Linking accurate personal information to decision support systems can improve professional services e.g. health care or fi nancial management. Linking professions will promote integrated services, avoiding costly duplication of infrastructure and services. However, where person-specifi c information is held, there are risks of identity theft or confi dentiality breaches. The ethics and governan...

This article presents a survey of authorisation models and considers their ‘fitness-for-purpose’ in facilitating information sharing. Network-supported information sharing is an important technical capability that underpins collaboration in support of dynamic and unpredictable activities such as emergency response, national security, infrastructure protection, supply chain integration and emerg...

Collaboration enables a set of partners to work together while sharing information, resources, and capabilities in a controlled and accountable fashion. The partners themselves are organizations composed of people, departments, computational entities, and agents who perform tasks consistent with the internal rules of their organization. This paper presents a framework for managing some aspects ...

To share information and retain control (share-but-protect) is a classic cyber security problem for which effective solutions continue to be elusive. Where the patterns of sharing are well defined and slow to change it is reasonable to apply the traditional access control models of lattice-based, role-based and attribute-based access control, along with discretionary authorization for further f...

The September 11 attack and the following investigations show that there is a serious information sharing problem among the relevant federal government agencies, and the problem can cause substantial deficiencies in terrorism attack detection. This paper performs a systematic analysis of the causes of this problem; and it finds that existing secure information sharing technologies and protocols...

We develop the foundations for a theory of Group-Centric Secure Information Sharing (g-SIS), characterize a specific family of models in this arena and identify several directions in which this theory can be extended. The traditional approach to information sharing, characterized as Dissemination-Centric in this paper, focuses on attaching attributes and policies to an object (sometimes called ...

A publicly verifiable secret sharing scheme is more applicable than a verifiable secret sharing because of the property that the validity of the shares distributed by the dealer can be verified by any party. In this paper, we construct a non-interactive and informationtheoretic publicly verifiable secret sharing by a computationally binding and unconditionally hiding commitment scheme and zero-...

With the rapid development of RFID technology, the EPCglobal network has drawn considerable attention from both research and industry communities, which enables supply chain partners to automatically share information and improve the visibility of supply chains. As the information shared in the EPCglobal network is usually sensitive and valuable, security mechanisms should be provided. In this ...

There is a growing demand for sharing information across multiple autonomous and private databases. The problem is usually formulated as a secure multiparty computation problem where a set of parties wish to jointly compute a function of their private inputs such that the parties learn only the result of the function but nothing else. In this paper we analyze existing and potential solutions fo...