![Page 1: Towards Secure Information Sharing Models for Community Cyber Security Ravi Sandhu, Ram Krishnan and Gregory B. White Institute for Cyber Security University](https://reader035.vdocuments.net/reader035/viewer/2022070305/55146391550346284e8b5a17/html5/thumbnails/1.jpg)
Towards Secure Information Sharing Models for Community Cyber Security
Ravi Sandhu, Ram Krishnan and Gregory B. WhiteInstitute for Cyber Security
University of Texas at San Antonio
![Page 2: Towards Secure Information Sharing Models for Community Cyber Security Ravi Sandhu, Ram Krishnan and Gregory B. White Institute for Cyber Security University](https://reader035.vdocuments.net/reader035/viewer/2022070305/55146391550346284e8b5a17/html5/thumbnails/2.jpg)
Secure Information Sharing (SIS)
• Share but protect
Saltzer-Schroeder1 identified the desirability and difficulty of maintaining:“some control over the user of the information even after it has been released”
1J. Saltzer and M. Schroeder. The protection of information in computersystems. Proceedings of IEEE, 63(9):1278–1308, 1975.
![Page 3: Towards Secure Information Sharing Models for Community Cyber Security Ravi Sandhu, Ram Krishnan and Gregory B. White Institute for Cyber Security University](https://reader035.vdocuments.net/reader035/viewer/2022070305/55146391550346284e8b5a17/html5/thumbnails/3.jpg)
SIS Major Challenges
• Policy Challenge– Modeling, specifying and enforcing SIS policies– Need intuitive yet formal models, guaranteed
security properties, etc.
• Containment Challenge– Ensure that protected information is accessible to
users as permitted by the policy– Security mechanisms such as authentication,
cryptography, trusted hardware, etc.
![Page 4: Towards Secure Information Sharing Models for Community Cyber Security Ravi Sandhu, Ram Krishnan and Gregory B. White Institute for Cyber Security University](https://reader035.vdocuments.net/reader035/viewer/2022070305/55146391550346284e8b5a17/html5/thumbnails/4.jpg)
Community Cyber Security
• Community refers to a geographical area– E.g. county or a city with demarcated boundary
• The Center for Infrastructure Assurance and Security at UTSA conducts nation-wide cyber security preparedness exercises and training– communication– incident response– disaster recovery– business continuity– security awareness, etc.
![Page 5: Towards Secure Information Sharing Models for Community Cyber Security Ravi Sandhu, Ram Krishnan and Gregory B. White Institute for Cyber Security University](https://reader035.vdocuments.net/reader035/viewer/2022070305/55146391550346284e8b5a17/html5/thumbnails/5.jpg)
The Current Status…
• Exchange of business cards– No process exists for information sharing
• Technology is not the bottleneck– Resistance due to political/competitive reasons– Also want to avoid embarrassment• E.g. by sharing attack data
• Participants have no clue as to what to share and how to effectively specify what to share
![Page 6: Towards Secure Information Sharing Models for Community Cyber Security Ravi Sandhu, Ram Krishnan and Gregory B. White Institute for Cyber Security University](https://reader035.vdocuments.net/reader035/viewer/2022070305/55146391550346284e8b5a17/html5/thumbnails/6.jpg)
Requirements• Need abstract models– With rigorous mathematical foundations– Should ease administration
• Classic models are limited– Discretionary Access Control
• Too low-level to configure– Lattice-Based Access Control (E.g. Bell LaPadula)
• Rigid• One directional info flow is not the primary concern
– Lot of work on Dynamic Coalitions• Many times heavy-weight• Mainly focus on technological/infrastructural integration
![Page 7: Towards Secure Information Sharing Models for Community Cyber Security Ravi Sandhu, Ram Krishnan and Gregory B. White Institute for Cyber Security University](https://reader035.vdocuments.net/reader035/viewer/2022070305/55146391550346284e8b5a17/html5/thumbnails/7.jpg)
Life-Cycle of a Cyber IncidentSecure Sharing in a Community
Core Group
Incident Group
Open Group
Conditional Membership
Automatic Membership
Administered
Membership
Filtered RW
Administered Membership
Filtered RW
Administered Membership
Domain Experts
![Page 8: Towards Secure Information Sharing Models for Community Cyber Security Ravi Sandhu, Ram Krishnan and Gregory B. White Institute for Cyber Security University](https://reader035.vdocuments.net/reader035/viewer/2022070305/55146391550346284e8b5a17/html5/thumbnails/8.jpg)
Life-Cycle of Cyber IncidentSecure Sharing in Community (contd)
Core Group
Incident Groups
Open Group
g1
g2
g3
Automatic Membership
Conditional Membership
Conditional Membership
Conditional
Membership
FilteredRead
FilteredWrite
Domain Experts
Administered Membership
Administered
Membership
Administered
Membership
![Page 9: Towards Secure Information Sharing Models for Community Cyber Security Ravi Sandhu, Ram Krishnan and Gregory B. White Institute for Cyber Security University](https://reader035.vdocuments.net/reader035/viewer/2022070305/55146391550346284e8b5a17/html5/thumbnails/9.jpg)
A Family of Group-Centric SIS Models
g-SIS Models
Isolated
ConnectedIsolated
+ABAC
Connected + ABAC
• Isolated– Users and objects are isolated– Membership in one group has no
impact on authorizations in another group
• Connected– Membership in one group impacts
authorization in another– E.g. Subordination, conditional
membership, mutual exclusion, etc.
