N., Clifton, C., Spafford, G., Thuraisingham, B., Kantarcioglu, M., Bensoussan, A., Berg, N., Khan, L., Han, J., Zhai, C., Sandhu, R., Xu, S., Massaro, J., Adamic, L.: Assured Information Sharing Life Cycle. In: Proc. Intelligence and Security Informatics (2009)
Thuraisingham, B., Kumar, H., Khan, L.: Design and Implementation of a Framework for Assured Information Sharing Across Organizational Bounda-ries. Journal of Information Security and Privacy (2008)
Awad, M., Khan, L., Thuraisingham, B.: Policy Enforcement System for Inter-Organizational Data Sharing. Journal of Information Security and Privacy 4(3) (2010)
Rao, P., Lin, D., Bertino, E., Li, N., Lobo, J.: EXAM: An Environment for Access Control Policy Analysis and Management. In: Proc. POLICY 2008 (2008)
Thuraisingham, B., Khadilkar, V., Gupta, A., Kantarcioglu, M., Khan, L.: Secure Data Storage and Retrieval in the Cloud. In: CollaborateCom 2010 (2010)
Thuraisingham, B., Khadilkar, V.: Assured Information Sharing in the Cloud, UTD Tech. Report (September 2011)
Cadenhead, T., Khadilkar, V., Kantarcioglu, M., Thuraisingham, B.: Transforming provenance using redaction. In: Proc. ACM SACMAT (2011)
Husain, M.F., McGlothlin, J., Masud, M., Khan, L., Thuraisingham, B.: Heuristics-Based Query Processing for Large RDF Graphs Using Cloud Computing. IEEE Trans. Knowl. Data Eng. 23 (2011)
Jones, Hamlen: Disambiguating aspect-oriented security policies. In: Proc. 9th Int. Conf. Aspect-Oriented Software Development, pp. 193–204 (2010)
Jones, M., Hamlen, K.: A service-oriented approach to mobile code security. In: Proc. 8th Int. Conf. Mobile Web Information Systems (2011)
Hamlen, K., Morrisett, G., Schneider, F.: Computability classes for en-forcement mechanisms. ACM Trans. Prog. Lang. and Systems 28(1), 175–205 (2006)
Hamlen, K., Morrisett, G., Schneider, F.: Certified in-lined reference monitoring on.NET. In: Proc. ACM Workshop on Prog. Lang. and Analysis for Security, pp. 7–16 (2006)
Guo, Y., Heflin, J.: LUBM: A Benchmark for OWL Knowledge Base Systems. Web Semantics 3 (2005)
Sridhar, M., Hamlen, K.W.: Model-Checking In-Lined Reference Monitors. In: Barthe, G., Hermenegildo, M. (eds.) VMCAI 2010. LNCS, vol. 5944, pp. 312–327. Springer, Heidelberg (2010)
UTD Secure Cloud Repository, http://cs.utdallas.edu/secure-cloud-repository/
Zql: a Java SQL parser, http://www.gibello.com/code/zql/
Thusoo, A., Sharma, J., Jain, N., Shao, Z., Chakka, P., Anthony, S., Liu, H., Wyckoff, P., Murthy, R.: Hive - A Warehousing Solution Over a Map-Reduce Framework. In: PVLDB (2009)
Khadilkar, V., Kantarcioglu, M., Thuraisingham, B., Mehrotra, S.: Secure Data Processing in a Hybrid Cloud Proc. CoRR abs/1105.1982 (2011)
Hamlen, K., Kantarcioglu, M., Khan, L., Thuraisingham, B.: Security Issues for Cloud Computing. Journal of Information Security and Privacy 4(2) (2010)
Khaled, A., Husain, M., Khan, L., Hamlen, K., Thuraisingham, B.: A To-ken-Based Access Control System for RDF Data in the Clouds. In: CloudCom 2010 (2010)
Cadenhead, T., De Meuter, W., Thuraisingham, B.: Scalable and Efficient Reasoning for Enforcing Role-Based Access Control. In: Foresti, S., Jajodia, S. (eds.) Data and Applications Security XXIV. LNCS, vol. 6166, pp. 209–224. Springer, Heidelberg (2010)
Cadenhead, T., Khadilkar, V., Kantarcioglu, M., Thuraisingham, B.: A language for provenance access control. In: Proc. ACM CODASPY 2011 (2011)
Carminati, B., Ferrari, E., Heatherly, R., Kantarcioglu, M., Thuraisingham, B.: A semantic web based framework for social network access control. In: SACMAT 2009 (2009)
Kantarcioglu, M.: Incentive-based Assured Information Sharing. AFOSR MURI Review (October 2010)
Celikel, E., Kantarcioglu, M., Thuraisingham, B., Bertino, E.: Managing Risks in RBAC Employed Distributed Environments. In: Meersman, R. (ed.) OTM 2007, Part II. LNCS, vol. 4804, pp. 1548–1566. Springer, Heidelberg (2007)
Hamlen, K., Mohan, V., Wartell, R.: Reining in Windows API abuses with in-lined reference monitors. Tech. Rep. UTDCS-18-10, Comp. Sci. Dept., U. Texas at Dallas (2010)
Talbot, D.: How Secure is Cloud Computing?, http://www.technologyreview.com/computing/23951/
O’Malley, O., Zhang, K., Radia, S., Marti, R., Harrell, C.: Hadoop Security Design, http://bit.ly/75011o
Amazon Web Services: Overview of Security Processes, http://awsmedia.s3.amazonaws.com/pdf/AWSSecurityWhitepaper.pdf
