@InCollection{	  brucker.ea:information:2010,
  author	= {Achim D. Brucker and Dieter Hutter},
  booktitle	= {International Conference on Availability, Reliability and
		  Security (ARES)},
  language	= {USenglish},
  title		= {Information Flow in Disaster Management Systems},
  year		= {2010},
  classification= {conference},
  areas		= {security},
  public	= {yes},
  publisher	= {IEEE Computer Society},
  address	= {Los Alamitos, CA, USA},
  pages		= {156--163},
  isbn		= {978-0-7695-3965-2},
  doi		= {10.1109/ARES.2010.107},
  abstract	= {Collaborations between organizations in the public sector,
		  e.g., fire brigades, polices, military units, is often done
		  via liaison officers. A liaison officer liaises between two
		  organizations by providing a single point of contact and
		  ensuring the efficient communication and coordination of
		  their activities. Usually an organization embeds a liaison
		  officer in another organization to provide face-to-face
		  coordination. Liaison officers demand special requirements
		  to the security mechanism of the IT infrastructure of the
		  organization that act as host for a liaison officer.
		  
		  This holds, in particular, for Disaster Management
		  Information Systems (DMIS). Such systems need, on the one
		  hand, to support various ways of communication in a
		  flexible and ad hoc manner. On the other hand, these
		  systems need to protect, by law, the leakage of sensitive
		  data.
		  
		  In this paper, we present a novel mechanism, based on
		  role-based access control (RBAC), for supporting the
		  flexible and secure information exchange between
		  organizations using liaison officers. Our mechanism enables
		  liaison officers to decide on their own authority which
		  information they wants share with their home organizations
		  while allowing the host organization to limit the access of
		  liaisons officers to their system in a fine-grained
		  manner.},
  keywords	= {disaster management, information flow, access control,
		  liaison officer},
  pdf		= {http://www.brucker.ch/bibliography/download/2010/brucker.ea-information-2010.pdf},
  url		= {http://www.brucker.ch/bibliography/abstract/brucker.ea-information-2010}
		  
}