Title :
Lattice-based models for controlled sharing of confidential information in the Saudi Hajj system
Author :
Himdi, Tarik F. ; Sandhu, Ravi S.
Author_Institution :
Dept. of Inf. & Software Syst. Eng., George Mason Univ., Fairfax, VA, USA
Abstract :
The pilgrimage (Hajj) is an annual event that takes place in Saudi Arabia. Three major government ministries (Foreign, Internal, and Hajj) create and process Hajj data separately in their systems. Currently all data sharing between these ministries regarding Hajj is done manually. Benefits from sharing data electronically are obvious. But due to the sensitivity of some data and the common requirement of not sharing everything, a trusted environment which provides interoperability between these systems while ensuring confidentiality of shared data is needed. In order to study the possibility of establishing such an environment, data was collected regarding the security requirements of the three Saudi ministries directly from the source through interviews. There are three increasingly sophisticated security requirements: no obligation access security, multi level security, and Chinese Wall security. The paper analyzes each security requirement, builds a lattice model for it, and uses these models to specify the information flow policy for each system
Keywords :
government data processing; information networks; internetworking; message authentication; Chinese Wall security; Saudi Arabia; Saudi Hajj system; Saudi ministries; annual event; confidential information; confidentiality; controlled sharing; data sharing; government ministries; information flow policy; interoperability; lattice based models; multi level security; no obligation access security; pilgrimage; security requirement; security requirements; shared data; trusted environment; Access control; Data security; Government; Information analysis; Information security; Laboratories; Lattices; Safety; Software systems; Systems engineering and theory;
Conference_Titel :
Computer Security Applications Conference, 1997. Proceedings., 13th Annual
Conference_Location :
San Diego, CA
Print_ISBN :
0-8186-8274-4
DOI :
10.1109/CSAC.1997.646186