DOCSLIB.ORG

Officer Data Card (Odc) Dissemination Policy, Model, and Blockchain-Based Accountability Mechanism

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Officer Data Card (Odc) Dissemination Policy, Model, and Blockchain-Based Accountability Mechanism Calhoun: The NPS Institutional Archive DSpace Repository Theses and Dissertations 1. Thesis and Dissertation Collection, all items 2018-06 OFFICER DATA CARD (ODC) DISSEMINATION POLICY, MODEL, AND BLOCKCHAIN-BASED ACCOUNTABILITY MECHANISM Gentile, Brett Monterey, CA; Naval Postgraduate School http://hdl.handle.net/10945/59665 Downloaded from NPS Archive: Calhoun NAVAL POSTGRADUATE SCHOOL MONTEREY, CALIFORNIA THESIS OFFICER DATA CARD (ODC) DISSEMINATION POLICY, MODEL, AND BLOCKCHAIN-BASED ACCOUNTABILITY MECHANISM by Brett Gentile June 2018 Thesis Advisor: Cynthia E. Irvine Second Reader: Theodore D. Huffmire Approved for public release. Distribution is unlimited. THIS PAGE INTENTIONALLY LEFT BLANK Form Approved OMB REPORT DOCUMENTATION PAGE No. 0704-0188 Public reporting burden for this collection of information is estimated to average 1 hour per response, including the time for reviewing instruction, searching existing data sources, gathering and maintaining the data needed, and completing and reviewing the collection of information. Send comments regarding this burden estimate or any other aspect of this collection of information, including suggestions for reducing this burden, to Washington headquarters Services, Directorate for Information Operations and Reports, 1215 Jefferson Davis Highway, Suite 1204, Arlington, VA 22202-4302, and to the Office of Management and Budget, Paperwork Reduction Project (0704-0188) Washington, DC 20503. 1. AGENCY USE ONLY 2. REPORT DATE 3. REPORT TYPE AND DATES COVERED (Leave blank) June 2018 Master's thesis 4. TITLE AND SUBTITLE 5. FUNDING NUMBERS OFFICER DATA CARD (ODC) DISSEMINATION POLICY, MODEL, AND BLOCKCHAIN-BASED ACCOUNTABILITY MECHANISM 6. AUTHOR(S) Brett Gentile 7. PERFORMING ORGANIZATION NAME(S) AND ADDRESS(ES) 8. PERFORMING Naval Postgraduate School ORGANIZATION REPORT Monterey, CA 93943-5000 NUMBER 9. SPONSORING / MONITORING AGENCY NAME(S) AND 10. SPONSORING / ADDRESS(ES) MONITORING AGENCY N/A REPORT NUMBER 11. SUPPLEMENTARY NOTES The views expressed in this thesis are those of the author and do not reflect the official policy or position of the Department of Defense or the U.S. Government. 12a. DISTRIBUTION / AVAILABILITY STATEMENT 12b. DISTRIBUTION CODE Approved for public release. Distribution is unlimited. A 13. ABSTRACT (maximum 200 words) The Officer Data Card (ODC) is an automated record that provides up-to-date data about U.S. Navy officers for use in detailing and promotion boards. Policy regarding ODCs requires controlled access and dissemination of ODC information. A better understanding of the policies associated with ODCs could allow current technologies to be employed to support their use and management. This work builds a model for ODC dissemination based on current policies and practices. A process model is built to describe controlled dissemination of ODCs during specific promotion board processes. It is found that the dissemination policies and model for ODCs have a strong similarity to those applied to ORCON-labeled information handled by the intelligence community. With the threat of unauthorized dissemination of ODCs in mind, a blockchain solution is proposed for auditing the access to and modification of ODCs. The proposed solution is a distributed auditing mechanism that does not rely on a central auditing server. The proposed blockchain solution is analyzed and determined to be able to provide accountability for record handling processes and ODC dissemination but does not provide enough new functionality or efficiency beyond that possible through intensive central audit logging. 14. SUBJECT TERMS 15. NUMBER OF personnel records, ODC, originator control, ORCON, dissemination control, access control, PAGES 91 integrity, accountability, audit, OMPF, blockchain, distributed ledger 16. PRICE CODE 17. SECURITY 18. SECURITY 19. SECURITY 20. LIMITATION OF CLASSIFICATION OF CLASSIFICATION OF THIS CLASSIFICATION OF ABSTRACT REPORT PAGE ABSTRACT Unclassified Unclassified Unclassified UU NSN 7540-01-280-5500 Standard Form 298 (Rev. 2-89) Prescribed by ANSI Std. 239-18 i THIS PAGE INTENTIONALLY LEFT BLANK ii Approved for public release. Distribution is unlimited. OFFICER DATA CARD (ODC) DISSEMINATION POLICY, MODEL, AND BLOCKCHAIN-BASED ACCOUNTABILITY MECHANISM Brett Gentile Ensign, United