Skip to main content
SpringerLink
Log in

Assured Information Sharing (AIS)Using Private Clouds

  • Chapter
  • First Online:
High Performance Cloud Auditing and Applications

  • 1614 Accesses

Abstract

Assured Information Sharing (AIS) is a framework that allows cooperating organizations to share information in a manner that respects the privacy, confidentiality and security of the data of each individual in each organization. In this chapter, we present an overview of AIS by detailing the motivations behind AIS, a goal-oriented architecture for AIS and challenges that must be overcome before the adoption of AIS. In addition, we present historical as well as recent research advances that have been made towards addressing the challenges that lie within an AIS framework. Finally, we describe the details of two novel cloud-based AIS implementations that support the high availability, scalability, agility and efficiency required for realizing the vision of AIS.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 129.00
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 169.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info
Hardcover Book
USD 169.99
Price excludes VAT (USA)
  • Durable hardcover edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. af.mil, Air Force Distributted Common Ground System (DCGS). http://goo.gl/qLkFc

  2. Agrawal, R., Srikant, R.: Privacy-preserving data mining. In: Proceedings of the 2000 ACM SIGMOD International Conference on Management of Data, SIGMOD’00, Dallas, pp. 439–450. ACM, New York (2000). doi:10.1145/342009.335438

    Google Scholar 

  3. Agrawal, R., Kiernan, J., Srikant, R., Xu, Y.: Hippocratic databases. In: Proceedings of the 28th International Conference on Very Large Data Bases, VLDB’02, Hong Kong. VLDB Endowment, pp. 143–154 (2002)

    Google Scholar 

  4. Agrawal, D., Giles, J., Lee, K.W., Lobo, J.: Policy ratification. In: Proceedings of the 6th IEEE International Workshop on Policies for Distributed Systems and Networks, POLICY’05, Stockholm, pp. 223–232. IEEE Computer Society, Washington, DC (2005). doi:10.1109/POLICY.2005.25

    Google Scholar 

  5. Anderson, T.E.: dtic.mil, Making GIG information assurance better through portfolio management. http://goo.gl/RTSS3 (2008)

  6. apache.org, Apache Hadoop. http://goo.gl/tnkf

  7. apache.org, Apache HBase. http://goo.gl/2kbIQ

  8. apache.org, Apache Hive. http://goo.gl/Jxwgx

  9. apache.org, Apache Jena. http://goo.gl/l5mYK

  10. apache.org, Apache Jena, SDB – persistent triple stores using relational databases. http://goo.gl/QCO8L

  11. Astrahan, M.M., Blasgen, M.W., Chamberlin, D.D., Eswaran, K.P., Gray, J.N., Griffiths, P.P., King, W.F., Lorie, R.A., McJones, P.R., Mehl, J.W., Putzolu, G.R., Traiger, I.L., Wade, B.W., Watson, V.: System R: relational approach to database management. ACM Trans. Database Syst. 1(2), 97–137 (1976). doi:10.1145/320455.320457

    Article  Google Scholar 

  12. Backes, M., Karjoth, G., Bagga, W., Schunter, M.: Efficient comparison of enterprise privacy policies. In: Proceedings of the 2004 ACM Symposium on Applied Computing, SAC’04, Nicosia, pp. 375–382. ACM, New York (2004). doi:10.1145/967900.967983

    Google Scholar 

  13. Bacon, J., Moody, K., Yao, W.: A model of OASIS role-based access control and its support for active security. ACM Trans. Inf. Syst. Secur. 5(4), 492–540 (2002). doi:10.1145/581271.581276

    Article  Google Scholar 

  14. Bates, A., Mood, B., Valafar, M., Butler, K.: Towards secure provenance-based access control in cloud environments. In: Proceedings of the 3rd ACM Conference on Data and Application Security and Privacy, CODASPY’13, San Antonio, pp. 277–284. ACM, New York (2013). doi:10.1145/2435349.2435389

    Google Scholar 

  15. Bell, D.E., LaPadula, L.J.: nist.gov, Secure computer systems: unified exposition and multics interpretation. http://goo.gl/uVC7c (1976)

  16. Bertino, E., Haas, L.M.: Views and security in distributed database management systems. In: Proceedings of the 1988 International Conference on Extending Database Technology: Advances in Database Technology, EDBT’88, Venice, pp. 155–169. Springer, London (1988)

