Abstract
Assured Information Sharing (AIS) is a framework that allows cooperating organizations to share information in a manner that respects the privacy, confidentiality and security of the data of each individual in each organization. In this chapter, we present an overview of AIS by detailing the motivations behind AIS, a goal-oriented architecture for AIS and challenges that must be overcome before the adoption of AIS. In addition, we present historical as well as recent research advances that have been made towards addressing the challenges that lie within an AIS framework. Finally, we describe the details of two novel cloud-based AIS implementations that support the high availability, scalability, agility and efficiency required for realizing the vision of AIS.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
af.mil, Air Force Distributted Common Ground System (DCGS). http://goo.gl/qLkFc
Agrawal, R., Srikant, R.: Privacy-preserving data mining. In: Proceedings of the 2000 ACM SIGMOD International Conference on Management of Data, SIGMOD’00, Dallas, pp. 439–450. ACM, New York (2000). doi:10.1145/342009.335438
Agrawal, R., Kiernan, J., Srikant, R., Xu, Y.: Hippocratic databases. In: Proceedings of the 28th International Conference on Very Large Data Bases, VLDB’02, Hong Kong. VLDB Endowment, pp. 143–154 (2002)
Agrawal, D., Giles, J., Lee, K.W., Lobo, J.: Policy ratification. In: Proceedings of the 6th IEEE International Workshop on Policies for Distributed Systems and Networks, POLICY’05, Stockholm, pp. 223–232. IEEE Computer Society, Washington, DC (2005). doi:10.1109/POLICY.2005.25
Anderson, T.E.: dtic.mil, Making GIG information assurance better through portfolio management. http://goo.gl/RTSS3 (2008)
apache.org, Apache Hadoop. http://goo.gl/tnkf
apache.org, Apache HBase. http://goo.gl/2kbIQ
apache.org, Apache Hive. http://goo.gl/Jxwgx
apache.org, Apache Jena. http://goo.gl/l5mYK
apache.org, Apache Jena, SDB – persistent triple stores using relational databases. http://goo.gl/QCO8L
Astrahan, M.M., Blasgen, M.W., Chamberlin, D.D., Eswaran, K.P., Gray, J.N., Griffiths, P.P., King, W.F., Lorie, R.A., McJones, P.R., Mehl, J.W., Putzolu, G.R., Traiger, I.L., Wade, B.W., Watson, V.: System R: relational approach to database management. ACM Trans. Database Syst. 1(2), 97–137 (1976). doi:10.1145/320455.320457
Backes, M., Karjoth, G., Bagga, W., Schunter, M.: Efficient comparison of enterprise privacy policies. In: Proceedings of the 2004 ACM Symposium on Applied Computing, SAC’04, Nicosia, pp. 375–382. ACM, New York (2004). doi:10.1145/967900.967983
Bacon, J., Moody, K., Yao, W.: A model of OASIS role-based access control and its support for active security. ACM Trans. Inf. Syst. Secur. 5(4), 492–540 (2002). doi:10.1145/581271.581276
Bates, A., Mood, B., Valafar, M., Butler, K.: Towards secure provenance-based access control in cloud environments. In: Proceedings of the 3rd ACM Conference on Data and Application Security and Privacy, CODASPY’13, San Antonio, pp. 277–284. ACM, New York (2013). doi:10.1145/2435349.2435389
Bell, D.E., LaPadula, L.J.: nist.gov, Secure computer systems: unified exposition and multics interpretation. http://goo.gl/uVC7c (1976)
Bertino, E., Haas, L.M.: Views and security in distributed database management systems. In: Proceedings of the 1988 International Conference on Extending Database Technology: Advances in Database Technology, EDBT’88, Venice, pp. 155–169. Springer, London (1988)
Bertino, E., Sandhu, R.: Database security-concepts, approaches, and challenges. IEEE Trans. Dependable Secure Comput. 2(1), 2–19 (2005). doi:10.1109/TDSC.2005.9
Bertino, E., Samarati, P., Jajodia, S.: An extended authorization model for relational databases. IEEE Trans. Knowl. Data Eng. 9(1), 85–101 (1997). doi:10.1109/69.567051