States Navy BS, United States Naval Academy, 2017 Submitted in partial fulfillment of the requirements for the degree of MASTER OF SCIENCE IN COMPUTER SCIENCE from the NAVAL POSTGRADUATE SCHOOL June 2018 Approved by: Cynthia E. Irvine Advisor Theodore D. Huffmire Second Reader Peter J. Denning Chair, Department of Computer Science iii THIS PAGE INTENTIONALLY LEFT BLANK iv ABSTRACT The Officer Data Card (ODC) is an automated record that provides up-to-date data about U.S. Navy officers for use in detailing and promotion boards. Policy regarding ODCs requires controlled access and dissemination of ODC information. A better understanding of the policies associated with ODCs could allow current technologies to be employed to support their use and management. This work builds a model for ODC dissemination based on current policies and practices. A process model is built to describe controlled dissemination of ODCs during specific promotion board processes. It is found that the dissemination policies and model for ODCs have a strong similarity to those applied to ORCON-labeled information handled by the intelligence community. With the threat of unauthorized dissemination of ODCs in mind, a blockchain solution is proposed for auditing the access to and modification of ODCs. The proposed solution is a distributed auditing mechanism that does not rely on a central auditing server. The proposed blockchain solution is analyzed and determined to be able to provide accountability for record handling processes and ODC dissemination but does not provide enough new functionality or efficiency beyond that possible through intensive central audit logging. v THIS PAGE INTENTIONALLY LEFT BLANK vi TABLE OF CONTENTS I. INTRODUCTION..................................................................................................1 A. OBJECTIVES ............................................................................................1 B. RELEVANCE TO THE DEPARTMENT OF DEFENSE .....................2 C. THESIS ORGANIZATION ......................................................................2 II. BACKGROUND AND EXISTING WORK ........................................................5 A. NAVY PERSONNEL RECORDS ............................................................5 1. Record Types ..................................................................................5 2. Construction of Underlying Database ..........................................6 3. Digital Record Storage ..................................................................7 4. Record Access and Maintenance ..................................................7 5. Record Usage ..................................................................................7 6. Record Privacy ...............................................................................8 B. ORIGINATOR CONTROLLED INFORMATION DISSEMINATION .....................................................................................8 1. History of ORCON Models ...........................................................9 2. ORCON Usage Example .............................................................10 C. BLOCKCHAIN TECHNOLOGY ..........................................................11 1. History and Origin .......................................................................12 2. Blockchain Characteristics and Features ..................................14 D. SUMMARY ..............................................................................................18 III. PERSONNEL RECORD MANAGEMENT SCENARIOS .............................19 A. OVERVIEW OF PROMOTION BOARD PROCESS .........................19 B. RECORD HANDLING IN STATUTORY PROMOTION BOARDS ...................................................................................................22 C. STEPS FOR CORRECTING ODC INFORMATION .........................25 1. Determination ...............................................................................25 2. Request ..........................................................................................25 3. Admittance....................................................................................26 4. Resolution .....................................................................................26 D. CONSTRUCTING THE SCENARIOS .................................................27 1. Scenarios .......................................................................................27 2. Variables .......................................................................................27 