Policy, Law and Management

This area includes tools and methods for understanding the context of security, and how to best allocate resources for protection of assets. This includes research into risk assessment and mitigation methodologies, policy development, the role of law and social pressure on security, economic aspects of security, cross-cultural issues governing security, cyberethics, simulation and modeling of security, and policy languages and proofs.

Transparency & Legal Compliance in Information Systems

Analysts need mechanisms to disambiguate regulations so they may be clearly specified as software requirements. Additionally, those responsible for certifying compliance within relevant systems need controls and assurances that measure conformance with policies and regulations. Our goal is to develop methods, tools, and procedures to help software designers and policy makers achieve transparency and consistency by bringing regulations, policies and system requirements into better alignment.

Results: There are three main expected results of this work. First, we will produce tools to assist software designers in determining a clear set of actionable requirements for system design and access control from regulations and legislation. Second, we will produce methods to develop audit mechanisms and procedures that may be used to verify that a functioning system meets its requirements. This will aid organizations as they conduct policy and legal compliance. Third, we will develop a realistic corpus of synthetic electronic patient record data that can be used to test any such experimental system. We will make this available so that other researchers can use it.

Classifying Child Porn Images in Law Enforcement Cases (COPINE)

Using the COPINE (Combating Paedophile Information Networks in Europe) classification model, which categorizes the severity of victimization in child pornography, United States law enforcement officers will be asked to classify Internet child pornography images they have seized as evidence for a 6 month period, using an anonymous online questionnaire. This project is currently in the data collection phase.

Unsecured Economies: Protecting Vital Information

The goal of the Unsecured Economies project is to examine the attitudes and behaviors regarding the security and integrity of intellectual property across the globe. A survey instrument is being developed which will track managers’ perceptions regarding the threats and risks to intellectual property inherent in a global economy and firm-level response to those threats and risks. The intended outcome of this project is to better understand the risk landscape when it comes to protecting intellectual property and developing guidance to managers for better managing the risk inherent in competing in global markets.

Assurable Configuration of Security Policies in Enterprise Networks

The design and configuration of enterprise networks is one of the hardest challenges that operators face today. A key challenge in doing so is the need to reconfigure network devices to ensure high-level operator goals are correctly realized. The high-level objectives (such as performance and security goals) that operators have for their networks are embedded in hundreds of low-level device configurations. Reconfiguring network devices is challenging given the huge semantic gap between these high-levelobjectives, and low-level configurations. Errors in changing configurations have been known to result in outages, business service disruptions, violations of Service Level Agreements~(SLA) and cyber-attacks~\cite{mahajan:02,kerravala02,Alloy}. In our research, we are looking at principled approaches for the systematic design and configuration of enterprise networks. We believe our research will minimize errors, and enable operators to ensure their networks continue to meet desired high-level security objectives. An important problem that we are currently tackling is that of ensuring correctness of security policies when migrating enterprise data centers to cloud computing models.

A Context-Driven Security Framework for Distributed Healthcare Domain

The primary objective of the Personal Health Record (PHR) initiative is to empower users (patients) to control their own private medical information not only in terms of management and access but also allowing the sharing of their information with others in a private, secure, and confidential environment. Generally, disclosure of personal information depends on the circumstances of access including the privacy concerns of the individual patient. In particular, for using EHR/PHR technology the overriding public concern is ensuring security and privacy of their health care information, which is a serious technological challenge for the PHR technology developer. Following are the two key barriers to a wider use of PHR.

(a) Inability of a patient to compose consistent and context-aware disclosure policies for his/her collection of Electronic Health Records (HER). These records can be maintained by various heterogeneous health care and government enterprises. The challenge is to provide an intelligent user-friendly and patient-centered environment empowering the user to control access privileges relevant to various contexts.

(b) Secure and privacy-aware interoperability and data sharing among independent healthcare enterprises. The challenge is how to ensure secure sharing of data among multiple health-care enterprises, with potentially diverse security policies and guarantee privacy-preserving data integration among such enterprises.

The objective of this project is to develop a healthcare prototype on NIST’s Policy Machine (PM) for exhibiting our newly developed context-driven policy framework. For the demo, a PHR multimedia database is being implemented which consists of text, images, audio and video data whereby fine-grained access to individual multimedia objects will be implemented based on the roles across multiple healthcare domains.