    Google Scholar 

  17. Bertino, E., Sandhu, R.: Database security-concepts, approaches, and challenges. IEEE Trans. Dependable Secure Comput. 2(1), 2–19 (2005). doi:10.1109/TDSC.2005.9

    Article  Google Scholar 

  18. Bertino, E., Samarati, P., Jajodia, S.: An extended authorization model for relational databases. IEEE Trans. Knowl. Data Eng. 9(1), 85–101 (1997). doi:10.1109/69.567051

    Article  Google Scholar 

  19. Bertino, E., Bettini, C., Ferrari, E., Samarati, P.: An access control model supporting periodicity constraints and temporal reasoning. ACM Trans. Database Syst. 23(3), 231–285 (1998). doi:10.1145/293910. 293151

    Article  Google Scholar 

  20. Bertino, E., Bonatti, P.A., Ferrari, E.: TRBAC: a temporal role-based access control model. ACM Trans. Inf. Syst. Secur. 4(3), 191–233 (2001). doi:10.1145/501978.501979

    Article  Google Scholar 

  21. Bertino, E., Castano, S., Ferrari, E.: Securing XML documents with Author-X. IEEE Internet Comput. 5(3), 21–31 (2001). doi:10.1109/ 4236.935172

    Article  Google Scholar 

  22. Bonatti, P.A., Samarati, P.: A uniform framework for regulating service access and information release on the web. J. Comput. Secur. 10(3), 241–271 (2002)

    Google Scholar 

  23. Bonatti, P., De Capitani di Vimercati, S., Samarati, P.: An algebra for composing access control policies. ACM Trans. Inf. Syst. Secur. 5(1), 1–35 (2002). doi:10.1145/504909.504910

    Google Scholar 

  24. Bulatov, A.A.: Complexity of conservative constraint satisfaction problems. ACM Trans. Comput. Logic 12(4), 24:1–24:66 (2011). doi:10. 1145/1970398.1970400

    Google Scholar 

  25. Cadenhead, T., Khadilkar, V., Kantarcioglu, M., Thuraisingham, B.: Transforming provenance using redaction. In: Proceedings of the 16th ACM Symposium on Access Control Models and Technologies, SACMAT’11, Innsbruck, pp. 93–102. ACM, New York (2011). doi:10. 1145/1998441.1998456

    Google Scholar 

  26. Cadenhead, T., Khadilkar, V., Kantarcioglu, M., Thuraisingham, B.: A language for provenance access control. In: Proceedings of the 1st ACM Conference on Data and Application Security and Privacy, CODASPY’11, San Antonio, pp. 133–144. ACM, New York (2011). doi:10.1145/1943513.1943532

    Google Scholar 

  27. Cadenhead, T., Kantarcioglu, M., Khadilkar, V., Thuraisingham, B.: Design and implementation of a cloud-based assured information sharing system. In: Proceedings of the 6th International Conference on Mathematical Methods, Models and Architectures for Computer Network Security, MMM-ACNS’12, St. Petersburg, pp. 36–50. Springer, Berlin/Heidelberg (2012). doi:10.1007/978-3-642-33704-8_4

  28. Cadenhead, T., Khadilkar, V., Kantarcioglu, M., Thuraisingham, B.: A cloud-based RDF policy engine for assured information sharing. In: Proceedings of the 17th ACM Symposium on Access Control Models and Technologies, SACMAT’12, Newark, pp. 113–116. ACM, New York (2012). doi:10.1145/2295136.2295157

    Google Scholar 

  29. Cadenhead, T., Khadilkar, V., Kantarcioglu, M., Thuraisingham, B.: A general purpose RDF policy engine for assured information sharing. Technical report, University of Texas at Dallas (2012)

    Google Scholar 

  30. cgisecurity.com, The virtual private database in Oracle9iR2. http://goo.gl/Lijl1 (2002)

  31. Chang, F., Dean, J., Ghemawat, S., Hsieh, W.C., Wallach, D.A., Burrows, M., Chandra, T., Fikes, A., Gruber, R.E.: Bigtable: a distributed storage system for structured data. ACM Trans. Comput. Syst. 26(2), 4:1–4:26 (2008). doi:10.1145/1365815.1365816

    Google Scholar 

  32. Clifton, C.: Using sample size to limit exposure to data mining. J. Comput. Secur. 8(4), 281–307 (2000)

    Google Scholar 

  33. Codd, E.F.: A relational model of data for large shared data banks. Commun. ACM 26(1), 64–69 (1983). doi:10.1145/357980.358007

