SGER: Explorations in Fine-Grained Security for Host and Network Application
Proposal Abstract
This research project explores a variety of applications of and models for fine-grained security. The topics include information sharing and collaboration, tracing integrity and data provenance through computations and across network hosts, semantic accountability and traceability, network architectures utilizing security-tagged packets, as well as appropriate models for authorization systems. Although fine-grained security has not been broadly studied up to now, recent proposals for advanced information sharing systems and word-level manipulation of security data by new computer architectures demand better understandings of the applications where fine-grained security can deliver important benefits as well as the difficulty of formulating and implementing necessary security models. The range of applications is vast -- from digital libraries, scientific collaboration to legal citation, government and medical processes, intelligence and decision-making in distributed organizations, and even, Internet-based political discourse. Despite the high risk of this exploratory research, the expected payoffs will be very high if manageable approaches are identified for these wide-scope applications. The research methodology involves characterizing an exemplary application, analyzing how it benefits from fine-grained data manipulation, designing core implementation mechanisms, and proposing appropriate security models to assure integrity, confidentiality, and availability. The deliverables are a series of reports each of which discuss an application and its corresponding security model
