Policy Formulation and Development of Secure Environment for Information Sharing

Abstract

Flow of information among strategic and public organizations is core requirement to meet their goals and objectives. In these organizations, sharing of information in timely manner is the utmost requirement but at the same time controlled and monitored exchange of information with confidentiality, integrity and non-repudiation is also very critical objective. Other security principles like need to know, least privilege and separation of duties are also very important to consider while handling classified information during the course of sharing. Security levels and security clearance plays vital role for access control. This work presents a policy based secure collection of security mechanisms that build a secure environment to assure above mentioned security requirements. Use of proven and established security techniques and existing technologies is preferred where possible. The focus of research is on defining of security policy elements, policy enforcement and monitoring for secure and trusted sharing while providing all security essentials including confidentiality, integrity, access control, authorization, authentication and accountability.