3. Desired Outcomes ........................................................................28 E. SUMMARY ..............................................................................................28 vii IV. THREAT MODEL...............................................................................................31 A. ASSET EVALUATION ...........................................................................31 1. Confidentiality ..............................................................................31 2. Integrity ........................................................................................32 3. Availability....................................................................................32
Load more

Recommended publications
  • Two-Tier Blockchain Timestamped Notarization with Incremental Security
    Two-tier blockchain timestamped notarization with incremental security Alessio Meneghetti1, Armanda Ottaviano Quintavalle2, Massimiliano Sala1, and Alessandro Tomasi3 1 Department of Mathematics, University of Trento, Trento, Italy 2 LDSD, Department of Physics and Astronomy, University of Sheffield, Sheffield, UK 3 Security and Trust, Fondazione Bruno Kessler, Trento, Italy Abstract Digital notarization is one of the most promising services offered by modern blockchain- based solutions. We present a digital notary design with incremental security and cost reduced with respect to current solutions. A client of the service receives evidence in three steps. In the first step, evidence is received almost immediately, but a lot of trust is required. In the second step, less trust is required, but evidence is received seconds later. Finally, in the third step evidence is received within minutes via a public blockchain. 1 Introduction The solution here described was commissioned to provide a customer in the financial sector with evidence to corroborate its statement of the integrity, authenticity, and existence at a given time of its data. This is closely related to the problems known as secure timestamping and notarization. The commission was made with the very specific requirement that it should make use of a privately run blockchain-based service anchored to a public blockchain, but at the same time still be capable of working without the private ledger, if it should cease to operate. We find it interesting to discuss how this design challenge can be met, and what security guarantees it can offer. Digital timestamping and blockchain have been linked from inception. The bitcoin whitepa- per [14] explicitly cites the linked timestamping work by Haber and Stornetta [8] with Merkle trees [13] as efficiency improvement [4].
    [Show full text]
  • Blockchain-Based Supply Chain for Postage Stamps
    Blockchain-Based Supply Chain for Postage Stamps Article Blockchain-Based Supply Chain for Postage Stamps Yury Yanovich 1, 2, 3, *, Igor Shiyanov 4, Timur Myaldzin 4, 5, Ivan Prokhorov 1, 5, Darya Korepanova 1, 6 and Sergey Vorobyov 1, 6 1 Software Department, Bitfury, 1016 BP, Amsterdam, The Netherlands; [email protected] (I.P.); [email protected] (D.K.); [email protected] (S.V.) 2 Center for Computational and Data-Intensive Science and Engineering, Skolkovo Institute of Science and Technology (Skoltech), 121205, Moscow, Russia 3 Laboratory of Data Mining and Predictive Modeling, Institute for Information Transmission Problems (IITP RAS), 127051, Moscow, Russia 4 Strategy Office, Russian Post, 131000, Moscow, Russia; [email protected] (I.S.); [email protected] (T.M.) 5 Department of Geography of World Economy, Faculty of Geography, Lomonosov Moscow State University, 119991, Moscow, Russia 6 Faculty of Computer Science, Higher School of Economics, 125319, Moscow, Russia * Correspondence: [email protected]; Tel.: +7-919-770-9649 Received: 18 September 2018; Accepted: 11 November 2018; Published: 15 November 2018 Abstract: Counterfeit and unaccounted postage stamps used on mailings cost postal administrations a significant amount of money each year. Corporate and individual clients become victim to stamp fraud and incur losses when security teams investigate such mailings. The blockchain technology is supposed to be a solution to make postage stamps market transparent and to guarantee invariability of stamps volume produced and used. The blockchain-based supply chain for postage stamps is introduced in the article. Keywords: blockchain; supply chain; digital token 1 Blockchain-Based Supply Chain for Postage Stamps 1.
    [Show full text]
  • How to Use Blockchain in Enterprise World?
