Abstract
Information is essential to decision making. Nowadays, decision makers are often overwhelmed with large volumes of information, some of which may be inaccurate, incorrect, inappropriate, misleading, or maliciously introduced. With the advocated shift of information sharing paradigm from “need to know” to “need to share” this problem will be further compounded. This poses the challenge of achieving assured information sharing so that decision makers can always get and utilize the up-to-date information for making the right decisions, despite the existence of malicious attacks and without breaching privacy of honest participants. As a first step towards answering this challenge this paper proposes a systematic framework we call TIUPAM, which stands for “Trustworthiness-centric Identity, Usage, Provenance, and Attack Management.” The framework is centered at the need of trustworthiness and risk management for decision makers, and supported by four key components: identity management, usage management, provenance management and attack management. We explore the characterization of both the core functions and the supporting components in the TIUPAM framework, which may guide the design and realization of concrete schemes in the future.
Chapter PDF
References
Braun, U., Shinnar, A., Seltzer, M.: Securing provenance. In: HotSec 2008 (2008)
Park, J., Sandhu, R.: The UCON ABC usage control model. ACM Transactions on Information and System Security (TISSEC) 7(1), 128–174 (2004)
Xu, S., Yung, M.: Expecting the unexpected: Towards robust credential infrastructure. In: FC (2009)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2009 IFIP International Federation for Information Processing
About this paper
Cite this paper
Xu, S., Sandhu, R., Bertino, E. (2009). TIUPAM: A Framework for Trustworthiness-Centric Information Sharing. In: Ferrari, E., Li, N., Bertino, E., Karabulut, Y. (eds) Trust Management III. IFIPTM 2009. IFIP Advances in Information and Communication Technology, vol 300. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-02056-8_11
Download citation
DOI: https://doi.org/10.1007/978-3-642-02056-8_11
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-02055-1
Online ISBN: 978-3-642-02056-8
eBook Packages: Computer ScienceComputer Science (R0)