SMT-based enforcement and analysis of NATO content-based protection and release policies

NATO is developing a new IT infrastructure that will enable automated information sharing between di erent information security domains and provide strong separation between di erent communities of interest while supporting dynamic and exible enforcement of the need-to-know principle. In this context, the Content-based Protection and Release (CPR) model has been introduced to support the specification and enforcement of access control policies used in NATO and, more generally, in complex organizations. While the ability to support fine-grained security policies for a large variety of users, resources and devices is desirable, the definition, maintenance, and enforcement of these policies can be diffcult, time-consuming, and error-prone. Thus, automated support for policy analysis to help designers in these activities is needed. In this paper we show that several policy-related analysis problems of practical interest can be reduced to SMT problems, we propose an e ective enforcement mechanism relying on attribute-based encryption (ABE), and assess the scalability of our approach on an extensive set of synthetic benchmarks.