Crisis management is the process of organizing response to incidents that seriously threaten people’s lives or the environment. Examples of such incidents include road accidents, fires, etc. These incidents may evolve rapidly and need a quick and efficient response to limit the damages. Crisis management often requires access to sensitive data from many organizations or different administrative domains. For example, responders from different administrative domains may need to know the number of casualties, or the imminent dangers for the surrounding area, andmedical records must be shared to provide care for the victims.
In the rest of this paper, we will indicate the organization where data originates as the data provider and the recipient organization as the data consumer. Sensitive data must be protected according to the security policies of the data provider even after it has been disseminated to users in other organizations or different administrative domains. This usually requires mutual trust between the data provider and consumer. The data provider must ensure that its data will be protected after dissemination, while the data consumer needs to know what data it will be able to access. Organizations form Data Sharing Agreements (DSA) [26] to achieve these goals. A DSA is a signed contract stating each partner’s obligations, which allowsthe partners to seek remedy (e.g. through legal means) for breaches of the contract.Establishment of a DSA allows the data provider to trust data consumers to enforce the agreed policies in their administrative domain.
In practice, DSAs are expressed in natural language (e.g., see [13]) and include the authorization policies for the shared data. Common practices of first-aid and public-safety agencies indicate that the evaluation and enforcement of DSAs are not automated and data is often shared informally [27]. Informal data sharing requires manual decision making. However, a manual process can cause delays and errors, which can in turn lead to deterioration of the crisis at hand. Effective and scalable crisis management requires an automated and efficient DSA evaluation and enforcement system.
Existing dissemination control architectures [18, 16, 2, 5, 10, 14, 15] are unable to address the requirements of cross-domain data sharing during crisis situations. First, they require recipients to contact the data provider or a pre-defined central policy evaluation authority to obtain access rights. However, responders may not be able to connect with the central authority while lending support in the crisis area. If, for example, the incident happens in a tunnel. The incident response command centers located in response vehicles may use long range communication equipment to exchange data with the outside world, while responders with mobile devices may have to depend on ad hoc links using short range communication of their devices. Ad hoc networks provide intermittent connectivity as the network nodes (responders) are always in motion. A remote policy evaluation authority could be unreachable from the responder’s location if the network is temporarily partitioned. This limitation can be fatal in crisis management scenarios. It is there fore necessary to cater for situations when data may be shared through an ad hoc network among rescuers, or manually using portable media such as data sticks. To effectively respond to crises, data must be protected in ways that do not require communication with entities outside the responder’s reach.
Download
Secure Cross-Domain Data Sharing Architecture for Crisis Management