    How to use blockchain in enterprise world? An exploratory research on the possibilities and limitations of implementing blockchain based solutions in the real estate industry Master thesis title How to use blockchain in enterprise world? - An exploratory research on the possibilities and limitations of implementing blockchain based solutions in the real estate industry Student Hunor Vadasz-Perhat Student ID 64442 University Roskilde University (RUC) Universitetsvej 1., Postbox 260, 4000 Roskilde, Denmark Department Computer Science and Informatics (M.Sc.) Supervisor Professor John Patrick Gallagher 1 Abstract The real estate market has an importance on the overall economy. A real estate crisis that the world has recently experienced lead to long lasting and serious consequences both on a micro and macro level. Besides, such crashes that tend to happen the real estate market also suffers from inefficient transaction processes, problems with transparency, illiquidity and high transaction costs. The goal of this master thesis is to examine the possibilities and limitations of implementing Blockchain based solution for the real estate industry. Blockchain is a new and emerging technology with potentials that can have an impact on several areas of life, including the real estate market. In order to be able to answer the research question that is formulated in the thesis there will be provided an extensive knowledge about Blockchain functionality and it potentials together with its challenges. Furthermore, a background theoretical knowledge will be provided about the real estate market, more precisely about the real estate management process. After the theoretical introduction the thesis will look at how and in which phases of the real estate management process Blockchain could be used.
    [Show full text]
  • Converging Blockchain and Next-Generation Artificial Intelligence Technologies to Decentralize and Accelerate Biomedical Research and Healthcare
    www.impactjournals.com/oncotarget/ Oncotarget, 2018, Vol. 9, (No. 5), pp: 5665-5690 Research Paper Converging blockchain and next-generation artificial intelligence technologies to decentralize and accelerate biomedical research and healthcare Polina Mamoshina1,2, Lucy Ojomoko1, Yury Yanovich3, Alex Ostrovski3, Alex Botezatu3, Pavel Prikhodko3, Eugene Izumchenko4, Alexander Aliper1, Konstantin Romantsov1, Alexander Zhebrak1, Iraneus Obioma Ogu5 and Alex Zhavoronkov1,6 1 Pharmaceutical Artificial Intelligence Department, Insilico Medicine, Inc., Emerging Technology Centers, Johns Hopkins University at Eastern, Baltimore, Maryland, USA 2 Department of Computer Science, University of Oxford, Oxford, United Kingdom 3 The Bitfury Group, Amsterdam, Netherlands 4 Department of Otolaryngology-Head & Neck Surgery, Johns Hopkins University School of Medicine, Baltimore, MD, USA 5 Africa Blockchain Artificial Intelligence for Healthcare Initiative, Insilico Medicine, Inc, Abuja, Nigeria 6 The Biogerontology Research Foundation, London, United Kingdom Correspondence to: Alex Zhavoronkov, email: [email protected] Keywords: artificial intelligence; deep learning; data management; blockchain; digital health Received: October 19, 2017 Accepted: November 02, 2017 Published: November 09, 2017 Copyright: Mamoshina et al. This is an open-access article distributed under the terms of the Creative Commons Attribution License 3.0 (CC BY 3.0), which permits unrestricted use, distribution, and reproduction in any medium, provided the original author and source are credited. ABSTRACT The increased availability of data and recent advancements in artificial intelligence present the unprecedented opportunities in healthcare and major challenges for the patients, developers, providers and regulators. The novel deep learning and transfer learning techniques are turning any data about the person into medical data transforming simple facial pictures and videos into powerful sources of data for predictive analytics.
    [Show full text]
  • Two-Tier Blockchain Timestamped Notarization with Incremental Security
    Two-tier blockchain timestamped notarization with incremental security Alessio Meneghetti1, Armanda Ottaviano Quintavalle2, Massimiliano Sala1, and Alessandro Tomasi3 1 Department of Mathematics, University of Trento, Trento, Italy 2 LDSD, Department of Physics and Astronomy, University of Sheffield, Sheffield, UK 3 Security and Trust, Fondazione Bruno Kessler, Trento, Italy Abstract Digital notarization is one of the most promising services offered by modern blockchain- based solutions. We present a digital notary design with incremental security and cost reduced with respect to current solutions. A client of the service receives evidence in three steps. In the first step, evidence is received almost immediately, but a lot of trust is required. In the second step, less trust is required, but evidence is received seconds later. Finally, in the third step evidence is received within minutes via a public blockchain. 1 Introduction The solution here described was commissioned to provide a customer in the financial sector with evidence to corroborate its statement of the integrity, authenticity, and existence at a given time of its data. This is closely related to the problems known as secure timestamping and notarization. The commission was made with the very specific requirement that it should make use of a privately run blockchain-based service anchored to a public blockchain, but at the same time still be capable of working without the private ledger, if it should cease to operate. We find it interesting to discuss how this design challenge can be met, and what security guarantees it can offer. Digital timestamping and blockchain have been linked from inception. The bitcoin whitepa- per [14] explicitly cites the linked timestamping work by Haber and Stornetta [8] with Merkle trees [13] as efficiency improvement [4].
