Abstract
During many crises, access to sensitive emergency-support information is required to save lives and property. For example, for effective evacuations first responders need the names and addresses of non-ambulatory residents. Yet, currently, access to such information may not be possible because government policy makers and third-party data providers lack confidence that today’s IT systems will protect their data. Our approach to the management of emergency information provides first responders with temporary, transient access to sensitive information, and ensures that the information is revoked after the emergency. The following contributions are presented: a systematic analysis of the basic forms of trusted communication supported by the architecture; a comprehensive method for secure, distributed emergency state management; a method to allow a userspace application to securely display data; a multifaceted system analysis of the confinement of emergency information and the secure and complete revocation of access to that information at the closure of an emergency.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsPreview
Unable to display preview. Download preview PDF.
References
Johns Hopkins University, National center for study of preparedness and catastrophic event response. Technical Report, http://www.pacercenter.org
IAD: U.S. Government Protection Profile for Separation Kernels in Environments Requiring High Robustness. Version 1.021 edn. National Information Assurance Partnership (March 2007)
Levin, T.E., Irvine, C.E., Weissman, C., Nguyen, T.D.: Analysis of three multilevel security architectures. In: Proceedings 1st Computer Security Architecture Workshop, Fairfax, VA, 37–46 (November 2007)
Dwoskin, J.S., Lee, R.B.: Hardware-rooted trust for secure key management and transient trust. In: Proc. of 14th ACM conference on Computer and communications security, pp. 389–400. ACM, New York (2007)
Sterne, D.F.: On the buzzword “security policy”. In: Proceedings of the IEEE Symposium on Research on Security and Privacy, Oakland, CA, pp. 219–230. IEEE Computer Society Press, Los Alamitos (1991)
CCMB: Common Criteria for Information Technology Security Evaluation, Part 2: Security functional components. 3.1 revision 1 edn. Number CCMB-2006-09-001 in Criteria. Common Criteria Maintenance Board (September 2006)
Kent, S., Atkinson, R.: Security Architecture for the Internet Protocol. Number 4301 in Request for Comments. The Internet Society (December 2005)
Badra, M., Hajjeh, I.: Key-exchange authentication using shared secrets. Computer 39(3), 58–66 (2006)
Dolev, D., Yao, A.C.: On the security of public key protocols. In: Proc. Of 22Th annual symposium on foundations of computer science. IEEE Computer Society press, Los Alamitos (1981)
Smith, S., Weingart, S.: Building a high-performance, programmable secure coprocessor. Computer Networks 31, 831–860 (1999)
Trusted Computing Group: TCG specification architecture overview. Technical Report Rev 1.2, Trusted Computing Group (April 28, 2004)
IBM: Ibm extends enhanced data security to consumer electronics products. Technical Report, http://www.cio.com/article/20075/IBM_to_Offer_Chip_Based_Encryption_for_PCs_PDAs
Alkassar, A., Scheibel, M., Sadeghi, A.R., Stüble, C., Winandy, M.: Security architecture for device encryption and vpn. In: Proc. of Information Security Solution Europe (ISSE) (2006)
Sadeghi, A.R., Stüble, C., Pohlmann, N.: European Multilateral Secure Computing Base - Open Trusted Computing for You and Me. In: Datenschutz und Datensicherheit (DUD), pp. 548–554. Vieweg Verlag (2004)
Alves-Foss, J., Taylor, C., Oman, P.: A multi-layered approach to security in high assurance systems. In: Proceedings of the 37th Annual Hawaii International Conference on System Sciences, Big Island, HI (January 2004)
Vanfleet, W.M., Beckwith, R.W., Calloni, B., Luke, J.A., Taylor, C., Uchenick, G.: Mils: Architecture for high assurance embedded computing. CrossTalk 18(8), 12–16 (2005)
Gleeson, B., Lin, A., Heinanen, J., Armitage, G., Malis, A.: A framework for ip based virtual private networks. Technical Report RFC 2764, IETF (February 2000)
Bell, D.E., Fiske, R.S., Gasser, M., Tasker, P.S.: Secure on-line processing technology - final report. Technical Report ESD–TR-74–186, The MITRE Corporation, Bedford, MA (August 1974)
Solutions, G.G.: XTS-400, STOP 6.0, User’s Manual. Getronics Government Solutions, LLC, Herndon, VA. Xtdoc0005-01 edn. (August 2002)
National Computer Security Center: Final Evaluation Report of Gemini Computers, Incorporated Gemini Trusted Network Processor, Version 1.01 (June 28, 1995)
Gligor, V., Burch, E., Chandersekaran, G., Chapman, R., Dotterer, L., Hecht, M., Jiang, W., Luckenbaugh, G., Vasudevan, N.: On the design and implementation of secure xenix workstations. In: IEEE Symposium on Security, pp. 102–117 (May 1986)
Bickel, R., Cook, M., Haney, J., Kerr, M., Parker, T.: Guide to Securing Microsoft Windows XP. National Security Agency (2002)
Burger, W., et al.: Remote trusted path mechanism for telnet. Number 07/150966 in Patent. International Business Machines Corporation, Armonk, NY (May 1989)
Xen User’s Manual. Xen v3.0 edn. University of Cambridge (2005)
Barham, P., et al.: Xen and the art of virtualization. In: Proc. Nineteenth ACM Symposium on Operating System Principles, pp. 164–177 (2003)
Epstein, J., et al.: Evolution of a trusted b3 window system prototype. In: Proc. of the 1992 IEEE Symposium on Research in Security and Privacy (May 1992)
Anderson, M., North, C., Griffin, J., Milner, R., Yesberg, J., Yiu, K.: Starlight: Interactive link. In: Proceedings 12th Computer Security Applications Conference, San Diego, CA (December 1996)
Epstein, J.: Fifteen years after tx: A look back at high assurance multi-level secure windowing. In: Computer Security Applications Conference. ACSAC 22nd Annual, pp. 301–320 (2006)
National Security Agency. Executive Summary of the End-to-End IA Component of the GIG Integrated Architecture. Version 1.0 edn. National Security Agency Information Assurance Directorate (April 2005)
Wolfowitz, P.: Global Information Grid (GIG) Overarching Policy, directive number 8100.1. U.S. Department of Defense (September 2002)
OASIS Emergency Data Exchange Language (EDXL) Distribution Element. v1.0 edn, http://docs.oasis-open.org/emergency/EDXL-DE/V1.0
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2009 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Levin, T.E. et al. (2009). Securing the Dissemination of Emergency Response Data with an Integrated Hardware-Software Architecture. In: Chen, L., Mitchell, C.J., Martin, A. (eds) Trusted Computing. Trust 2009. Lecture Notes in Computer Science, vol 5471. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-00587-9_9
Download citation
DOI: https://doi.org/10.1007/978-3-642-00587-9_9
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-00586-2
Online ISBN: 978-3-642-00587-9
eBook Packages: Computer ScienceComputer Science (R0)