Enforcement Architecture and Implementation Model for Group-Centric Information Sharing

A fundamental requirement for Secure Information Sharing (SIS) is that protection needs to extend to clients. Trusted Computing Technology provides a hardware root of trust through the Trusted Platform Module. We present a super-distribution based enforcement architecture and implementation model for the group-centric SIS problem which is concerned with sharing information within a set of authorized users. With super-distribution, group subjects can encrypt objects once and distribute them via any means such as Email, USB flash drives, P2P, WWW, etc. Other authorized group subjects may access these objects without having to contact an authorization server to download the object. A Trusted Reference Monitor on client platforms faithfully enforces group policies.