Towards Secure Information Sharing models for community Cyber Security

In this paper, we motivate the need for new models for Secure Information Sharing (SIS) in the specific domain of community cyber security. We believe that similar models will be applicable in numerous other domains. The term community in this context refers to a county or larger city size unit with a clearly demarcated geographical boundary aligned more or less with a governance boundary. Our choice of the community domain is based on the decade long experience of the Center for Infrastructure Assurance and Security (CIAS), now part of the Institute for Cyber Security (ICS-CIAS) at the University of Texas at San Antonio. Over the past decade ICS-CIAS has conducted cyber security preparedness exercises and training at communities throughout the nation specifically dealing with communication, incident response, disaster recovery, business continuity, security awareness and similar issues. We discuss the insights gained from these frequent exercises to illustrate the limitations of prior models for SIS, such as discretionary access control, mandatory access control and role-based access control. Specifically, we argue that these traditional models, while effective in addressing the issues that they were developed for, lack the agility to dynamically configure a system to facilitate SIS scenarios such as monitoring and response during a community cyber security incident life cycle. We discuss how our current research efforts at the Institute for Cyber Security on group-centric SIS models directly address the limitations of existing models in such scenarios.