    Article  Google Scholar 

  34. Corradini, A., Montanari, U., Rossi, F., Ehrig, H., Heckel, R., Löwe, M.: Algebraic approaches to graph transformation – part i: basic concepts and double pushout approach. In: Rozenberg, G. (ed.) Handbook of Graph Grammars, pp. 163–246. World Scientific, Singapore (1997)

    Google Scholar 

  35. Crampton, J., Loizou, G.: Administrative scope: a foundation for role-based administrative models. ACM Trans. Inf. Syst. Secur. 6(2), 201–231 (2003). doi:10.1145/762476.762478

    Article  Google Scholar 

  36. Damiani, E., De Capitani di Vimercati, S., Paraboschi, S., Samarati, P.: A fine-grained access control system for XML documents. ACM Trans. Inf. Syst. Secur. 5(2), 169–202 (2002). doi:10.1145/505586.505590

    Google Scholar 

  37. Dean, J., Ghemawat, S.: MapReduce: simplified data processing on large clusters. Commun. ACM 51(1), 107–113 (2008). doi:10.1145/ 1327452.1327492

    Article  Google Scholar 

  38. defense.gov, Department of Defense Information sharing strategy. http://goo.gl/3IcDm (2007)

  39. defense.gov, The Department of Defense’s Global Information Grid (GIG) architectural vision. http://goo.gl/Ph6Kd (2007)

  40. defense.gov, Department of Defense Information enterprise strategic plan. http://goo.gl/3eA65 (2010–2012)

  41. defensemarket.com, Department of Defense Embraces cloud computing. http://goo.gl/FrPuF (2009)

  42. dtic.mil, DCGS Integration Backbone (DIB) v4.0 overview. http://goo.gl/6KYKr (2012)

  43. Durham, E., Xu, Y., Kantarcioglu, M., Malin, B.: Private medical record linkage with approximate linkage. In: American Medical Informatics Association Annual Symposium, Washington, DC (2010)

    Google Scholar 

  44. Durham, E., Xue, Y., Kantarcioglu, M., Malin, B.: Quantifying the correctness, computational complexity, and security of privacy-preserving string comparators for record linkage. J. Inf. Fusion 13(4), 245–259 (2012). doi:10.1016/j.inffus.2011.04.004

    Article  Google Scholar 

  45. Ehrig, H., Ehrig, K., Prange, U., Taentzer, G.: Fundamentals of Algebraic Graph Transformation. Monographs in Theoretical Computer Science. An EATCS Series. Springer, Secaucus (2006)

    MATH  Google Scholar 

  46. Emam, K.E., Hu, J., Mercer, J., Peyton, L., Kantarcioglu, M., Malin, B., Buckeridge, D., Samet, S., Earle, C.: A secure protocol for protecting the identity of providers when disclosing data for disease surveillance. J. Am. Med. Inf. Assoc. 18(3), 212–217 (2011). doi:10. 1136/amiajnl-2011-000100

    Google Scholar 

  47. Fagin, R.: On an authorization mechanism. ACM Trans. Database Syst. 3(3), 310–319 (1978). doi:10.1145/320263.320288

    Article  Google Scholar 

  48. Ferraiolo, D., Kuhn, R.: Role-based access control. In: Proceedings of the 15th NIST-NCSC National Computer Security Conference, Baltimore, pp. 554–563 (1992)

    Google Scholar 

  49. Ferrini, R., Bertino, E.: Supporting RBAC with XACML+OWL. In: Proceedings of the 14th ACM Symposium on Access Control Models and Technologies, SACMAT’09, pp. 145–154. ACM, New York (2009). doi:10.1145/1542207.1542231

    Google Scholar 

  50. Finin, T., Joshi, A., Kagal, L., Niu, J., Sandhu, R., Winsborough, W., Thuraisingham, B.: ROWLBAC: representing role based access control in OWL. In: Proceedings of the 13th ACM Symposium on Access Control Models and Technologies, SACMAT’08, Estes Park, pp. 73–82. ACM, New York (2008). doi:10.1145/1377836.1377849