Bertino, E., Bettini, C., Ferrari, E., Samarati, P.: An access control model supporting periodicity constraints and temporal reasoning. ACM Trans. Database Syst. 23(3), 231–285 (1998). doi:10.1145/293910. 293151
Bertino, E., Bonatti, P.A., Ferrari, E.: TRBAC: a temporal role-based access control model. ACM Trans. Inf. Syst. Secur. 4(3), 191–233 (2001). doi:10.1145/501978.501979
Bertino, E., Castano, S., Ferrari, E.: Securing XML documents with Author-X. IEEE Internet Comput. 5(3), 21–31 (2001). doi:10.1109/ 4236.935172
Bonatti, P.A., Samarati, P.: A uniform framework for regulating service access and information release on the web. J. Comput. Secur. 10(3), 241–271 (2002)
Bonatti, P., De Capitani di Vimercati, S., Samarati, P.: An algebra for composing access control policies. ACM Trans. Inf. Syst. Secur. 5(1), 1–35 (2002). doi:10.1145/504909.504910
Bulatov, A.A.: Complexity of conservative constraint satisfaction problems. ACM Trans. Comput. Logic 12(4), 24:1–24:66 (2011). doi:10. 1145/1970398.1970400
Cadenhead, T., Khadilkar, V., Kantarcioglu, M., Thuraisingham, B.: Transforming provenance using redaction. In: Proceedings of the 16th ACM Symposium on Access Control Models and Technologies, SACMAT’11, Innsbruck, pp. 93–102. ACM, New York (2011). doi:10. 1145/1998441.1998456
Cadenhead, T., Khadilkar, V., Kantarcioglu, M., Thuraisingham, B.: A language for provenance access control. In: Proceedings of the 1st ACM Conference on Data and Application Security and Privacy, CODASPY’11, San Antonio, pp. 133–144. ACM, New York (2011). doi:10.1145/1943513.1943532
Cadenhead, T., Kantarcioglu, M., Khadilkar, V., Thuraisingham, B.: Design and implementation of a cloud-based assured information sharing system. In: Proceedings of the 6th International Conference on Mathematical Methods, Models and Architectures for Computer Network Security, MMM-ACNS’12, St. Petersburg, pp. 36–50. Springer, Berlin/Heidelberg (2012). doi:10.1007/978-3-642-33704-8_4
Cadenhead, T., Khadilkar, V., Kantarcioglu, M., Thuraisingham, B.: A cloud-based RDF policy engine for assured information sharing. In: Proceedings of the 17th ACM Symposium on Access Control Models and Technologies, SACMAT’12, Newark, pp. 113–116. ACM, New York (2012). doi:10.1145/2295136.2295157
Cadenhead, T., Khadilkar, V., Kantarcioglu, M., Thuraisingham, B.: A general purpose RDF policy engine for assured information sharing. Technical report, University of Texas at Dallas (2012)
cgisecurity.com, The virtual private database in Oracle9iR2. http://goo.gl/Lijl1 (2002)
Chang, F., Dean, J., Ghemawat, S., Hsieh, W.C., Wallach, D.A., Burrows, M., Chandra, T., Fikes, A., Gruber, R.E.: Bigtable: a distributed storage system for structured data. ACM Trans. Comput. Syst. 26(2), 4:1–4:26 (2008). doi:10.1145/1365815.1365816
Clifton, C.: Using sample size to limit exposure to data mining. J. Comput. Secur. 8(4), 281–307 (2000)
Codd, E.F.: A relational model of data for large shared data banks. Commun. ACM 26(1), 64–69 (1983). doi:10.1145/357980.358007
Corradini, A., Montanari, U., Rossi, F., Ehrig, H., Heckel, R., Löwe, M.: Algebraic approaches to graph transformation – part i: basic concepts and double pushout approach. In: Rozenberg, G. (ed.) Handbook of Graph Grammars, pp. 163–246. World Scientific, Singapore (1997)
Crampton, J., Loizou, G.: Administrative scope: a foundation for role-based administrative models. ACM Trans. Inf. Syst. Secur. 6(2), 201–231 (2003). doi:10.1145/762476.762478
Damiani, E., De Capitani di Vimercati, S., Paraboschi, S., Samarati, P.: A fine-grained access control system for XML documents. ACM Trans. Inf. Syst. Secur. 5(2), 169–202 (2002). doi:10.1145/505586.505590
Dean, J., Ghemawat, S.: MapReduce: simplified data processing on large clusters. Commun. ACM 51(1), 107–113 (2008). doi:10.1145/ 1327452.1327492
