External Object Trust Zone Mapping for Information Clustering!

Yanjun Zuo, Brajendra Panda

Abstract

In a loosely-coupled system various objects may be imported from different sources and the integrity levels of these objects can vary widely. Like downloaded information from the World Wide Web, these imported objects should be carefully organized and disseminated to different trust zones, which meet the security requirements of different groups of internal applications. Assigning an object to a trust zone is called trust zone mapping, which is essentially a form of information clustering and is designed to guide internal applications when they are using objects from different zones. We developed methods to perform trust zone mapping based on objects’ trust attribute values. The defined threshold selection operators allow internal applications to best express their major security concerns while tolerating unimportant issues to certain degrees. As two major trust attributes, the primary and secondary trust values are explained and we illustrate how to calculate each of them.

References

  1. 5. msdn.microsoft.com/library/default.asp?url=/workshop/security/szone/overview/overview. asp
  2. 7. E. Lupu and M. Sloman, “Reconciling Role Based Management and Role Based Access Control”, Second Role Based Control Workshop, Virginia, USA, 1997
  3. 8. L. Bauer, M. Schneider, and E. Felten, “A General and Flexible Access-Control System for the Web”, The 11th USENIX Security Symposium, p. 93-108, 2002
  4. 9. M. Abadi, M. Burrows, B. Lampson, and G. Plotkin, “A Calculus for Access Control in Distributed Systems”, ACM Transactions on Programming Languages and Systems, p.706-734, October, 1993
  5. 10. E. Bertino, B. Catania, E. Ferrari, and P. Perlasca, “A Logical Framework for Reasoning about Access Control Models”, ACM Transactions on Information and System Security, p.71-127, February 2003
  6. 11. D. F. Brewer and J. Nash, “The Chinese Wall Security Policy”, The IEEE Symposium on Security and Privacy, 1989
  7. 12. Dorothy E. Denning, “A lattice Model of Secure Information Flow”, Communications of the ACM, 19(5): p. 236-243, 1976
  8. 13. D. Bell and L. LaPadula, “The Bell-LaPadula Model”, Journal of Computer Security, p.303-339, 1997
  9. 14. Thomas A. Berson and Teresa F. Lunt, “Multilevel Security for Knowledge-Based Systems”, In proceedings of the 1987 IEEE Symposium on Privacy and Security, p. 235- 242, 1987
  10. 15. Ninghui Li and John C. Mitchell, “RT: A Role-based Trust-management Framework”, The Third DARPA Information Survivability Conference and Exposition, Washington, D.C., April 2003. IEEE Computer Society Press, Los Alamitos, CA, USA, p. 201-212
  11. 16. Ninghui Li, William H. Winsborough, and John C. Mitchell, “Distributed Credential Chain Discovery in Trust Management”, Journal of Computer Security, 11(1): p. 35-86, February 2003
  12. 17. M. Blaz, J. Feigenbaum and J. Lacy., “Decentralized Trust Management”, IEEE Conference, Anguilla, British West Inides, 1998
  13. 18. S. D. Kamvar, M. T. Schlosser, H. Garcia-Molina, “The Eigentrust Algorithm for Reputation Management in P2P Networks”, in Proceedings of the twelfth International Conference on World Wide Web, ACM Press, p. 640-651, 2003
Download


Paper Citation


in Harvard Style

Zuo Y. and Panda B. (2005). External Object Trust Zone Mapping for Information Clustering! . In Proceedings of the 3rd International Workshop on Security in Information Systems - Volume 1: WOSIS, (ICEIS 2005) ISBN 972-8865-25-2, pages 196-206. DOI: 10.5220/0002569301960206


in Bibtex Style

@conference{wosis05,
author={Yanjun Zuo and Brajendra Panda},
title={External Object Trust Zone Mapping for Information Clustering!},
booktitle={Proceedings of the 3rd International Workshop on Security in Information Systems - Volume 1: WOSIS, (ICEIS 2005)},
year={2005},
pages={196-206},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0002569301960206},
isbn={972-8865-25-2},
}


in EndNote Style

TY - CONF
JO - Proceedings of the 3rd International Workshop on Security in Information Systems - Volume 1: WOSIS, (ICEIS 2005)
TI - External Object Trust Zone Mapping for Information Clustering!
SN - 972-8865-25-2
AU - Zuo Y.
AU - Panda B.
PY - 2005
SP - 196
EP - 206
DO - 10.5220/0002569301960206