Seeing the Real World: Sharing Protected Data in Real Time

Abstract

We describe a new capability for "owners" of protected data to quickly and securely share real time data among networked decision-support and real-time control devices with whom the "owners" of the data have explicitly decided to "share the data. The service is based upon implementation of a recent formal definition and mathematical result (James et al. 2009) derived from the decades-old Bell-LaPadula information security result (Bell and LaPadula, 1973). The service provides decision makers a means of securely and automatically sharing critical information across security barriers based upon declaration of sharing policies. The declaration and implementation of information sharing policies based upon a need-to-share has been shown to be compatible with information protection policies based upon a need-to-know. Indeed, the implementation of the need-to-share service is based upon extending the mathematical foundations of need-to-know information security systems (the Bell-LaPadula result of 1973).