DocumentCode :
319318
Title :
Lattice-based models for controlled sharing of confidential information in the Saudi Hajj system
Author :
Himdi, Tarik F. ; Sandhu, Ravi S.
Author_Institution :
Dept. of Inf. & Software Syst. Eng., George Mason Univ., Fairfax, VA, USA
fYear :
1997
fDate :
8-12 Dec 1997
Firstpage :
164
Lastpage :
174
Abstract :
The pilgrimage (Hajj) is an annual event that takes place in Saudi Arabia. Three major government ministries (Foreign, Internal, and Hajj) create and process Hajj data separately in their systems. Currently all data sharing between these ministries regarding Hajj is done manually. Benefits from sharing data electronically are obvious. But due to the sensitivity of some data and the common requirement of not sharing everything, a trusted environment which provides interoperability between these systems while ensuring confidentiality of shared data is needed. In order to study the possibility of establishing such an environment, data was collected regarding the security requirements of the three Saudi ministries directly from the source through interviews. There are three increasingly sophisticated security requirements: no obligation access security, multi level security, and Chinese Wall security. The paper analyzes each security requirement, builds a lattice model for it, and uses these models to specify the information flow policy for each system
Keywords :
government data processing; information networks; internetworking; message authentication; Chinese Wall security; Saudi Arabia; Saudi Hajj system; Saudi ministries; annual event; confidential information; confidentiality; controlled sharing; data sharing; government ministries; information flow policy; interoperability; lattice based models; multi level security; no obligation access security; pilgrimage; security requirement; security requirements; shared data; trusted environment; Access control; Data security; Government; Information analysis; Information security; Laboratories; Lattices; Safety; Software systems; Systems engineering and theory;
fLanguage :
English
Publisher :
ieee
Conference_Titel :
Computer Security Applications Conference, 1997. Proceedings., 13th Annual
Conference_Location :
San Diego, CA
ISSN :
1063-9527
Print_ISBN :
0-8186-8274-4
Type :
conf
DOI :
10.1109/CSAC.1997.646186
Filename :
646186
Link To Document :
بازگشت