Accountable Information Usage in Distributed Information Sharing Enviroments Project

Overview

The U.S. Department of Homeland Security (DHS) is committed to using cutting-edge technologies and scientific talent in its quest to make America safer. The DHS Science and Technology Directorate (S& T) is tasked with researching and organizing the scientific, engineering, and technological resources of the United States and leveraging these existing resources into technological tools to help protect the homeland. The Accountable Information Usage in Distributed Information Sharing Environments Project supports this effort through its execution plan.

DHS S& T seeks to leverage the Massachusetts of Institute of Technology (MIT) expertise to enable the homeland security operational environments with innovative processes and technology to implement them within the context of the tactical and policy constraints that currently frame the homeland security challenge.

New tools in information management, visualization, and dissemination provide enormous potential value to decision makers. However, there is no accountable information flow in large-scale, information sharing environments. Recent research suggests that this can be achieved through the novel integration of Semantic Web information-modeling techniques along with Policy Aware Web rules-based access control systems. Advancing this research requires investigation of various options for applying general techniques in accountable systems architectures to an information sharing environment. In Phase I of this project, the research focused on creating proof-of-concept tools to accurately express complex security and privacy policies, reason over them about specific data transactions to determine compliance, and provide justifications for their conclusions [Waterman10Prototyping]. Challenges were also identified that will impede or obstruct implementation of accountable systems in real-world environments in which data is owned by multiple parties and held in disparate, decentralized systems. Phase II will leverage the Phase I research efforts, the expertise of the MIT team, and the continued use of scenario modeling to design proof-of-concept technologies and address the three critical challenges – scale, approximation, and validation & reporting — not readily answerable through existing technology in this project. It will also focus on transitioning the research artifacts into operational environments by integrating existing authentication mechanisms such as Identity Management (IdM) testbed and Federal Public Key Infrastructure (FPKI), which is being developed by the Identity, Credential and Access Management (ICAM) subcommittee, with the policy reasoning tools and leveraging ontologies defined in National Information Exchange Model (NIEM). Infusing our research prototypes with this government supported technology with enable them to take advantages of emerging standards and lead to better interoperability with other tools.

• [Waterman10Prototyping] “Prototyping Fusion Center Information Sharing; Implementing Policy Reasoning Over Cross-Jurisdictional Data Transactions Occurring in a Decentralized Environment” Waterman, K. Krasnow and Wang, Samuel, IEEE Conference on Homeland Security Technologies, Best Paper Award, 2010.
• [Berners01Semantic] “The Semantic Web” Tim Berners-Lee, James Hendler and Ora Lassila, Scientific American, 2001.
• [Weitzner05PAW] “Creating the Policy-Aware Web: Discretionary, Rules-based Access for the World Wide Web” Weitzner, Daniel, Hendler, Jim, Berners-Lee, Tim, and Connolly, Dan in Elena Ferrari and Bhavani Thuraisingham, eds, Web and Information Security, 2005.
• [Weitzner08Accountability] “Information Accountability” Weitzner, Daniel, Abelson, Hal, Berners-Lee, Tim, Feigenbaum, Joan, Hendler, Jim, and Sussman, Gerald, Communications of the ACM, 2008.
• [Khandelwal10AIR] “Analyzing the AIR Language: A Semantic Web (Production) Rules Language” Khandelwal, Ankesh, Bao, Jie, Kagal, Lalana, Jacobi, Ian, Ding, Li, and Hendler, James, The Fourth International Conference on Web Reasoning and Rule Systems, 2010.
• [Kagal08AIR] “Explanations for Policy Decisions via Dependency Tracking” Kagal, Lalana, Hanson, Chris, and Weitzner, Daniel, IEEE Workshop on Policies for Distributed Systems and Networks, 2008.
• [Forbus93Building] “Building Problem Solvers”, Kenneth D. Forbus, Johan De Kleer, 1993.
• [Burgard95Goal] “Goal-Directed Forward Chaining: Tuple-oriented Bottom-up Approach” Burgard, Wolfram, In Logic Programming: Formal Methods and Practical Applications, 1995.