Advertisement

Cloud-Centric Assured Information Sharing

  • Bhavani Thuraisingham
  • Vaibhav Khadilkar
  • Jyothsna Rachapalli
  • Tyrone Cadenhead
  • Murat Kantarcioglu
  • Kevin Hamlen
  • Latifur Khan
  • Farhan Husain
Part of the Lecture Notes in Computer Science book series (LNCS, volume 7299)

Abstract

In this paper we describe the design and implementation of cloud-based assured information sharing systems. In particular, we will describe our current implementation of a centralized cloud-based assured information sharing system and the design of a decentralized hybrid cloud-based assured information sharing system of the future. Our goal is for coalition organizations to share information stored in multiple clouds and enforce appropriate policies.

Keywords

Access Control Query Processing Resource Description Framework Security Policy Domain Ontology 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    NSA Pursues Intelligence-Sharing Architecture, http://www.informationweek.com/news/government/cloud-saas/229401646
  2. 2.
    DoD Information Enterprise Strategic Plan (2010-2012), http://cio-nii.defense.gov/docs/DodIESP-r16.pdf
  3. 3.
    Department of Defense Information Sharing Strategy (2007), http://dodcio.defense.gov/docs/InfoSharingStrategy.pdf
  4. 4.
    DoD Embraced Cloud Computing, http://www.defensemarket.com/?p=67
  5. 5.
    Finin, T., Joshi, A., Kargupta, L., Yesha, Y., Sachs, J., Bertino, E., Li, N., Clifton, C., Spafford, G., Thuraisingham, B., Kantarcioglu, M., Bensoussan, A., Berg, N., Khan, L., Han, J., Zhai, C., Sandhu, R., Xu, S., Massaro, J., Adamic, L.: Assured Information Sharing Life Cycle. In: Proc. Intelligence and Security Informatics (2009)Google Scholar
  6. 6.
    Thuraisingham, B., Kumar, H., Khan, L.: Design and Implementation of a Framework for Assured Information Sharing Across Organizational Bounda-ries. Journal of Information Security and Privacy (2008)Google Scholar
  7. 7.
    Awad, M., Khan, L., Thuraisingham, B.: Policy Enforcement System for Inter-Organizational Data Sharing. Journal of Information Security and Privacy 4(3) (2010)Google Scholar
  8. 8.
    Rao, P., Lin, D., Bertino, E., Li, N., Lobo, J.: EXAM: An Environment for Access Control Policy Analysis and Management. In: Proc. POLICY 2008 (2008)Google Scholar
  9. 9.
    Thuraisingham, B., Khadilkar, V., Gupta, A., Kantarcioglu, M., Khan, L.: Secure Data Storage and Retrieval in the Cloud. In: CollaborateCom 2010 (2010)Google Scholar
  10. 10.
    Thuraisingham, B., Khadilkar, V.: Assured Information Sharing in the Cloud, UTD Tech. Report (September 2011)Google Scholar
  11. 11.
    Cadenhead, T., Khadilkar, V., Kantarcioglu, M., Thuraisingham, B.: Transforming provenance using redaction. In: Proc. ACM SACMAT (2011)Google Scholar
  12. 12.
    Husain, M.F., McGlothlin, J., Masud, M., Khan, L., Thuraisingham, B.: Heuristics-Based Query Processing for Large RDF Graphs Using Cloud Computing. IEEE Trans. Knowl. Data Eng. 23 (2011)Google Scholar
  13. 13.
    Jones, Hamlen: Disambiguating aspect-oriented security policies. In: Proc. 9th Int. Conf. Aspect-Oriented Software Development, pp. 193–204 (2010)Google Scholar
  14. 14.
    Jones, M., Hamlen, K.: A service-oriented approach to mobile code security. In: Proc. 8th Int. Conf. Mobile Web Information Systems (2011)Google Scholar
  15. 15.
    Hamlen, K., Morrisett, G., Schneider, F.: Computability classes for en-forcement mechanisms. ACM Trans. Prog. Lang. and Systems 28(1), 175–205 (2006)CrossRefGoogle Scholar
  16. 16.
    Hamlen, K., Morrisett, G., Schneider, F.: Certified in-lined reference monitoring on.NET. In: Proc. ACM Workshop on Prog. Lang. and Analysis for Security, pp. 7–16 (2006)Google Scholar