defense.gov, Department of Defense Information sharing strategy. http://goo.gl/3IcDm (2007)
defense.gov, The Department of Defense’s Global Information Grid (GIG) architectural vision. http://goo.gl/Ph6Kd (2007)
defense.gov, Department of Defense Information enterprise strategic plan. http://goo.gl/3eA65 (2010–2012)
defensemarket.com, Department of Defense Embraces cloud computing. http://goo.gl/FrPuF (2009)
dtic.mil, DCGS Integration Backbone (DIB) v4.0 overview. http://goo.gl/6KYKr (2012)
Durham, E., Xu, Y., Kantarcioglu, M., Malin, B.: Private medical record linkage with approximate linkage. In: American Medical Informatics Association Annual Symposium, Washington, DC (2010)
Durham, E., Xue, Y., Kantarcioglu, M., Malin, B.: Quantifying the correctness, computational complexity, and security of privacy-preserving string comparators for record linkage. J. Inf. Fusion 13(4), 245–259 (2012). doi:10.1016/j.inffus.2011.04.004
Ehrig, H., Ehrig, K., Prange, U., Taentzer, G.: Fundamentals of Algebraic Graph Transformation. Monographs in Theoretical Computer Science. An EATCS Series. Springer, Secaucus (2006)
Emam, K.E., Hu, J., Mercer, J., Peyton, L., Kantarcioglu, M., Malin, B., Buckeridge, D., Samet, S., Earle, C.: A secure protocol for protecting the identity of providers when disclosing data for disease surveillance. J. Am. Med. Inf. Assoc. 18(3), 212–217 (2011). doi:10. 1136/amiajnl-2011-000100
Fagin, R.: On an authorization mechanism. ACM Trans. Database Syst. 3(3), 310–319 (1978). doi:10.1145/320263.320288
Ferraiolo, D., Kuhn, R.: Role-based access control. In: Proceedings of the 15th NIST-NCSC National Computer Security Conference, Baltimore, pp. 554–563 (1992)
Ferrini, R., Bertino, E.: Supporting RBAC with XACML+OWL. In: Proceedings of the 14th ACM Symposium on Access Control Models and Technologies, SACMAT’09, pp. 145–154. ACM, New York (2009). doi:10.1145/1542207.1542231
Finin, T., Joshi, A., Kagal, L., Niu, J., Sandhu, R., Winsborough, W., Thuraisingham, B.: ROWLBAC: representing role based access control in OWL. In: Proceedings of the 13th ACM Symposium on Access Control Models and Technologies, SACMAT’08, Estes Park, pp. 73–82. ACM, New York (2008). doi:10.1145/1377836.1377849
Finin, T., Joshi, A., Kargupta, H., Yesha, Y., Sachs, J., Bertino, E., Li, N., Clifton, C., Spafford, G., Thuraisingham, B., Kantarcioglu, M., Bensoussan, A., Berg, N., Khan, L., Han, J., Zhai, C., Sandhu, R., Xu, S., Massaro, J., Adamic, L.: Assured information sharing life cycle. In: Proceedings of the 2009 IEEE International Conference on Intelligence and Security Informatics, ISI’09, Richardson, pp. 307–309. IEEE, Piscataway (2009)
Fisler, K., Krishnamurthi, S., Meyerovich, L.A., Tschantz, M.C.: Verification and change-impact analysis of access-control policies. In: Proceedings of the 27th International Conference on Software Engineering, ICSE’05, St. Louis, pp. 196–205. ACM, New York (2005). doi:10.1145/1062455.1062502
Ghemawat, S., Gobioff, H., Leung, S.T.: The Google file system. In: Proceedings of the 9th ACM Symposium on Operating Systems Principles, SOSP’03, Bolton Landing, pp. 29–43. ACM, New York (2003). doi:10.1145/945445.945450
github.com, Hbase-rdf. http://goo.gl/4DxN5
Gray, J.: The transaction concept: virtues and limitations (invited paper). In: Proceedings of the 7th International Conference on Very Large Data Bases, VLDB’81, Cannes. VLDB Endowment, vol. 7, pp. 144–154 (1981)
Griffiths, P.P., Wade, B.W.: An authorization mechanism for a relational database system. ACM Trans. Database Syst. 1(3), 242–255 (1976). doi:10.1145/320473.320482
informationweek.com, NSA pursues intelligence-sharing architecture. http://goo.gl/LYrRX (2011)
