Assured Information Sharing in Clouds

Award Information
Agency: Department of Defense
Branch: Air Force
Contract: FA8750-12-C-0140
Agency Tracking Number: F11B-T30-0227
Amount: $100,000.00
Phase: Phase I
Program: STTR
Awards Year: 2012
Solicitation Year: 2011
Solicitation Topic Code: AF11-BT30
Solicitation Number: 2011.B
Small Business Information
InfoBeyond Technology LLC
Suite 220, Atrium Center, 10400 Linn Station Road, Louisville, KY, 40223-
DUNS: 877380530
HUBZone Owned: N
Woman Owned: N
Socially and Economically Disadvantaged: N
Principal Investigator
 Bin Xie
 (502) 742-9770
Business Contact
 Bin Xie
Title: President
Phone: (502) 742-9770
Research Institution
 Stevens Institute of Technology
 Chrissa P P.E
 Office of Sponsored Research
Castle Point on Hudson
Hoboken, NJ, 07030-7030
 (201) 216-8051
 Nonprofit college or university
ABSTRACT: In the future, numerous military database, documentation, and mission-critical information systems will be migrated to the clouds, due to cloud cost-efficiency and accessing flexibility. However, the cloud servers are generally untrusted either for data owners or users. In this proposal, A3IS (Attribute-based Algorithms for Assured Information Sharing) is proposed for dynamically and securely data storage, query, and access in a policy-based manner. Basically, A3IS transfers all DoD policies into the corresponding attributes in such a way to validate whether the security policy is enforced for any data manipulation. All the data are encrypted on the cloud servers. The confidentiality and privacy of the owner are protected. On the other hands, only the user satisfying the predefined policies can fetch and decrypt the data with the corresponding keys. For flexible data access, A3IS has the secure fuzzy searching algorithm for users to search the data of his interest from the encrypted data in the cloud. The cloud server is unable to access the decrypted data or infer any additional information. Furthermore, A3IS achieves a fine-granted and flexible access control on the data, having the functions of authentication, authorization, and key distribution for of data owner and users. BENEFIT: Database applications, document management, mission-critical management are the leading applications in the Cloud. Cloud security is enhanced, compared to other distributed systems. However, the military and government cloud adoption in these applications still relies on the system security while the data security is the top concern, according to the Lockheed Martin Cyber Security Alliance survey on cloud computing and cyber security conducted by Market Connections, Inc. A3IS represents a vital advance on the cloud security where the data access control have to be secured by user policies. Once it is developed as a COTS/GOTS security product, A3IS leads to three critical business benefits. At first, A3IS offers data storage security across different sources. All data are encrypted by the data owner before uploading them into the cloud data servers. For data storage, the data owner is authenticated by the third party (e.g., attribute authority), instead of the cloud data server. The attribute authority enables secure data sharing across Air Force, Navy, Army, CIA, FBI, and DHS, and other agencies. Secondly, A3IS provides flexible and efficient policy-based data sharing security as the policy is transited to data attribute. The policies are created at the attribute authority by the data owner. They are then transferred into attributes imposed on the data. Only the user satisfying the policy can access the data with corresponding policy. Thirdly, A3IS achieves flexible and efficient secure query. It allows data query and other operations on the encrypted data. In addition, the fuzzy keyword search accommodates users typos in the querying keywords. The Air Force would gain significant value from the commercialized dual-use A3IS products. By flexible production options, the marketing cost can be reduced through an economical license model that offers attractive development, demonstration, and production options. The use of A3IS would increase return-on-investment through protecting the Air Force and other DoD information systems. The A3IS design would enable rapid technology transition and commercialization success. In the private sector market, A3IS can be used for hospitals, healthcare, and financial organizations. It can also be used for enterprise cloud database and document management applications if the data are accessed by user policies. The private market size is much larger than that of military applications, and the cloud market will reach $2.5bn by 2015, according to research from International Data Corporation (IDC). Such a large market need will help attract a great amount of potential investment. Our effort is to transition the application of our technologies into actual security products. We will closely work with our partners to transfer this technology into the military and commercial worlds.

* information listed above is at the time of submission.

Agency Micro-sites

SBA logo
Department of Agriculture logo
Department of Commerce logo
Department of Defense logo
Department of Education logo
Department of Energy logo
Department of Health and Human Services logo
Department of Homeland Security logo
Department of Transportation logo
Environmental Protection Agency logo
National Aeronautics and Space Administration logo
National Science Foundation logo
US Flag An Official Website of the United States Government