  17. 17.
    Guo, Y., Heflin, J.: LUBM: A Benchmark for OWL Knowledge Base Systems. Web Semantics 3 (2005)Google Scholar
  18. 18.
    Sridhar, M., Hamlen, K.W.: Model-Checking In-Lined Reference Monitors. In: Barthe, G., Hermenegildo, M. (eds.) VMCAI 2010. LNCS, vol. 5944, pp. 312–327. Springer, Heidelberg (2010)CrossRefGoogle Scholar
  19. 19.
  20. 20.
    Zql: a Java SQL parser, http://www.gibello.com/code/zql/
  21. 21.
    Thusoo, A., Sharma, J., Jain, N., Shao, Z., Chakka, P., Anthony, S., Liu, H., Wyckoff, P., Murthy, R.: Hive - A Warehousing Solution Over a Map-Reduce Framework. In: PVLDB (2009)Google Scholar
  22. 22.
    Khadilkar, V., Kantarcioglu, M., Thuraisingham, B., Mehrotra, S.: Secure Data Processing in a Hybrid Cloud Proc. CoRR abs/1105.1982 (2011)Google Scholar
  23. 23.
    Hamlen, K., Kantarcioglu, M., Khan, L., Thuraisingham, B.: Security Issues for Cloud Computing. Journal of Information Security and Privacy 4(2) (2010)Google Scholar
  24. 24.
    Khaled, A., Husain, M., Khan, L., Hamlen, K., Thuraisingham, B.: A To-ken-Based Access Control System for RDF Data in the Clouds. In: CloudCom 2010 (2010)Google Scholar
  25. 25.
    Cadenhead, T., De Meuter, W., Thuraisingham, B.: Scalable and Efficient Reasoning for Enforcing Role-Based Access Control. In: Foresti, S., Jajodia, S. (eds.) Data and Applications Security XXIV. LNCS, vol. 6166, pp. 209–224. Springer, Heidelberg (2010)CrossRefGoogle Scholar
  26. 26.
    Cadenhead, T., Khadilkar, V., Kantarcioglu, M., Thuraisingham, B.: A language for provenance access control. In: Proc. ACM CODASPY 2011 (2011)Google Scholar
  27. 27.
    Carminati, B., Ferrari, E., Heatherly, R., Kantarcioglu, M., Thuraisingham, B.: A semantic web based framework for social network access control. In: SACMAT 2009 (2009)Google Scholar
  28. 28.
    Kantarcioglu, M.: Incentive-based Assured Information Sharing. AFOSR MURI Review (October 2010)Google Scholar
  29. 29.
    Celikel, E., Kantarcioglu, M., Thuraisingham, B., Bertino, E.: Managing Risks in RBAC Employed Distributed Environments. In: Meersman, R. (ed.) OTM 2007, Part II. LNCS, vol. 4804, pp. 1548–1566. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  30. 30.
    Hamlen, K., Mohan, V., Wartell, R.: Reining in Windows API abuses with in-lined reference monitors. Tech. Rep. UTDCS-18-10, Comp. Sci. Dept., U. Texas at Dallas (2010)Google Scholar
  31. 31.
    Talbot, D.: How Secure is Cloud Computing?, http://www.technologyreview.com/computing/23951/
  32. 32.
    O’Malley, O., Zhang, K., Radia, S., Marti, R., Harrell, C.: Hadoop Security Design, http://bit.ly/75011o
  33. 33.
    Amazon Web Services: Overview of Security Processes, http://awsmedia.s3.amazonaws.com/pdf/AWSSecurityWhitepaper.pdf
  34. 34.
    Marshall, A., Howard, M., Bugher, G., Harden, B.: Security best practices in developing Windows Azure Applications, Microsoft Corp. (2010)Google Scholar
  35. 35.
    BioMANTA: Modelling and Analysis of Biological Network Activity, http://www.itee.uq.edu.au/reresearch/projects/biomanta
  36. 36.
  37. 37.
    Ding, L., Finin, T., Peng, Y., da Silva, P., Mcguinness, D.: Tracking RDF Graph Provenance using RDF Molecules. In: Proc. International Semantic Web Conference (2005)Google Scholar
  38. 38.
    Newman, A., Hunter, J., Li, Y., Bouton, C., Davis, M.: A Scale-Out RDF Molecule Store for Distributed Processing of Biomedical Data. In: Semantic Web for Health Care and Life Sciences Workshop, WWW 2008 (2008)Google Scholar
  39. 39.
    Carminati, B., Ferrari, E., Thuraisingham, B.: Using RDF for policy specification and enforcement. In: DEXA 2004 (2004)Google Scholar
  40. 40.
    Jain, A., Farkas, C.: Secure resource description framework: an access control model. In: ACM SACMAT 2006 (2006)Google Scholar
