Trust Domains - A framework for modelling and designing e-service infrastructures for controlled sharing of information
Lead Research Organisation:
University of Birmingham
Department Name: School of Computer Science
Abstract
Ensuring flows of information to the right people over multiple collaborating organisations is becoming increasingly important for both business and government. There are, however, trade-offs between the productivity and functional gains from sharing information, on the one hand, and the risks of leakage and opening up IT systems, on the other. Recent developments in trusted computing and virtualization can address these trade offs in a flexible manner, as they allow for the creation of policy controlled IT systems with configurable security properties. Collaborative, secure sharing solutions can be realized through the creation of dynamic 'Trust Domains' --- a notion that we propose to explore at and between all levels of the policy-service-infrastructure stack --- that enforce information flow and configuration policies. We propose a customer-driven project that starts out from examples of information sharing within police forces and agencies they work with. Based on a practical understanding of the required flows and policies, we will develop an abstract framework for qualifying types of and flows of information and a corresponding model of the associated risks. This allows process owners to describe their requirements and concerns. We will research how to qualify and map information flows to Trust Domain configurations, derive guidelines and templates for supporting solution architects in building IT services, and extend our set of analytics and modelling tools to help stakeholders gain an understanding of the risks associated with information flows and enforcement mechanisms.There are business opportunities for creating and operating new e-services with enhanced trust and security properties based on new methodologies and toolsets. The framework we suggest takes a business driven approach to risk, trust and security and covers aspects of process and system analysis, design, configuration, security policy, human roles, and operational management. We create a value proposition by having the models, tools and methodologies that allows us to bridge the current gap between business level risk and system configuration and policy design. Hence mapping service needs onto trusted platforms, domains, and infrastructureThe project complements and expands ongoing, TSB-funded work on trust economics as well as on complexity, risk, and resilience management pioneered and exploited by HP's UK Enterprise Services. Both HP Enterprise Services and HP Labs, Bristol believe that bridging high-level incentive models and systems design for trust domains would be a unique global differentiator, not only aligned with US-NITRD 'game-changing' themes, but ahead of them in suggesting an integrated approach. The academic components of this project will contribute the following developments in support of this programme: - The concept of Trust Domain, at and between the various levels of the socio-technical system stack (policy-service-infrastructure); - Mathematical systems modelling technologies to support tools and methodologies for reasoning about the properties, dynamics, and applications of the Trust Domain concept; - A thorough taxonomy of technical, design, and architectural properties which give rise to different trust characteristics in deployed services; - Modelling the quality of trust and expectations among components, to the extent of being able to make a meaningful comparison of solutions based on different architectural paradigms, within a given context.Targeted market: intra-corporate and intra-governmental data centres and 'clouds' whose stringent information flow control requirements cannot be met by today's providers.
Planned Impact
The pathways to impact for this project can be summarized conveniently under the following three headings: Academic Impact - Research: influencing and challenging a range of academic disciplines in computing, mathematics, and management. - Education and Training: New Master's degree programmes combining the relevant technological and management skills. Industrial and Commercial Impact - Hewlett--Packard: - HP's UK-based research effort - HP's UK-based IT services and security businesses - HP's UK customers - Perpetuity: a client- and problem-base, encompassing questions such as access control and trust in the context of both corporate/physical security and information security will provide a rich collection of challenges for our conceptual work and tool/methodology development. - The wider security ecosystem: the community that is touched by this project, via academic research, industrial research, education/training, and as customers of HP and Perpetuity, will influence systems policy and implementation in academia, industry, and government. Impact in RCUK Priorities and in UK Society - Fostering global economic performance, and specifically the economic competitiveness of the United Kingdom The delivery of systems and services with appropriate levels of security - that is, systems that generate value whilst remaining sufficiently secure, robust, and flexible to cope with perturbations, be they internally (design changes) or externally (changes in the environment) generated - is a challenge to corporations and economies around the world. De- veloping robust, mathematically based technologies will allow the UK to lead in this respect. - Increasing the effectiveness of public services and policy. Public services are delivered by sys- tems that are based on complex technological substrates. These systems support services - to citizens, government, companies, charities, etc. - that are intended to implement society's agreed policies. At each of these three (infrastructure, service, policy) layers, groups of system components, be they individuals, organizations, or technology elements, need to form groups within which mutually understood and/or rep- resented levels of trust obtain. - Enhancing quality of life, health, and creative output. Citizens' quality of life will be enhanced by better, more secure services, more readily and appropriately trustable services, be they delivered by government or the private sector. Moreover, improved cost-effectiveness will tend to reduce the taxation burden and encourage reinvestment by service-providers.