jasypt.org, Java simplified encryption. http://goo.gl/htlXQ
jena.apache.org, Jena architecture overview. http://goo.gl/cbfnZ
Joshi, J., Bertino, E., Latif, U., Ghafoor, A.: A generalized temporal role-based access control model. IEEE Trans. Knowl. Data Eng. 17(1), 4–23 (2005). doi:10.1109/TKDE.2005.1
Kagal, L., Finin, T., Joshi, A.: A policy language for a pervasive computing environment. In: Proceedings of the 4th IEEE International Workshop on Policies for Distributed Systems and Networks, POLICY’03, Lake Como, pp. 63–74. IEEE Computer Society, Washington, DC (2003)
Kantarcioglu, M., Clifton, C.: Privacy-preserving distributed mining of association rules on horizontally partitioned data. IEEE Trans. Knowl. Data Eng. 16(9), 1026–1037 (2004). doi:10.1109/TKDE.2004.45
Kantarcioglu, M., Jiang, W.: Incentive compatible privacy-preserving data analysis. IEEE Trans. Knowl. Data Eng. (99) (2012). doi:10.1109/ TKDE.2012.61
Kantarcioglu, M., Kardes, O.: Privacy-preserving data mining in the malicious model. ACM Trans. Inf. Syst. Secur. 2(4), 353–375 (2008). doi:10.1504/IJICS.2008.022488
Kantarcioglu, M., Nix, R., Vaidya, J.: An efficient approximate protocol for privacy-preserving association rule mining. In: Proceedings of the 13th Pacific-Asia Conference on Advances in Knowledge Discovery and Data Mining, PAKDD’09, Bangkok, pp. 515–524. Springer, Berlin/Heidelberg (2009). doi:10.1007/978-3-642-01307-2_48
Kantarcioglu, M., Bensoussan, A., Hoe, S.: When do firms invest in privacy-preserving technologies? In: Proceedings of the 1st International Conference on Decision and Game Theory for Security, GameSec’10, Berlin, pp. 72–86. Springer, Berlin/Heidelberg (2010)
Kantarcioglu, M., Bensoussan, A., Hoe, S.: Investment in privacy-preserving technologies under uncertainty. In: Proceedings of the 2nd International Conference on Decision and Game Theory for Security, GameSec’11, College Park, pp. 219–238. Springer, Berlin/Heidelberg (2011). doi:10.1007/978-3-642-25280-8_17
Kargupta, H., Datta, S., Wang, Q., Sivakumar, K.: On the privacy preserving properties of random data perturbation techniques. In: Proceedings of the 3rd IEEE International Conference on Data Mining, ICDM’03, Melbourne, pp. 99–106. IEEE Computer Society, Washington, DC (2003)
Kern, A., Kuhlmann, M., Kuropka, R., Ruthert, A.: A meta model for authorisations in application security systems and their integration into RBAC administration. In: Proceedings of the 9th ACM Symposium on Access Control Models and Technologies, SACMAT’04, Yorktown Heights, pp. 87–96. ACM, New York (2004). doi:10.1145/990036.990050
Khadilkar, V., Kantarcioglu, M., Castagna, P., Thuraisingham, B.: utdallas.edu, Jena-HBase: a distributed, scalable and efficient RDF triple store. Technical report, University of Texas at Dallas (2012)
Khadilkar, V., Kantarcioglu, M., Thuraisingham, B.M., Castagna, P.: Jena-HBase: a distributed, scalable and efficient RDF triple store. In: Proceedings of the 11th International Semantic Web Conference Posters & Demonstrations Track, ISWC-PD’12, Boston, pp. 85–88. CEUR-WS.org (2012)
Kirchberg, M., Link, S.: Hippocratic databases: extending current transaction processing approaches to satisfy the limited retention principle. In: Proceedings of the 43rd Hawaii International Conference on System Sciences, HICSS’10, Honolulu, pp. 1–10. IEEE Computer Society, Washington, DC (2010). doi:10.1109/HICSS.2010.220
Koch, M., Mancini, L.V., Parisi-Presicce, F.: Administrative scope in the graph-based framework. In: Proceedings of the 9th ACM Symposium on Access Control Models and Technologies, SACMAT’04, Yorktown Heights, pp. 97–104. ACM, New York (2004). doi:10.1145/ 990036.990051
