Trust-based secure information sharing between federal government agencies

The September 11 attack and the following investigations show that there is a serious information sharing problem among the relevant federal government agencies, and the problem can cause substantial deficiencies in terrorism attack detection. In this paper we provide a systematic analysis of the causes of this problem; and conclude that existing secure information sharing technologies and protocols cannot provide enough incentives for government agencies to share information with each other without worrying that their own interests can be jeopardized. Although trust-based information access is well studied in the literature, the existing trust models, which are based on certified attributes, cannot support effective information sharing among government agencies, which requires an interest-based trust model. To solve this information sharing problem, we propose an innovative interest-based trust model and a novel information sharing protocol, where a family of information sharing policies are integrated, and information exchange and trust negotiation are interleaved with and interdependent upon each other. In addition, an implementation of this protocol is presented using the emerging technology of XML Web Services. The implementation is totally compatible with the Federal Enterprise Architecture reference models and can be directly integrated into existing E-Government systems.