People |
ORCID iD |
Mark Ryan (Principal Investigator) |
Publications
Arapinis M
(2011)
StatVerif: Verification of Stateful Processes
Arapinis M
(2012)
Verifying Privacy-Type Properties in a Modular Way
Arapinis M
(2012)
Principles of Security and Trust
Caudrelier V
(2014)
Integrable Boundary for Quad-Graph Systems: Three-Dimensional Boundary Consistency
in Symmetry, Integrability and Geometry: Methods and Applications
Koleini M
(2014)
Verification of agent knowledge in dynamic access control policies
Mark D Ryan
(2012)
Automatic Analysis of Security Properties
in INTRUST
Pike A
(2012)
Digital exclusion or learning exclusion? An ethnographic study of adult male distance learners in English prisons
in Research in Learning Technology
Ryan M
(2013)
Cloud computing security: The scientific challenge, and a survey of solutions
in Journal of Systems and Software
Description | Architecture for software-as-a-service cloud computing such that cloud provider not able to see any plaintext data. Application of method and tool supporting verification of security protocols with persistent state (StatVerif) to protocols of trusted computing. Key certification method for usable end-to-end encrypted mail. |
Exploitation Route | Cloud computing architecture can be taken up by cloud providers and cloud users that want strong security properties. StatVerif can be taken up by researchers wanting to analyse stateful protocols. |
Sectors | Creative Economy Digital/Communication/Information Technologies (including Software) Financial Services and Management Consultancy Government Democracy and Justice Security and Diplomacy Other |
Description | L3-TRL are investigating possible use and development of the cloud computing architecture. |
Sector | Digital/Communication/Information Technologies (including Software),Government, Democracy and Justice,Security and Diplomacy,Other |
Impact Types | Societal Economic |
Description | Research Chair in Cyber Security |
Amount | £400,000 (GBP) |
Organisation | Hewlett Packard Ltd |
Department | Hewlett Packard Laboratories, Bristol |
Sector | Private |
Country | United Kingdom |
Start | 08/2016 |
End | 08/2021 |
Description | Secure Cloud-Based Computing |
Amount | £63,129 (GBP) |
Organisation | L3 TRL Technology |
Sector | Private |
Country | United Kingdom |
Start | 12/2014 |
End | 09/2015 |
Title | StatVerif |
Description | A software tool to verify the security properties of protocols. |
Type Of Material | Improvements to research infrastructure |
Year Produced | 2014 |
Provided To Others? | Yes |
Impact | Take up by other researchers |
URL | https://sec.cs.bham.ac.uk/research/StatVerif/ |
Description | Hewlett Packard |
Organisation | Hewlett Packard Ltd |
Country | United Kingdom |
Sector | Private |
PI Contribution | Collaboration on TPM specification |
Collaborator Contribution | Collaboration on TPM specification |
Impact | Contribution to TPM 2.0 specification and multiple research papers |
Start Year | 2006 |
Title | ConfiChair |
Description | ConfiChair is a cloud-based collaboration tool that guarantees confidentiality from the cloud provider. See confiChair.org |
Type Of Technology | Webtool/Application |
Year Produced | 2011 |
Impact | Follow-up funding |
URL | https://www.confichair.org/ |
Company Name | CloudTomo |
Description | CloudTomo develops data protection technology for internet-based data stores. |
Year Established | 2010 |
Impact | Has won two funding awards: Scottish Enterprise award (60K) and TSB award (80K, not taken up). |
Website | http://www.cloudtomo.com |
Description | Google visit |
Form Of Engagement Activity | A talk or presentation |
Part Of Official Scheme? | No |
Geographic Reach | International |
Primary Audience | Professional Practitioners |
Results and Impact | Much discussion. Interaction. |
Year(s) Of Engagement Activity | 2012 |