Krishnan, R., Sandhu, R.: A hybrid enforcement model for group-centric secure information sharing. In: Proceedings of the 12th IEEE International Conference on Computational Science and Engineering, CSE’09, Vancouver, vol. 03, pp. 189–194. IEEE Computer Society, Washington, DC (2009). doi:10.1109/CSE.2009.397
Krishnan, R., Sandhu, R.: Authorization policy specification and enforcement for group-centric secure information sharing. In: Proceedings of the 7th International Conference on Information Systems Security, ICISS’11, Kolkata, pp. 102–115. Springer, Berlin/Heidelberg (2011). doi:10.1007/978-3-642-25560-1_7
Krishnan, R., Sandhu, R., Niu, J., Winsborough, W.H.: A conceptual framework for group-centric secure information sharing. In: Proceedings of the 4th International Symposium on Information, Computer, and Communications Security, ASIACCS’09, Sydney, pp. 384–387. ACM, New York (2009). doi:10.1145/1533057.1533111
Krishnan, R., Sandhu, R., Niu, J., Winsborough, W.H.: Foundations for group-centric secure information sharing models. In: Proceedings of the 14th ACM Symposium on Access Control Models and Technologies, SACMAT’09, Stresa, pp. 115–124. ACM, New York (2009). doi:10. 1145/1542207.1542227
Kudoh, M., Hirayama, Y., Hada, S., Vollschwitz, A.: Access control specification based on policy evaluation and enforcement model and specification language. In: SCIS, Okinawa (2002)
Kumaraswamy, S., Lakshminarayanan, S., Stein, M.R.J., Wilson, Y.: cloudsecurityalliance.org, Domain 12: Guidance for Identity & Access Management V2.1. http://goo.gl/Iwhaq (2010)
Kuzu, M., Kantarcioglu, M., Durham, E., Malin, B.: A constraint satisfaction cryptanalysis of bloom filters in private record linkage. In: Proceedings of the 11th International Conference on Privacy Enhancing Technologies, PETS’11, Waterloo, pp. 226–245. Springer, Berlin/Heidelberg (2011)
Layfield, R., Kantarcioglu, M., Thuraisingham, B.M.: Incentive and trust issues in assured information sharing. In: Proceedings of the 4th International Conference on Collaborative Computing: Networking, Applications and Worksharing, CollaborateCom’08, Orlando, pp. 113–125. Springer (2008). doi:10.1007/978-3-642-03354-4_10
Li, N., Mitchell, J.C.: DATALOG with constraints: a foundation for trust management languages. In: Proceedings of the 5th International Symposium on Practical Aspects of Declarative Languages, PADL’03, New Orleans, pp. 58–73. Springer, London (2003)
Li, N., Tripunitara, M.V.: Security analysis in role-based access control. ACM Trans. Inf. Syst. Secur. 9(4), 391–420 (2006). doi:10.1145/ 1187441.1187442
Li, N., Mitchell, J.C., Winsborough, W.H.: Design of a role-based trust-management framework. In: Proceedings of the 2002 IEEE Symposium on Security and Privacy, SP’02, Oakland, pp. 114–130. IEEE Computer Society, Washington, DC (2002)
Li, N., Grosof, B.N., Feigenbaum, J.: Delegation logic: a logic-based approach to distributed authorization. ACM Trans. Inf. Syst. Secur. 6(1), 128–171 (2003). doi:10.1145/605434.605438
Lin, D., Rao, P., Bertino, E., Li, N., Lobo, J.: EXAM: a comprehensive environment for the analysis of access control policies. Int. J. Inf. Secur. 9(4), 253–273 (2010). doi:10.1007/s10207-010-0106-1
lockheedmartin.com, distributed common ground system (dcgs). http://goo.gl/1dYox
Machanavajjhala, A., Gehrke, J., Kifer, D., Venkitasubramaniam, M.: l-Diversity: privacy beyond k-anonymity. In: ICDE, Atlanta, p. 24. IEEE (2006). doi:10.1109/ICDE.2006.1
Malone, P., McLaughlin, M., Leenes, R., Ferronato, P., Lockett, N., Guillen, P.B., Heistracher, T., Russello, G.: Endorse: a legal technical framework for privacy preserving data management. In: Proceedings of the 2010 Workshop on Governance of Technology, Information and Policies, GTIP’10, Austin, pp. 27–34. ACM, New York (2010). doi:10. 1145/1920320.1920325
Manna, Z., Pnueli, A.: The Temporal Logic of Reactive and Concurrent Systems – Specification. Springer, New York (1992)
