Enhancing the Security and Capacity of Collaborative Software for First Responder

Enhancing the Security, Effectiveness, Capability of Collaborative Software for First Responder

A proposal for NISSC Grants related to Homeland Security and Homeland Defense

By C. Edward Chow and Charles C. Benight

We propose the research and development project on “Enhancing the security and effectiveness of groupware for first responder”. The idea is to design a framework for enhancing the security and effectiveness of the collaborative software tools for first responders. An application of such framework will be enhancing existing instant messenger and multimedia conferencing system.

For security, we propose to use Antigone framework [McDaniel2001] for the design secure group policies for first responders. The secure group communication will be enhanced with the security model such as Bell LaPadula Model [BL73, BL75] so that only persons with proper security clearance or category can see the documents or information distributed. Reliable communication protocol [RMP] will be used to ensure the delivery of important messages. Survivability is a crucial requirement for the environment where the first responders operate. We will examine the fault tolerance issues in the secure group communication system.

The ability for first responders to utilize secure and efficient groupware will be significantly determined through interactions between environmental conditions (e.g., hazard factors), social psychological variables (e.g., perceived group norms relating to the utility of this technology), and psychological factors (e.g., perceived mastery over using the technology). Specifically, this proposal will investigate the perceived norms and capability for utilizing the new technology and how this influences security factors and ability to use the groupware. This will be tested under non-stressed and stressed conditions.

A grant of $10,000 is requested, with $6000 for the computer science group lead by Dr. Chow to carry out the research and development of related secure groupware for first responders, and $4000 for the psychology group lead by Dr. Benight for designing the experiments to evaluate the effectiveness of the enhanced groupware and their impact on the operation of first responder.

1. Related works

2. Broader Impact

3. Plan of work

We will first install and study Antigone version 2.0.11 software package from university of Michigan on our lab machines. It includes source code of the antigone framework for building secure group policy, and enhance secure groupware such as white board, icq, AMirD mirror file systems. We will also obtain a copy of Keystone scalable and reliable key management service from University of Texas at Austin and see if we can integrate it with Antigone or improve Antigone’s group rekeying scheme [ZLL2003].

After studying the software architecture and source code of Antigone software package, we will see how it can be enhanced with Bell Lapadula security model. The resulting secure groupware will be embedded with the data collection and analysis code for monitoring the usage by the first responders. Through field trials and mock exercises, we hope to collect information on how effective these collaborative software are and how to improve their performance.

In order to test the perceived norms and capability for utilizing the new technology and how this influences security factors and ability to use the groupware, we will have a group of volunteer first responders use the technology under two conditions. The first condition will be under a non-stressed experimental context (in the laboratory). The second, will be a mock simulation that induces stressful conditions on the first responders in order to determine ease of use and concerns by the emergency personnel.

4. Metrics for Evaluating the project

The response time and user friendliness of the secure groupware including white board and icq.

Incidences of security breach.

Bandwidth utilization and processing overhead.

Perceptions of broad use of this type of technology will be assessed (i.e., perceived norms)

Appraisals of utility as perceived by the first responders will also be assessed

Perceived capability for using the technology will also be evaluated

5. Answers for Questions in Proposal Requirements

What research capability currently exists related to the proposed work?

In Computer Science Network Lab, we have built a 4 node MPLS-VPN testbed and experimented with iSCSI protocol for secure storage networking. The testbed provides Quality of Service and IPSec-based secure communications. The experience help us understand how to provide reliable and secure network services to critical operating environment faced by the first responders. It is also envision that wireless network plays a very important in such environment. We have setup a wireless security network with Cisco Aironet 1200 AP and currently experimenting with PEAP/TTLS authentication protocols. We also conducted experiments to evaluate the performance of VoIP over both 802.11a and 802.11b wireless networks. For network survivability, we have designed and developed fast network restoration algorithms and implemented simulators for comparing several state of art survivable architectures. We also developed high available content switch system which uses heartbeat protocol to monitor the availability of the content switch and use the mon software package to monitor the health status of the back end servers. The heartbeat and mon can be used to address the fault tolerance issue in secure group communication systems. With the content switching, we can also examine the headers and content of the packets whiel they traverse within networks. Curerntly we have research topics investigating “BIND dynamic update with OpenSSL”, “Autonomous Anti-DDoS network (A2D2)”, “Autonomous Anti-DDoS network V2.0” and “Multiple path routing”.

Dr. Benight has extensive experience in studying stress related processing in individuals involved in trauma. Specifically relevant to this proposal, Dr. Benight’s work utilizing social cognitive theory in order to understand the psychological, social, and behavioral outcomes during stress/trauma provides a critical foundation for this proposal. The resources of the CU-Trauma Studies and ResourceCenter will be available to assist in successfully completing this project. The Center is known to first responders in the community.

2. What security-related area(s) will be investigated.

We will investigate topics in the area of “Decision management and Control” and deal with situation of

• Communication; e.g., network, infrastructure, 1st responder system.
• Preparing for human casualties of terrorism.
• Trauma management
• Group dynamics
• Systems modeling and analysis
• Emergency preparedness.