    Google Scholar 

  51. Finin, T., Joshi, A., Kargupta, H., Yesha, Y., Sachs, J., Bertino, E., Li, N., Clifton, C., Spafford, G., Thuraisingham, B., Kantarcioglu, M., Bensoussan, A., Berg, N., Khan, L., Han, J., Zhai, C., Sandhu, R., Xu, S., Massaro, J., Adamic, L.: Assured information sharing life cycle. In: Proceedings of the 2009 IEEE International Conference on Intelligence and Security Informatics, ISI’09, Richardson, pp. 307–309. IEEE, Piscataway (2009)

    Google Scholar 

  52. Fisler, K., Krishnamurthi, S., Meyerovich, L.A., Tschantz, M.C.: Verification and change-impact analysis of access-control policies. In: Proceedings of the 27th International Conference on Software Engineering, ICSE’05, St. Louis, pp. 196–205. ACM, New York (2005). doi:10.1145/1062455.1062502

    Google Scholar 

  53. Ghemawat, S., Gobioff, H., Leung, S.T.: The Google file system. In: Proceedings of the 9th ACM Symposium on Operating Systems Principles, SOSP’03, Bolton Landing, pp. 29–43. ACM, New York (2003). doi:10.1145/945445.945450

    Google Scholar 

  54. github.com, Hbase-rdf. http://goo.gl/4DxN5

  55. Gray, J.: The transaction concept: virtues and limitations (invited paper). In: Proceedings of the 7th International Conference on Very Large Data Bases, VLDB’81, Cannes. VLDB Endowment, vol. 7, pp. 144–154 (1981)

    Google Scholar 

  56. Griffiths, P.P., Wade, B.W.: An authorization mechanism for a relational database system. ACM Trans. Database Syst. 1(3), 242–255 (1976). doi:10.1145/320473.320482

    Article  Google Scholar 

  57. informationweek.com, NSA pursues intelligence-sharing architecture. http://goo.gl/LYrRX (2011)

  58. jasypt.org, Java simplified encryption. http://goo.gl/htlXQ

  59. jena.apache.org, Jena architecture overview. http://goo.gl/cbfnZ

  60. Joshi, J., Bertino, E., Latif, U., Ghafoor, A.: A generalized temporal role-based access control model. IEEE Trans. Knowl. Data Eng. 17(1), 4–23 (2005). doi:10.1109/TKDE.2005.1

    Article  Google Scholar 

  61. Kagal, L., Finin, T., Joshi, A.: A policy language for a pervasive computing environment. In: Proceedings of the 4th IEEE International Workshop on Policies for Distributed Systems and Networks, POLICY’03, Lake Como, pp. 63–74. IEEE Computer Society, Washington, DC (2003)

    Google Scholar 

  62. Kantarcioglu, M., Clifton, C.: Privacy-preserving distributed mining of association rules on horizontally partitioned data. IEEE Trans. Knowl. Data Eng. 16(9), 1026–1037 (2004). doi:10.1109/TKDE.2004.45

    Article  Google Scholar 

  63. Kantarcioglu, M., Jiang, W.: Incentive compatible privacy-preserving data analysis. IEEE Trans. Knowl. Data Eng. (99) (2012). doi:10.1109/ TKDE.2012.61

    Google Scholar 

  64. Kantarcioglu, M., Kardes, O.: Privacy-preserving data mining in the malicious model. ACM Trans. Inf. Syst. Secur. 2(4), 353–375 (2008). doi:10.1504/IJICS.2008.022488

    Google Scholar 

  65. Kantarcioglu, M., Nix, R., Vaidya, J.: An efficient approximate protocol for privacy-preserving association rule mining. In: Proceedings of the 13th Pacific-Asia Conference on Advances in Knowledge Discovery and Data Mining, PAKDD’09, Bangkok, pp. 515–524. Springer, Berlin/Heidelberg (2009). doi:10.1007/978-3-642-01307-2_48

  66. Kantarcioglu, M., Bensoussan, A., Hoe, S.: When do firms invest in privacy-preserving technologies? In: Proceedings of the 1st International Conference on Decision and Game Theory for Security, GameSec’10, Berlin, pp. 72–86. Springer, Berlin/Heidelberg (2010)

    Google Scholar 

  67. Kantarcioglu, M., Bensoussan, A., Hoe, S.: Investment in privacy-preserving technologies under uncertainty. In: Proceedings of the 2nd International Conference on Decision and Game Theory for Security, GameSec’11, College Park, pp. 219–238. Springer, Berlin/Heidelberg (2011). doi:10.1007/978-3-642-25280-8_17