Human Factors in Online Security and Privacy

This research focuses on human aspects of online security and privacy assurance. With respect to online security, we have performed task analyses of the procedures required to use different types of authentication methods (e.g., passwords, biometrics, tokens, smart cards) and determined the costs and benefits of the alternative methods. Although passwords are the weakest of the methods, they are the most pervasive and widely accepted form of authentication for many systems. Thus, we have performed experiments designed to identify techniques for improving both the security and memorability of passwords. With respect to privacy assurance, we have performed analyses on Web privacy policies to determine organizations’ privacy and security goals. We also conducted usability tests examining users’ comprehension of privacy policies, factors that influence users’ trust in an organization, and users’ ability to configure privacy agents to check machine-readable policies for an organization’s adherence to specific privacy practices. Because the methods for ensuring security and privacy involve human users, our goal is to improve the interaction between humans and the technical devices and interfaces employed in security- and privacy-related tasks.

Access Control Policy Specification and Verification

This research program is motivated by the observation that today’s security problems are often caused by errors in policy specification and management, rather than failure in, for example, cryptographic primitives. Formal verification techniques have been successfully applied to the design and analysis of hardware, software, distributed algorithms, and cryptographic protocols. This project aims at achieving similar success in access control.

This project studies novel approaches to specifying properties about access control policies and the verification of them. Recent results include security analysis in trust management and role based access control, analyzing the relationship between separation of duty policies and role mutual exclusion constraints, the development of a novel algebra for specifying multi-user policies, the introduction of resiliency policies, and so on.

A Welfare Economic Analysis of Data Breach Disclosure Policy in the United States

In the past six years, 44 states in the United States have embraced a new form of privacy and identity theft regulation – mandatory disclosure of data breach information. Information disclosure regulation is a form of legislation considered effective for issues that span consumer protection and risk and where market mechanisms would/could work effectively to shape consumer and producer behavior and bring about allocative efficiency. Informational regulation is a new approach in the data privacy milieu, but has a precedent in environmental and health policy. While data breach information disclosure policies intend to have an impact on consumer and producer behavior, little is known about the costs and benefits of these policies and whether they are in fact enhancing social welfare in the area of identity theft and privacy. This project investigates the conditions under which mandatory information disclosure will lead to 1) a reduction in identity theft, 2) enhancement of privacy, and ultimately the conditions under which it will enhance social welfare.

Purdue Univ. Program for Homeland Security - STEM Career Development

Transparency and Legal Compliance in Software Systems

This project, involving collaboration between North Carolina State University and Purdue University, addresses the design of Healthcare information systems. Such systems are becoming ubiquitous and thus increasingly subject to attack, misuse and abuse. Specifications and designs of these systems often neglect security and privacy concerns. Moreover, regulations such as HIPAA (Health Insurance Portability and Accountability Act) as well as security and privacy policies are difficult for users to understand and complex for software engineers to use as guides when designing and implementing systems. This project defines mechanisms that are needed to help analysts disambiguate regulations so that they may be clearly specified as software requirements. In addition, regulations are increasingly requiring organizations to comply with the law and account for their actions. Individuals responsible for ensuring compliance and accountability currently lack sufficient guidance and support to manage their legal obligations within relevant information systems. Software controls are needed to provide assurances that business processes adhere to specific requirements, especially those derived from government regulations.

To address these challenges, the proposed work takes a holistic view of the design of transparent and legally compliant software systems. Key research questions that are addressed include:
-How should system requirements be specified so they may be realized in design and implementation to ensure legal and regulatory compliance?
-Given that software designs need to satisfy multiple stakeholders (organizations, law/policy makers, government agencies, public citizens, etc.) having contradictory, inconsistent and difficult to understand objectives, how can the design process of these systems be improved to lead to convergence and satisfaction of these requirements in a transparent and auditable fashion?

This project articulates a requirements management framework that enables executives, business managers, software developers and auditors to distribute legal obligations across business units and/or personnel with different roles and technical capabilities. This framework improves accountability by integrating traceability throughout the policy and requirements lifecycle. The broader impacts of this project are expected to be far reaching as law and regulations govern the collection, use, transfer and removal of information from software systems in many spheres of society.

Footer

Intranet Site