Marshall, A., Howard, M., Bugher, G., Harden, B.: Security best practices in developing Windows Azure Applications, Microsoft Corp. (2010)
BioMANTA: Modelling and Analysis of Biological Network Activity, http://www.itee.uq.edu.au/reresearch/projects/biomanta
Ding, L., Finin, T., Peng, Y., da Silva, P., Mcguinness, D.: Tracking RDF Graph Provenance using RDF Molecules. In: Proc. International Semantic Web Conference (2005)
Newman, A., Hunter, J., Li, Y., Bouton, C., Davis, M.: A Scale-Out RDF Molecule Store for Distributed Processing of Biomedical Data. In: Semantic Web for Health Care and Life Sciences Workshop, WWW 2008 (2008)
Carminati, B., Ferrari, E., Thuraisingham, B.: Using RDF for policy specification and enforcement. In: DEXA 2004 (2004)
Jain, A., Farkas, C.: Secure resource description framework: an access control model. In: ACM SACMAT 2006 (2006)
Uszok, A., Bradshaw, J., Johnson, R., Jeffers, M., Tate, A., Dalton, J., Aitken, S.: KAoS policy management for semantic web services. Intelligent Systems (2004)
Kagal, L.: Rei: A policy language for the me-centric project. In, HP Labs (2002), accessible online, http://www.hpl.hp.com/techreports/2002/HPL-2002-270.html
Khandelwal, A., Bao, J., Kagal, L., Jacobi, I., Ding, L., Hendler, J.: Analyzing the AIR Language: A Semantic Web (Production) Rule Language. In: Hitzler, P., Lukasiewicz, T. (eds.) RR 2010. LNCS, vol. 6333, pp. 58–72. Springer, Heidelberg (2010)
Reddivari, P., Finin, T., Joshi, A.: Policy-based access control for an RDF store. In: Policy Management for the Web, IJCAI Workshop (2005)
UTD Semantic Web Repository, http://cs.utdallas.edu/semanticweb/
Castagna, P., Seaborne, A., Dollin, C.: A Parallel Processing Framework for RDF Design and Issues. Technical report, HP Laboratories (2009)
Choi, H., Son, J., Cho, Y., Sung, M., Chung, Y.: SPIDER: A System for Scalable, Parallel / Distributed Evaluation of large-scale RDF Data. In: Proceedings ACM CIKM (2009)
Abraham, J., Brazier, P., Chebotko, A., Navarro, J., Piazza, A.: Distributed Storage and Querying Techniques for a Semantic Web of Scientific Workflow Provenance. In: Proceedings IEEE SCC (2010)
Aberer, K., Cudré-Mauroux, P., Hauswirth, M., Van Pelt, T.: GridVine: Building Internet-Scale Semantic Overlay Networks. In: McIlraith, S.A., Plexousakis, D., van Harmelen, F. (eds.) ISWC 2004. LNCS, vol. 3298, pp. 107–121. Springer, Heidelberg (2004)
Cai, M., Frank, M.: RDFPeers: a scalable distributed RDF repository based on a structured peer-to-peer network. In: Proceedings ACM WWW (2004)
Harth, A., Umbrich, J., Hogan, A., Decker, S.: YARS2: A Federated Reposi-tory for Searching and Querying Graph Structured Data. Technical report, DERI (2007)
Della Valle, E., Turati, A., Ghioni, A.: PAGE: A Distributed Infrastructure for Fostering RDF-Based Interoperability. In: Eliassen, F., Montresor, A. (eds.) DAIS 2006. LNCS, vol. 4025, pp. 347–353. Springer, Heidelberg (2006)
Distributed Reasoning: Seamless integration and processing of distributed knowledge, http://www.integrail.eu/documents/fs04.pdf
Urbani, J.: Scalable Distributed Reasoning using MapReduce, http://www.few.vu.nl/~jui200/papers/ISWC09-Urbani.pdf
Cirio, L., Cruz, I., Tamassia, R.: A Role and Attribute Based Access Con-trol System Using Semantic Web Technologies. In: IFIP Workshop on Semantic Web and Web Semantics (2007)
Reul, Q., Zhao, G., Meersman, R.: Ontology-based access control policy inter-operability. In: Proc. 1st Conference on Mobility, Individualisation, Socialisation and Connectivity, MISC 2010 (2010)
Andersen, B., Neuhaus, F.: An ontological approach to information access control and provenance. In: Proceedings of Ontology for the Intelligence Community, Fairfax, VA (October 2009)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2012 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Thuraisingham, B. et al. (2012). Cloud-Centric Assured Information Sharing. In: Chau, M., Wang, G.A., Yue, W.T., Chen, H. (eds) Intelligence and Security Informatics. PAISI 2012. Lecture Notes in Computer Science, vol 7299. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-30428-6_1
Download citation
DOI: https://doi.org/10.1007/978-3-642-30428-6_1
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-30427-9
Online ISBN: 978-3-642-30428-6
eBook Packages: Computer ScienceComputer Science (R0)