Mitchell, T.M.: Machine Learning. McGraw Hill Series in Computer Science. McGraw-Hill, New York (1997)
Moss, J.E.: Nested Transactions: An Approach to Reliable Distributed Computing. MIT, Cambridge (1985)
Ni, Q., Xu, S., Bertino, E., Sandhu, R., Han, W.: An access control language for a general provenance model. In: Proceedings of the 6th VLDB Workshop on Secure Data Management, SDM’09, Lyon, pp. 68–88. Springer, Berlin/Heidelberg (2009). doi:10.1007/ 978-3-642-04219-5_5
nist.gov, Department of Defense Trusted computer system evaluation criteria, DOD5200.28-STD. http://goo.gl/wt4in (1975)
Nix, R., Kantarciouglu, M.: Incentive compatible privacy-preserving distributed classification. IEEE Trans. Dependable Secure Comput. 9(4) (2011). doi:10.1109/TDSC.2011.52
oasis-open.org, eXtensible Access Control Markup Language (XACML) version 3.0. http://goo.gl/m9hqv
Oliveira, S.R.M., Zaïane, O.R.: Privacy preserving frequent itemset mining. In: Proceedings of the IEEE International Conference on Privacy, Security and Data Mining, CRPIT’14, Maebashi City, vol. 14, pp. 43–54. Australian Computer Society, Darlinghurst (2002)
oracle.com, Java Platform, standard edition 7, API specification. http://goo.gl/lYUSS
Parikh, P.: Secured information integration with a semantic Web-based framework. Technical report, The University of Texas at Dallas (2009)
Rao, P., Lin, D., Bertino, E., Li, N., Lobo, J.: EXAM: an environment for access control policy analysis and management. In: Proceedings of the 9th IEEE Workshop on Policies for Distributed Systems and Networks, POLICY’08, Palisades, pp. 238–240. IEEE Computer Society, Washington, DC (2008). doi:10.1109/POLICY.2008.30
Reimer, J.: arstechnica.com, From BFS to ZFS: past, present, and future of file systems. http://goo.gl/44KTi (2008)
Rozenberg, G. (ed.): Handbook of Graph Grammars and Computing by Graph Transformations, Volume 1: Foundations. World Scientific, Singapore (1997)
Samarati, P., de Capitani di Vimercati, S.: Access control: policies, models, and mechanisms. In: Revised versions of lectures given during the IFIP WG 1.7 International School on Foundations of Security Analysis and Design on Foundations of Security Analysis and Design: Tutorial Lectures, FOSAD’00, Bertinoro, pp. 137–196. Springer, London (2001)
Samarati, P., Sweeney, L.: Generalizing data to provide anonymity when disclosing information (abstract). In: Proceedings of the 17th ACM SIGACT-SIGMOD-SIGART Symposium on Principles of Database Systems, PODS’98, Seattle, p. 188. ACM, New York (1998). doi:10.1145/275487.275508
Sandhu, R.S., Coyne, E.J., Feinstein, H.L., Youman, C.E.: Role-based access control models. Computer 29(2), 38–47 (1996). doi:10.1109/2. 485845
Sandhu, R., Krishnan, R., Niu, J., Winsborough, W.H.: Group-centric models for secure and agile information sharing. In: Proceedings of the 5th International Conference on Mathematical Methods, Models and Architectures for Computer Network Security, MMM-ACNS’10, St. Petersburg, pp. 55–69. Springer, Berlin/Heidelberg (2010)
sbir.gov, Assured information sharing in clouds. http://goo.gl/FxSbp (2011)
Seamons, K., Winslett, M., Yu, T., Smith, B., Child, E., Jacobson, J., Mills, H., Yu, L.: Requirements for policy languages for trust negotiation. In: Proceedings of the 3rd International Workshop on Policies for Distributed Systems and Networks, POLICY’02, Monterey, p. 68. IEEE Computer Society, Washington, DC (2002)
sourceforge.net, Sun XACML implementation. http://goo.gl/huKM
sourceforge.net, Zql: a Java SQL parser. http://goo.gl/ruUUX
Sweeney, L.: k-Anonymity: a model for protecting privacy. Int. J. Uncertainty Fuzziness Knowl. Based Syst. 10(5), 557–570 (2002)