  68. Kargupta, H., Datta, S., Wang, Q., Sivakumar, K.: On the privacy preserving properties of random data perturbation techniques. In: Proceedings of the 3rd IEEE International Conference on Data Mining, ICDM’03, Melbourne, pp. 99–106. IEEE Computer Society, Washington, DC (2003)

    Google Scholar 

  69. Kern, A., Kuhlmann, M., Kuropka, R., Ruthert, A.: A meta model for authorisations in application security systems and their integration into RBAC administration. In: Proceedings of the 9th ACM Symposium on Access Control Models and Technologies, SACMAT’04, Yorktown Heights, pp. 87–96. ACM, New York (2004). doi:10.1145/990036.990050

    Google Scholar 

  70. Khadilkar, V., Kantarcioglu, M., Castagna, P., Thuraisingham, B.: utdallas.edu, Jena-HBase: a distributed, scalable and efficient RDF triple store. Technical report, University of Texas at Dallas (2012)

  71. Khadilkar, V., Kantarcioglu, M., Thuraisingham, B.M., Castagna, P.: Jena-HBase: a distributed, scalable and efficient RDF triple store. In: Proceedings of the 11th International Semantic Web Conference Posters & Demonstrations Track, ISWC-PD’12, Boston, pp. 85–88. CEUR-WS.org (2012)

  72. Kirchberg, M., Link, S.: Hippocratic databases: extending current transaction processing approaches to satisfy the limited retention principle. In: Proceedings of the 43rd Hawaii International Conference on System Sciences, HICSS’10, Honolulu, pp. 1–10. IEEE Computer Society, Washington, DC (2010). doi:10.1109/HICSS.2010.220

    Google Scholar 

  73. Koch, M., Mancini, L.V., Parisi-Presicce, F.: Administrative scope in the graph-based framework. In: Proceedings of the 9th ACM Symposium on Access Control Models and Technologies, SACMAT’04, Yorktown Heights, pp. 97–104. ACM, New York (2004). doi:10.1145/ 990036.990051

    Google Scholar 

  74. Krishnan, R., Sandhu, R.: A hybrid enforcement model for group-centric secure information sharing. In: Proceedings of the 12th IEEE International Conference on Computational Science and Engineering, CSE’09, Vancouver, vol. 03, pp. 189–194. IEEE Computer Society, Washington, DC (2009). doi:10.1109/CSE.2009.397

    Google Scholar 

  75. Krishnan, R., Sandhu, R.: Authorization policy specification and enforcement for group-centric secure information sharing. In: Proceedings of the 7th International Conference on Information Systems Security, ICISS’11, Kolkata, pp. 102–115. Springer, Berlin/Heidelberg (2011). doi:10.1007/978-3-642-25560-1_7

  76. Krishnan, R., Sandhu, R., Niu, J., Winsborough, W.H.: A conceptual framework for group-centric secure information sharing. In: Proceedings of the 4th International Symposium on Information, Computer, and Communications Security, ASIACCS’09, Sydney, pp. 384–387. ACM, New York (2009). doi:10.1145/1533057.1533111

    Google Scholar 

  77. Krishnan, R., Sandhu, R., Niu, J., Winsborough, W.H.: Foundations for group-centric secure information sharing models. In: Proceedings of the 14th ACM Symposium on Access Control Models and Technologies, SACMAT’09, Stresa, pp. 115–124. ACM, New York (2009). doi:10. 1145/1542207.1542227

    Google Scholar 

  78. Kudoh, M., Hirayama, Y., Hada, S., Vollschwitz, A.: Access control specification based on policy evaluation and enforcement model and specification language. In: SCIS, Okinawa (2002)

    Google Scholar 

  79. Kumaraswamy, S., Lakshminarayanan, S., Stein, M.R.J., Wilson, Y.: cloudsecurityalliance.org, Domain 12: Guidance for Identity & Access Management V2.1. http://goo.gl/Iwhaq (2010)

  80. Kuzu, M., Kantarcioglu, M., Durham, E., Malin, B.: A constraint satisfaction cryptanalysis of bloom filters in private record linkage. In: Proceedings of the 11th International Conference on Privacy Enhancing Technologies, PETS’11, Waterloo, pp. 226–245. Springer, Berlin/Heidelberg (2011)

