120 likes | 136 Views
Group-Centric Information Sharing Ravi Sandhu Executive Director and Endowed Professor Institute for Cyber Security University of Texas at San Antonio www.ics.utsa.edu www.profsandhu.com. 1. Collaboration and Groups. Collaboration Systems. Group-Centric Information Sharing.
E N D
Group-Centric Information Sharing Ravi Sandhu Executive Director and Endowed Professor Institute for Cyber Security University of Texas at San Antonio www.ics.utsa.edu www.profsandhu.com 1
Collaboration and Groups Collaboration Systems Group-Centric Information Sharing Metaphor: Subscription • PC Meeting • Merger and Acquisition • Design Collaboration • Trouble-shooting Collaboration • Joint Proposal • Research Collaboration • …. Rich area for theory and practice Metaphor: Secure meeting room
Collaboration & Information Sharing • Collaboration requires Information Sharing • How else do you collaborate? • Share but Differentiate • How much can we differentiate within a collaboration and still meaningfully call it a collaboration? - Entirely bilateral sharing Too fragmented - Bilateral sharing with multi-step chains Where is the balance? Too uniform - Equal access for all collaborators
Where is the Balance? We have a proposal for Share but Differentiate “Equality” translates to the technical and semantic concept of a group with the metaphor of a secure meeting room What is the semantics/policy of a secure meeting room? “Differentiation” translates to groups and sub-groups combined recursively … Groups within Groups within Groups …
Divide and Conquer Initial investigation: single group Read only: actually add, remove and read We have some promising insights Read-Write: Object model Version constraints Just starting to investigate Multiple groups To be done
Group-Centric Sharing Subjects Subjects Strict Leave Strict Join Leave Join GROUP Authz (S,O,R)? Liberal Join LiberalLeave GROUP Authz (S,O,R)? Strict Add Strict Remove Add Remove Liberal Add Liberal Remove Objects Objects
Group-Centric Models • Core Properties • Required of any policy • Additional Properties • Level 1 cannot violate Core • Level 2 cannot violate Level 1 • … Level 2 Level 1 Core Properties
Core Properties Subjects 1. Overlapping Membership Property Leave Join GROUP Authz (S,O,R)? 2. Persistence Property 3. Liveness Properties (a) Add Remove Objects (b) 4. Safety Properties (a) (b)
Level 1 Subjects • Join Operations • Lossy Vs Lossless • Lose existing authorization(s) on Join • No lose on Join • Restorative Vs Non-Restorative • Restore authorizations from past membership(s) • No restoration from past • Leave Operations • Gainful Vs Gainless • Gain authorization(s) from past membership period • No such gain • Restorative Vs Non-Restorative • Restore authorization(s) from prior to Join • No such restoration Leave Join GROUP Authz (S,O,R)? Add Remove Objects Level 1 properties for Add and Remove? Fix Level 1 Operations: Lossless Join, Gainless Leave Non-Restorative Join & Leave
Level 2 Allow any combination of Level 2 operations Add after Join Add before Join
Read-Write Work in progress Object Model Version Constraint Model
Conclusion Principles: Share but Differentiate … Groups within Groups within Groups … Temporal aspect is critical for policy and semantics of groups for information sharing Partners in this venture Ram Krishnan, Doctoral candidate, GMU Jianwei Niu, Asst. Prof., UTSA CS & ICS W. Winsborough, Assoc. Prof., UTSA CS & ICS