Abstract
Protection of critical infrastructure requires collaboration between various stakeholders, including military, governmental and private organizations. The stakeholders are typically located in different information security domains or even different countries. We present a content labelling solution developed by NATO for the purpose of enabling information sharing between different communities of interest and coalition participants in NATO operations. We believe that the same solution can be used to support the enforcement of fine-grained access control for the protection of critical infrastructures. The focus of this paper is on the binding of sensitivity-marking metadata (i.e. ‘labelling’) to data objects, and the application of granular access control to labelled data objects. We provide an example of how access control can be efficiently enforced on portions of an XML document while preserving the essential parts of the XML structure of the document.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
Similar content being viewed by others
References
Gallagher, S., Neugebauer, M.: Critical Infrastructure Information Sharing. In: IEEE International Conference on Technologies for Homeland Security (2004)
The National Association of Regulatory Utility Commissioners: 2007 Information Sharing Practices in Regulated Critical Infrastructure States (2007)
Zhao, W., White, G.: A collaborative information sharing framework for Community Cyber Security. In: IEEE Conference on Technologies for Homeland Security (2012)
Ryutov, T., Kichkaylo, T., Neches, R., Orosz, M.: SFINKS: Secure focused information, news, and knowledge sharing. In: IEEE International Conference on Technologies for Homeland Security (2008)
Braghin, S., Fovino, I.N., Trombetta, A.: Advanced trust negotiation in critical infrastructures. In: 1st International Conference on Infrastructure Systems and Services (2008)
Flentge, F., Beyel, C., Rome, E.: Towards a standardised cross-sector information exchange on present risk factors. Critical Information Infrastructures Security (2008)
Oudkerk, S., Bryant, I., Eggen, A., Haakseth, R.: A Proposal for an XML Confidentiality Label Syntax and Binding of Metadata to Data Objects. In: NATO RTO Symposium on Information Assurance and Cyber Defence (2010)
Oudkerk, S., Lunt, G., Ross, A.: NATO Profile for the XML Confidentiality Label Syntax – Version 1.1, NCIA, The Hague, Netherlands (2013)
Oudkerk, S., Lunt, G., Ross, A.: NATO Profile for the Binding of Metadata to Data Objects – Version 1.1, NCIA, The Hague, Netherlands (2013)
W3C: XML Signature Syntax and Processing, 2nd edn., http://www.w3.org/TR/xmldsig-core/
W3C XSL Working Group and W3C XML Query Working Group: XML Path Language (XPath) 2.0, 2nd edn (2010)
W3C XML Linking Working Group: XPointer Framework (2003)
Oudkerk, S.: NATO Cross-Domain Web Services Experiment at CWID 2007, NC3A, The Hague, Netherlands (2008)
Zeilenga, K., Melnikov, A.: Security Labels in Internet Email, draft-zeilenga-email-seclabel-05, IETF (2013)
ECMA: ECMA-376: Office Open XML File Formats, Part2: Open Packaging Conventions, 4th edn (2012)
ECMA: ECMA-262: ECMAScript Language Specification, 5.1 edn (2011)
Lunt, G., Oudkerk, S., Ross, A.: NATO Metadata Binding Service, NCIA, The Hague, Netherlands (2012)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2013 Springer International Publishing Switzerland
About this paper
Cite this paper
Oudkerk, S., Wrona, K. (2013). Using NATO Labelling to Support Controlled Information Sharing between Partners. In: Luiijf, E., Hartel, P. (eds) Critical Information Infrastructures Security. CRITIS 2013. Lecture Notes in Computer Science, vol 8328. Springer, Cham. https://doi.org/10.1007/978-3-319-03964-0_19
Download citation
DOI: https://doi.org/10.1007/978-3-319-03964-0_19
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-03963-3
Online ISBN: 978-3-319-03964-0
eBook Packages: Computer ScienceComputer Science (R0)