    Google Scholar 

  81. Layfield, R., Kantarcioglu, M., Thuraisingham, B.M.: Incentive and trust issues in assured information sharing. In: Proceedings of the 4th International Conference on Collaborative Computing: Networking, Applications and Worksharing, CollaborateCom’08, Orlando, pp. 113–125. Springer (2008). doi:10.1007/978-3-642-03354-4_10

  82. Li, N., Mitchell, J.C.: DATALOG with constraints: a foundation for trust management languages. In: Proceedings of the 5th International Symposium on Practical Aspects of Declarative Languages, PADL’03, New Orleans, pp. 58–73. Springer, London (2003)

    Google Scholar 

  83. Li, N., Tripunitara, M.V.: Security analysis in role-based access control. ACM Trans. Inf. Syst. Secur. 9(4), 391–420 (2006). doi:10.1145/ 1187441.1187442

    Article  Google Scholar 

  84. Li, N., Mitchell, J.C., Winsborough, W.H.: Design of a role-based trust-management framework. In: Proceedings of the 2002 IEEE Symposium on Security and Privacy, SP’02, Oakland, pp. 114–130. IEEE Computer Society, Washington, DC (2002)

    Google Scholar 

  85. Li, N., Grosof, B.N., Feigenbaum, J.: Delegation logic: a logic-based approach to distributed authorization. ACM Trans. Inf. Syst. Secur. 6(1), 128–171 (2003). doi:10.1145/605434.605438

    Article  Google Scholar 

  86. Lin, D., Rao, P., Bertino, E., Li, N., Lobo, J.: EXAM: a comprehensive environment for the analysis of access control policies. Int. J. Inf. Secur. 9(4), 253–273 (2010). doi:10.1007/s10207-010-0106-1

    Article  Google Scholar 

  87. lockheedmartin.com, distributed common ground system (dcgs). http://goo.gl/1dYox

  88. Machanavajjhala, A., Gehrke, J., Kifer, D., Venkitasubramaniam, M.: l-Diversity: privacy beyond k-anonymity. In: ICDE, Atlanta, p. 24. IEEE (2006). doi:10.1109/ICDE.2006.1

    Google Scholar 

  89. Malone, P., McLaughlin, M., Leenes, R., Ferronato, P., Lockett, N., Guillen, P.B., Heistracher, T., Russello, G.: Endorse: a legal technical framework for privacy preserving data management. In: Proceedings of the 2010 Workshop on Governance of Technology, Information and Policies, GTIP’10, Austin, pp. 27–34. ACM, New York (2010). doi:10. 1145/1920320.1920325

    Google Scholar 

  90. Manna, Z., Pnueli, A.: The Temporal Logic of Reactive and Concurrent Systems – Specification. Springer, New York (1992)

    Book  Google Scholar 

  91. Mitchell, T.M.: Machine Learning. McGraw Hill Series in Computer Science. McGraw-Hill, New York (1997)

    MATH  Google Scholar 

  92. Moss, J.E.: Nested Transactions: An Approach to Reliable Distributed Computing. MIT, Cambridge (1985)

    Google Scholar 

  93. Ni, Q., Xu, S., Bertino, E., Sandhu, R., Han, W.: An access control language for a general provenance model. In: Proceedings of the 6th VLDB Workshop on Secure Data Management, SDM’09, Lyon, pp. 68–88. Springer, Berlin/Heidelberg (2009). doi:10.1007/ 978-3-642-04219-5_5

    Google Scholar 

  94. nist.gov, Department of Defense Trusted computer system evaluation criteria, DOD5200.28-STD. http://goo.gl/wt4in (1975)

  95. Nix, R., Kantarciouglu, M.: Incentive compatible privacy-preserving distributed classification. IEEE Trans. Dependable Secure Comput. 9(4) (2011). doi:10.1109/TDSC.2011.52

    Google Scholar 

  96. oasis-open.org, eXtensible Access Control Markup Language (XACML) version 3.0. http://goo.gl/m9hqv

  97. Oliveira, S.R.M., Zaïane, O.R.: Privacy preserving frequent itemset mining. In: Proceedings of the IEEE International Conference on Privacy, Security and Data Mining, CRPIT’14, Maebashi City, vol. 14, pp. 43–54. Australian Computer Society, Darlinghurst (2002)

    Google Scholar 

  98. oracle.com, Java Platform, standard edition 7, API specification. http://goo.gl/lYUSS

  99. Parikh, P.: Secured information integration with a semantic Web-based framework. Technical report, The University of Texas at Dallas (2009)