Thuraisingham, B.M., Kumar, Y.H., Khan, L.: Design and implementation of a framework for assured information sharing across organizational boundaries. Int. J. Inf. Secur. Privacy 2(4), 67–90 (2008)
Thuraisingham, B.M., Khadilkar, V., Gupta, A., Kantarcioglu, M., Khan, L.: Secure data storage and retrieval in the cloud. In: Proceedings of the 6th International Conference on Collaborative Computing: Networking, Applications and Worksharing, CollaborateCom’10, Chicago, pp. 1–8. IEEE (2010)
Thusoo, A., Sarma, J.S., Jain, N., Shao, Z., Chakka, P., Anthony, S., Liu, H., Wyckoff, P., Murthy, R.: Hive: a warehousing solution over a map-reduce framework. Proc. VLDB Endow. 2(2), 1626–1629 (2009)
Tonti, G., Bradshaw, J.M., Jeffers, R., Montanari, R., Suri, N., Uszok, A.: Semantic Web languages for policy representation and reasoning: a comparison of KAoS, Rei, and Ponder. In: Proceedings of the 2nd International Semantic Web Conference, ISWC’03, Sanibel Island, vol. 2870, pp. 419–437. Springer (2003). doi:10.1007/978-3-540-39718-2_27
Vaidya, J., Clifton, C.: Privacy preserving association rule mining in vertically partitioned data. In: Proceedings of the 8th ACM SIGKDD International Conference on Knowledge Discovery and Data Mining, KDD’02, Edmonton, pp. 639–644. ACM, New York (2002). doi:10. 1145/775047.775142
Vaidya, J., Clifton, C., Kantarcioglu, M., Patterson, A.S.: Privacy-preserving decision trees over vertically partitioned data. ACM Trans. Knowl. Discov Data (TKDD) 2(3), 14:1–14:27 (2008). doi:10. 1145/1409620.1409624
Vaidya, J., Kantarciouglu, M., Clifton, C.: Privacy-preserving naive bayes classification. VLDB J. 17(4) (2008). doi:10.1007/ s00778-006-0041-y
w3.org, Resource Description Framework (RDF). http://goo.gl/A3eq
w3.org, RDF current status. http://goo.gl/zPes
w3.org, OWL Web ontology language guide. http://goo.gl/sQrDQ
Xiao, X., Tao, Y.: Personalized privacy preservation. In: Proceedings of the 2006 ACM SIGMOD International Conference on Management of Data, SIGMOD’06, Chicago, pp. 229–240. ACM, New York (2006). doi:10.1145/1142473.1142500
Xu, S., Sandhu, R.S., Bertino, E.: TIUPAM: a framework for trustworthiness-centric information sharing. In: Trust Management III: IFIP Advances in Information and Communication Technology, vol. 300, West Lafayette, pp. 164–175. Springer, Berlin/Heidelberg (2009). doi:10.1007/978-3-642-02056-8_11
Yu, T., Winslett, M., Seamons, K.E.: Supporting structured credentials and sensitive policies through interoperable strategies for automated trust negotiation. ACM Trans. Inf. Syst. Secur. 6(1), 1–42 (2003). doi:10.1145/605434.605435
Acknowledgements
This material is based upon work partially supported by the Air Force Office of Scientific Research (AFOSR) MURI-grant FA-9550-08-1-0265 and AFOSR grant FA9550-12-1-0082, the National Institutes of Health (NIH) grant 1R01LM009989, the National Science Foundation (NSF) CAREER-grant CNS-0845803, NSF grants CNS-0964350, CNS-1016343, CNS-1111529 and CNS-1228198, the Army Research Office (ARO) grant 58345-CS, and the Air Force Research Laboratory (AFRL) Visiting Faculty Research Program (VFRP) extension grant LRIR 11RI01COR. We thank Dr. Robert Herklotz for his support.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2014 Springer Science+Business Media New York
About this chapter
Cite this chapter
Khadilkar, V., Cadenhead, T., Kantarcioglu, M., Thuraisingham, B. (2014). Assured Information Sharing (AIS)Using Private Clouds. In: Han, K., Choi, BY., Song, S. (eds) High Performance Cloud Auditing and Applications. Springer, New York, NY. https://doi.org/10.1007/978-1-4614-3296-8_9
Download citation
DOI: https://doi.org/10.1007/978-1-4614-3296-8_9
Published:
Publisher Name: Springer, New York, NY
Print ISBN: 978-1-4614-3295-1
Online ISBN: 978-1-4614-3296-8
eBook Packages: EngineeringEngineering (R0)