Lattice-based models for controlled sharing of confidential information in the Saudi Hajj system

The pilgrimage (Hajj) is an annual event that takes place in Saudi Arabia. Three major government ministries (Foreign, Internal, and Hajj) create and process Hajj data separately in their systems. Currently all data sharing between these ministries regarding Hajj is done manually. Benefits from sharing data electronically are obvious. But due to the sensitivity of some data and the common requirement of not sharing everything, a trusted environment which provides interoperability between these systems while ensuring confidentiality of shared data is needed. In order to study the possibility of establishing such an environment, data was collected regarding the security requirements of the three Saudi ministries directly from the source through interviews. There are three increasingly sophisticated security requirements: no obligation access security, multi level security, and Chinese Wall security. The paper analyzes each security requirement, builds a lattice model for it, and uses these models to specify the information flow policy for each system