    Google Scholar 

  100. Rao, P., Lin, D., Bertino, E., Li, N., Lobo, J.: EXAM: an environment for access control policy analysis and management. In: Proceedings of the 9th IEEE Workshop on Policies for Distributed Systems and Networks, POLICY’08, Palisades, pp. 238–240. IEEE Computer Society, Washington, DC (2008). doi:10.1109/POLICY.2008.30

    Google Scholar 

  101. Reimer, J.: arstechnica.com, From BFS to ZFS: past, present, and future of file systems. http://goo.gl/44KTi (2008)

  102. Rozenberg, G. (ed.): Handbook of Graph Grammars and Computing by Graph Transformations, Volume 1: Foundations. World Scientific, Singapore (1997)

    Google Scholar 

  103. Samarati, P., de Capitani di Vimercati, S.: Access control: policies, models, and mechanisms. In: Revised versions of lectures given during the IFIP WG 1.7 International School on Foundations of Security Analysis and Design on Foundations of Security Analysis and Design: Tutorial Lectures, FOSAD’00, Bertinoro, pp. 137–196. Springer, London (2001)

    Google Scholar 

  104. Samarati, P., Sweeney, L.: Generalizing data to provide anonymity when disclosing information (abstract). In: Proceedings of the 17th ACM SIGACT-SIGMOD-SIGART Symposium on Principles of Database Systems, PODS’98, Seattle, p. 188. ACM, New York (1998). doi:10.1145/275487.275508

    Google Scholar 

  105. Sandhu, R.S., Coyne, E.J., Feinstein, H.L., Youman, C.E.: Role-based access control models. Computer 29(2), 38–47 (1996). doi:10.1109/2. 485845

    Article  Google Scholar 

  106. Sandhu, R., Krishnan, R., Niu, J., Winsborough, W.H.: Group-centric models for secure and agile information sharing. In: Proceedings of the 5th International Conference on Mathematical Methods, Models and Architectures for Computer Network Security, MMM-ACNS’10, St. Petersburg, pp. 55–69. Springer, Berlin/Heidelberg (2010)

    Google Scholar 

  107. sbir.gov, Assured information sharing in clouds. http://goo.gl/FxSbp (2011)

  108. Seamons, K., Winslett, M., Yu, T., Smith, B., Child, E., Jacobson, J., Mills, H., Yu, L.: Requirements for policy languages for trust negotiation. In: Proceedings of the 3rd International Workshop on Policies for Distributed Systems and Networks, POLICY’02, Monterey, p. 68. IEEE Computer Society, Washington, DC (2002)

    Google Scholar 

  109. sourceforge.net, Sun XACML implementation. http://goo.gl/huKM

  110. sourceforge.net, Zql: a Java SQL parser. http://goo.gl/ruUUX

  111. Sweeney, L.: k-Anonymity: a model for protecting privacy. Int. J. Uncertainty Fuzziness Knowl. Based Syst. 10(5), 557–570 (2002)

    Google Scholar 

  112. Thuraisingham, B.M., Kumar, Y.H., Khan, L.: Design and implementation of a framework for assured information sharing across organizational boundaries. Int. J. Inf. Secur. Privacy 2(4), 67–90 (2008)

    Article  Google Scholar 

  113. Thuraisingham, B.M., Khadilkar, V., Gupta, A., Kantarcioglu, M., Khan, L.: Secure data storage and retrieval in the cloud. In: Proceedings of the 6th International Conference on Collaborative Computing: Networking, Applications and Worksharing, CollaborateCom’10, Chicago, pp. 1–8. IEEE (2010)

    Google Scholar 

  114. Thusoo, A., Sarma, J.S., Jain, N., Shao, Z., Chakka, P., Anthony, S., Liu, H., Wyckoff, P., Murthy, R.: Hive: a warehousing solution over a map-reduce framework. Proc. VLDB Endow. 2(2), 1626–1629 (2009)

    Google Scholar 

  115. Tonti, G., Bradshaw, J.M., Jeffers, R., Montanari, R., Suri, N., Uszok, A.: Semantic Web languages for policy representation and reasoning: a comparison of KAoS, Rei, and Ponder. In: Proceedings of the 2nd International Semantic Web Conference, ISWC’03, Sanibel Island, vol. 2870, pp. 419–437. Springer (2003). doi:10.1007/978-3-540-39718-2_27

