Instant Knowledge: Secure Autonomic Business Collaboration

The proposed Instant Knowledge (IK) project is about providing up to date and relevant data to users throughout an organisation. Such information will be continually changing. Moreover, the network that is created to access this data will have to cater for mobile terminals. In such a dynamic environment techniques such as data mining will be used to automatically maintain the data sources. Thus, the data provider will not be actively involved in releasing information to remote users. Of course the data provider may refuse to release any sensitive information but that would severely limit the usefulness of the IK network. On the other hand, if the information contains sensitive company data or personal identifying information (PII) relating to the provider or third parties, then it cannot be released without controlling who has access rights. The central research problem therefore is how to control access to dynamic information in a complex dynamic environment. Our first task is to identify the system requirements and from this determine potential threats to the system. These threats may be from accidental leaking of data or more malicious attacks on the system. Once the threats have been identified, in order to focus our research we need to understand what the major threats are, and what are likely to have less impact. This analysis will be carried out in collaboration with the industrial partners and will determine the overall security requirements for the project. The second task will focus on designing security protocols to meet the above requirements. One area we will investigate is the field of Trusted Computing (TC). This subject is normally associated with software licensing and protecting multi-media content, but the same technology can be adapted to protect the PII distributed within the IK network. Many protocols exist that will confirm the identity of the party that data is being sent to, but which offer no guarantee that the recipient will subsequently protect that information. What TC provides are mechanisms to seal data so that it is only exposed when the platform is in a specific configuration. Thus the owner of the data retains control of this even after it has been released - the trust required of the recipient is greatly diminished. TC technology exists for static platforms, but standards for mobile platforms were only released in July 2007. The research challenge is to identify the components for a trusted mobile platform to support our protocols. The difficulty lies in adapting technologies for static platforms, such as virtual machines, to a more resource limited Trusted Mobile Platform (TMP). Based on this TMP, our research will focus on how security policies that determine access to data can be enforced. Mechanisms exist for policy enforcement on standard platforms, but without TC they assume a high level of trust in the Policy Enforcement Point (PEP) and the entity running this device. We seek to exploit Mobile TC to strengthen the PEP on mobile devices. Some form of authentication is often required before data is released. We will investigate how a TMP will allow authentication based on entities' attributes rather than identity. Moreover we will investigate how the DAA protocol can be exploited to provide a further degree of user anonymity. This protocol can attest that a platform can be trusted without revealing any PII. We will also investigate how the TMP can be used to provide data provenance. In all of the above we will collaborate with other groups to produce a demonstrator system. As this develops adjustments may be made to the initial system design. We will therefore continuously monitor developments and repeat security analysis as we progress, reviewing and modifying requirements with the industrial partners. The final stage of our research will be to carry out a rigorous security analysis of the final system to ensure that all our security requirements are met.