Collaborative policies and assured information sharing
Modern organizations have access to massive amounts of structured and unstructured data from myriad sources, including information from internal activities, collected sensor data, data from active, potential, or past partners, and data from interacting with cooperative or unaffiliated entities. The project aims to develop new methods for information sharing across and within security levels, with specific attention to confidentiality, privacy, trust, data quality and provenance. One focus is on formal policy specification languages, rigorous semantics, and supporting tools that allow organizations to define and analyze their information dissemination and release policies and priorities. The project aims to develop theory and algorithms for the design of incentive-compatible sharing policies, including methods for value-maximizing policy design and quantitative models for policy optimization and risk management. In addition, the project will investigate policy enforcement using cryptographic methods, trusted computing architectures, and related approaches, including policy enforcement by encryption, policy-enforcement by cryptographic obfuscation, private information sharing using Trusted Computing (TCG), and sharing and data mining using efficient secure multi-party computation.
Helen Nissenbaum (NYU)