  116. Vaidya, J., Clifton, C.: Privacy preserving association rule mining in vertically partitioned data. In: Proceedings of the 8th ACM SIGKDD International Conference on Knowledge Discovery and Data Mining, KDD’02, Edmonton, pp. 639–644. ACM, New York (2002). doi:10. 1145/775047.775142

  117. Vaidya, J., Clifton, C., Kantarcioglu, M., Patterson, A.S.: Privacy-preserving decision trees over vertically partitioned data. ACM Trans. Knowl. Discov Data (TKDD) 2(3), 14:1–14:27 (2008). doi:10. 1145/1409620.1409624

    Google Scholar 

  118. Vaidya, J., Kantarciouglu, M., Clifton, C.: Privacy-preserving naive bayes classification. VLDB J. 17(4) (2008). doi:10.1007/ s00778-006-0041-y

    Google Scholar 

  119. w3.org, Resource Description Framework (RDF). http://goo.gl/A3eq

  120. w3.org, RDF current status. http://goo.gl/zPes

  121. w3.org, OWL Web ontology language guide. http://goo.gl/sQrDQ

  122. Xiao, X., Tao, Y.: Personalized privacy preservation. In: Proceedings of the 2006 ACM SIGMOD International Conference on Management of Data, SIGMOD’06, Chicago, pp. 229–240. ACM, New York (2006). doi:10.1145/1142473.1142500

    Google Scholar 

  123. Xu, S., Sandhu, R.S., Bertino, E.: TIUPAM: a framework for trustworthiness-centric information sharing. In: Trust Management III: IFIP Advances in Information and Communication Technology, vol. 300, West Lafayette, pp. 164–175. Springer, Berlin/Heidelberg (2009). doi:10.1007/978-3-642-02056-8_11

  124. Yu, T., Winslett, M., Seamons, K.E.: Supporting structured credentials and sensitive policies through interoperable strategies for automated trust negotiation. ACM Trans. Inf. Syst. Secur. 6(1), 1–42 (2003). doi:10.1145/605434.605435

    Article  MATH  Google Scholar 

Download references

Acknowledgements

This material is based upon work partially supported by the Air Force Office of Scientific Research (AFOSR) MURI-grant FA-9550-08-1-0265 and AFOSR grant FA9550-12-1-0082, the National Institutes of Health (NIH) grant 1R01LM009989, the National Science Foundation (NSF) CAREER-grant CNS-0845803, NSF grants CNS-0964350, CNS-1016343, CNS-1111529 and CNS-1228198, the Army Research Office (ARO) grant 58345-CS, and the Air Force Research Laboratory (AFRL) Visiting Faculty Research Program (VFRP) extension grant LRIR 11RI01COR. We thank Dr. Robert Herklotz for his support.

Author information

Authors and Affiliations

  1. University of Texas at Dallas, Richardson, TX, USA

    Vaibhav Khadilkar, Tyrone Cadenhead, Murat Kantarcioglu & Bhavani Thuraisingham

Authors
  1. Vaibhav Khadilkar
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Tyrone Cadenhead
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Murat Kantarcioglu
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Bhavani Thuraisingham
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Vaibhav Khadilkar .

Editor information

Editors and Affiliations

  1. Air Force Research Laboratory, Rome, New York, USA

    Keesook J. Han

  2. School of Computing and Engineering, University of Missouri - Kansas City, Kansas City, Missouri, USA

    Baek-Young Choi

  3. Department of Engineering Technology The Dwight Look College of Engineering, Texas A&M University, College Station, Texas, USA

    Sejun Song

Rights and permissions

Reprints and permissions

Copyright information

© 2014 Springer Science+Business Media New York

About this chapter

Cite this chapter

Khadilkar, V., Cadenhead, T., Kantarcioglu, M., Thuraisingham, B. (2014). Assured Information Sharing (AIS)Using Private Clouds. In: Han, K., Choi, BY., Song, S. (eds) High Performance Cloud Auditing and Applications. Springer, New York, NY. https://doi.org/10.1007/978-1-4614-3296-8_9

Download citation

  • DOI: https://doi.org/10.1007/978-1-4614-3296-8_9

  • Published:

  • Publisher Name: Springer, New York, NY

  • Print ISBN: 978-1-4614-3295-1

  • Online ISBN: 978-1-4614-3296-8

  • eBook Packages: EngineeringEngineering (R0)

Publish with us

Policies and ethics

Search

Navigation