• Attribute-Based Access Control– For fine-grained authorization
![Page 10: Towards Secure Information Sharing Models for Community Cyber Security Ravi Sandhu, Ram Krishnan and Gregory B. White Institute for Cyber Security University](https://reader035.vdocuments.net/reader035/viewer/2022070305/55146391550346284e8b5a17/html5/thumbnails/10.jpg)
Conclusion
• SIS is still an open problem• Technology is relatively under control• Policy specification is key to SIS– Clear, usable and friendly policies can overcome
political and competitive barriers to SIS
• One size does not fit all– Domain and application specific modeling and
analysis is needed
![Page 11: Towards Secure Information Sharing Models for Community Cyber Security Ravi Sandhu, Ram Krishnan and Gregory B. White Institute for Cyber Security University](https://reader035.vdocuments.net/reader035/viewer/2022070305/55146391550346284e8b5a17/html5/thumbnails/11.jpg)
Backup
![Page 12: Towards Secure Information Sharing Models for Community Cyber Security Ravi Sandhu, Ram Krishnan and Gregory B. White Institute for Cyber Security University](https://reader035.vdocuments.net/reader035/viewer/2022070305/55146391550346284e8b5a17/html5/thumbnails/12.jpg)
g-SIS and LBAC
A sample lattice for one directional information flow
Equivalent g-SIS configuration of Org A lattice
1. Read Subordination2. Write Subordination3. Subject Create
Subordination
![Page 13: Towards Secure Information Sharing Models for Community Cyber Security Ravi Sandhu, Ram Krishnan and Gregory B. White Institute for Cyber Security University](https://reader035.vdocuments.net/reader035/viewer/2022070305/55146391550346284e8b5a17/html5/thumbnails/13.jpg)
Agile Collaboration
Agile collaboration in LBAC enabled by g-SIS
1. Read Subordination2. Write Subordination3. Subject Create
Subordination
![Page 14: Towards Secure Information Sharing Models for Community Cyber Security Ravi Sandhu, Ram Krishnan and Gregory B. White Institute for Cyber Security University](https://reader035.vdocuments.net/reader035/viewer/2022070305/55146391550346284e8b5a17/html5/thumbnails/14.jpg)
Agile Collaboration (continued)
Collaboration groups established between two different lattices
1. Read Subordination2. Write Subordination3. Subject Create
Subordination
![Page 15: Towards Secure Information Sharing Models for Community Cyber Security Ravi Sandhu, Ram Krishnan and Gregory B. White Institute for Cyber Security University](https://reader035.vdocuments.net/reader035/viewer/2022070305/55146391550346284e8b5a17/html5/thumbnails/15.jpg)
Domain and Type Enforcement and g-SIS
A sample DTE matrix
Equivalent g-SIS configuration
1. Read Subordination2. Write Subordination3. Subject Create
Subordination
![Page 16: Towards Secure Information Sharing Models for Community Cyber Security Ravi Sandhu, Ram Krishnan and Gregory B. White Institute for Cyber Security University](https://reader035.vdocuments.net/reader035/viewer/2022070305/55146391550346284e8b5a17/html5/thumbnails/16.jpg)
RBAC0 and g-SIS
RBAC0 with RW permissions in g-SIS
1. Read Subordination2. Write Subordination3. Subject Create
Subordination4. Subject Move
Subordination