  41. 41.
    Uszok, A., Bradshaw, J., Johnson, R., Jeffers, M., Tate, A., Dalton, J., Aitken, S.: KAoS policy management for semantic web services. Intelligent Systems (2004)Google Scholar
  42. 42.
    Kagal, L.: Rei: A policy language for the me-centric project. In, HP Labs (2002), accessible online, http://www.hpl.hp.com/techreports/2002/HPL-2002-270.html
  43. 43.
    Khandelwal, A., Bao, J., Kagal, L., Jacobi, I., Ding, L., Hendler, J.: Analyzing the AIR Language: A Semantic Web (Production) Rule Language. In: Hitzler, P., Lukasiewicz, T. (eds.) RR 2010. LNCS, vol. 6333, pp. 58–72. Springer, Heidelberg (2010)CrossRefGoogle Scholar
  44. 44.
    Reddivari, P., Finin, T., Joshi, A.: Policy-based access control for an RDF store. In: Policy Management for the Web, IJCAI Workshop (2005)Google Scholar
  45. 45.
    UTD Semantic Web Repository, http://cs.utdallas.edu/semanticweb/
  46. 46.
    Castagna, P., Seaborne, A., Dollin, C.: A Parallel Processing Framework for RDF Design and Issues. Technical report, HP Laboratories (2009)Google Scholar
  47. 47.
    Choi, H., Son, J., Cho, Y., Sung, M., Chung, Y.: SPIDER: A System for Scalable, Parallel / Distributed Evaluation of large-scale RDF Data. In: Proceedings ACM CIKM (2009)Google Scholar
  48. 48.
    Abraham, J., Brazier, P., Chebotko, A., Navarro, J., Piazza, A.: Distributed Storage and Querying Techniques for a Semantic Web of Scientific Workflow Provenance. In: Proceedings IEEE SCC (2010)Google Scholar
  49. 49.
    Aberer, K., Cudré-Mauroux, P., Hauswirth, M., Van Pelt, T.: GridVine: Building Internet-Scale Semantic Overlay Networks. In: McIlraith, S.A., Plexousakis, D., van Harmelen, F. (eds.) ISWC 2004. LNCS, vol. 3298, pp. 107–121. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  50. 50.
    Cai, M., Frank, M.: RDFPeers: a scalable distributed RDF repository based on a structured peer-to-peer network. In: Proceedings ACM WWW (2004)Google Scholar
  51. 51.
    Harth, A., Umbrich, J., Hogan, A., Decker, S.: YARS2: A Federated Reposi-tory for Searching and Querying Graph Structured Data. Technical report, DERI (2007)Google Scholar
  52. 52.
    Della Valle, E., Turati, A., Ghioni, A.: PAGE: A Distributed Infrastructure for Fostering RDF-Based Interoperability. In: Eliassen, F., Montresor, A. (eds.) DAIS 2006. LNCS, vol. 4025, pp. 347–353. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  53. 53.
    Distributed Reasoning: Seamless integration and processing of distributed knowledge, http://www.integrail.eu/documents/fs04.pdf
  54. 54.
    Urbani, J.: Scalable Distributed Reasoning using MapReduce, http://www.few.vu.nl/~jui200/papers/ISWC09-Urbani.pdf
  55. 55.
    Cirio, L., Cruz, I., Tamassia, R.: A Role and Attribute Based Access Con-trol System Using Semantic Web Technologies. In: IFIP Workshop on Semantic Web and Web Semantics (2007)Google Scholar
  56. 56.
    Reul, Q., Zhao, G., Meersman, R.: Ontology-based access control policy inter-operability. In: Proc. 1st Conference on Mobility, Individualisation, Socialisation and Connectivity, MISC 2010 (2010)Google Scholar
  57. 57.
    Andersen, B., Neuhaus, F.: An ontological approach to information access control and provenance. In: Proceedings of Ontology for the Intelligence Community, Fairfax, VA (October 2009)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2012

Authors and Affiliations

  • Bhavani Thuraisingham
    • 1
  • Vaibhav Khadilkar
    • 1
  • Jyothsna Rachapalli
    • 1
  • Tyrone Cadenhead
    • 1
  • Murat Kantarcioglu
    • 1
  • Kevin Hamlen
    • 1
  • Latifur Khan
    • 1
  • Farhan Husain
    • 1
  1. 1.The University of Texas at DallasRichardsonUSA

Personalised recommendations