We will also investigate Cyber-security and Information Protection and deals with the following subreas:

• Computer network Security,
• Wireless security.
• Cryptography, encryption, authentication
• Information Assurance.

3. What will be accomplished in the project?

We will accomplish the creation of a secure group communication system, which can ensure information is securely, reliability, and efficiently distributed according to security classification, and their sensitivities and categories. We will also collect important data on how first responders perceive and utilize secure and efficient groupware and how the usage is influenced by the interactions between environmental conditions (e.g., hazard factors), social psychological variables (e.g., perceived group norms relating to the utility of this technology), and psychological factors (e.g., perceived mastery over using the technology).

4.Who will work on the project?

Dr. C. Edward Chow and his students of the Department of Computer Science and Dr. Charles Benight and his students of the CU-Trauma Studies and Resource Center and the Department of Psychology at University of Colorado at Colorado Springs.

5.What timeframe the proposed work will be accomplished and the level of effort for each of the participants.

References

[Antigone] Antigon Secure Groupware

[BHLSL] Benight, C. C., Harper, M., Lowery, M., Sanger, J.., & Laudenslager, M. (in press). Immunological and Neuroendocrine Implications of Repression Following a Series of Natural Disasters. Psychology and Health.

[BH2002] Benight, C. C & Harper, M. (2002). Coping self-efficacy as a mediator for distress following multiple natural disasters. Journal of Traumatic Stress, 15, 177-186.

[BFT2001] Benight, C. C., Flores, J., & Tashiro, T. (2001). Bereavement coping self-efficacy in cancer widows. Death Studies, 25, 97-125.

[BFHRZL2000] Benight, C. C. Freyaldenhoven, R, Hughes, J., Ruiz, J. M., Zoesche, T. A., & Lovallo, W. (2000). Coping self-efficacy and psychological distress following the Oklahoma City Bombing: A longitudinal analysis. Journal of Applied Social Psychology, 30, 1331-1344.

[BSSSZ99] Benight, C. C., Swift, E., Sanger, J., Smith, A., & Zeppelin, D. (l999). Coping self-efficacy as a prime mediator of distress following a natural disaster. Journal of Applied Social Psychology, 29, 2443-2464.

[BL73] D. Bell and L. LaPadula, “Secure Computer System: Mathematical Foundations,” Technical Report MTR-2547, Vol. I, MITRE Corporation, Bedford, MA, March 1973.

[BL75] D. Bell and L. LaPadula, “Secure Computer System: Unified Exposition and Multics Interpretation,” Technical Report MTR-2997 Rev.1, MITRE Corporation, Bedford, MA, March 1975.

[Chow92] C.-H. E. Chow, “Resource Allocation for Multiparty Connections,”
Journal of Systems and Software, 1995. Also appeared as UCCS Tech Report EAS-CS-92-1, January 1992.

[Chow91] C.-H. Chow, “On Multicast Path Finding Algorithms,” Proceedings of INFOCOM’91, pp. 1274-1283, Miami, Florida, April 7-11, 1991.

[Chow90a] C.-H. Chow, “Protocol Issues In Interconnecting ISDN, IN and LAN,” Proceedings of 1990 TENCON Conference on Computer and Communication systems, pp. 610-617, Hong Kong, Sept. 24-27 1990.

[Chow90b] C.-H. Chow, M. Adachi, D. Nelson, “Achieving Multimedia Communications On A Heterogeneous Network,” Journal of Selected Areas in Communications, Vol. 8, No. 3, pp. 348-359, April, 1990.

[Helton94] Richard Helton, “Windraw: A Share Editor”, UCCS CS Master Thesis, 1994.

[HFCB92] M. Huang, I. T. Frisch, C.-H. E. Chow, H. Bussey, “Nondistributed Multiparty Connection Establishment For Broadband Networks,” Proceedings of 1992 IEEE International Conference on Communications, pp. 1392-1396, 1992.

[McDaniel2001] Patrick D. McDaniel, “Policy Management in Secure Group Communication” Ph.D. dissertation, University of Michigan, 2001.

[Patel96] Deep Patel, “Java-based Sharedraw”, UCCS CS Master Thesis, 1996.

[RFC2093] Group Key Management Protocol (GKMP) Specification, H. Harney, C. Muckenhirn July 1997, ftp://ftp.rfc-editor.org/in-notes/rfc2093.txt

[RFC2094] Group Key Management Protocol (GKMP) Architecture, H. Harney, C. Muckenhirn July 1997, ftp://ftp.rfc-editor.org/in-notes/rfc2094.txt

[Sandstrom97] Anders Sandstrom, “Zodega, A Real-time Platform Independent Conference Tool in Java,” UCCS CS Master Thesis, 1997.

[WGL98] C. K. Wong, M. Gouda, and Simon Lam, “Secure Group Communications Using key Graphs,” Proceedings of ACM SIGCOMM ’98, September 2-4, 1998, Vancouver, Canada.

[ZLL2003] X. Brian Zhang, Simon S. Lam, and D-Y Lee, “Group Rekeying with Limited Unicast Recovery,” Technical Report, TR-02-36 Revised February 2003.