    [Show full text]
  • Crypto 5: Key Exchanges & Snake
    Computer Science 161 Weaver Crypto 5: Key Exchanges & Snake Oil 1 Administrivia! Computer Science 161 Weaver • Project 1 due Friday • Reminder, you have slip days if you need them • If you need to ask for an extension (DSP or not) please fill out the form on the web site! • Homework 3 due Friday the 19th 2 How Can We Communicate With Someone New? Computer Science 161 Weaver • Public-key crypto gives us amazing capabilities to achieve confidentiality, integrity & authentication without shared secrets … • But how do we solve MITM attacks? • How can we trust we have the true public key for someone we want to communicate with? • But we have some good primitives • Public key encryption: With the public key, anyone can encrypt but only the private key decrypts • Signatures: With the public key, anyone can verify but only the private key signs 3 Trusted Authorities Computer Science 161 Weaver • Suppose there’s a party that everyone agrees to trust to confirm each individual’s public key • Say the Governor of California • Issues with this approach? • How can everyone agree to trust them? • Scaling: huge amount of work; single point of failure … • ... and thus Denial-of-Service concerns • How do you know you’re talking to the right authority?? 4 Trust Anchors Computer Science 161 Weaver • Suppose the trusted party distributes their key so everyone has it … • And now think about doing things "off-line": • The trusted entity only has to do work once for each person • And can do it in advance 5 Computer Science 161 Weaver 6 Computer Science 161 Weaver
    [Show full text]
  • Oracle Database
    Thesis no: MECS-2015-15 Evaluation of Data Integrity Methods in Storage: Oracle Database Ognjen Tomanović Oliver Posse Dept. Computer Science & Engineering Blekinge Institute of Technology SE–371 79 Karlskrona, Sweden This thesis is submitted to the Department of Computer Science & Engineering at Blekinge Institute of Technology in partial fulfillment of the requirements for the Degree of Master of Science in Engineering: Computer Security. The thesis is equivalent to 20 weeks of full-time studies. Ericsson AB was a collaborative partner during this theses. The company is a leading global company offering solutions in the area of telecommunication and multimedia. Such solutions include mobile banking, multimedia solutions and network solutions. The company is ISO 9001:2000 certified. The market in which the company operates can be characterized as highly dynamic with high innovation in products and solutions. The development model is market-driven, meaning that the requirements are collected from a large base of potential end-customers without knowing exactly who the customer will be. Furthermore, the market demands high integrity, specifically due to the sensitive nature of the stored data. Contact Information: Authors: Ognjen Tomanović E-mail: [email protected] Oliver Posse E-mail: [email protected] External advisor: Ericsson AB University advisor: Prof. Stefan Axelsson Dept. Computer Science & Engineering Dept. Computer Science & Engineering Internet : www.bth.se Blekinge Institute of Technology Phone : +46 455 38 50 00 SE–371 79 Karlskrona, Sweden Fax : +46 455 38 50 57 i Abstract Context. It is very common today that e-commerce systems store sen- sitive client information. The database administrators of these types of systems have access to this sensitive client information and are able to manipulate it.
    [Show full text]
  • Two-Tier Blockchain Timestamped Notarization with Incremental Security
    Aim and relevant protocols Two-tier blockchain timestamping Proof of Security Two-tier blockchain timestamped notarization with incremental security A. Meneghetti, A. Ottaviano Quintavalle, M. Sala, A. Tomasi University of Trento - University of Sheffield - Bruno Kessler Foundation DLT 19 - Pisa - February 12th 2019 Two-tier blockchain timestamped notarization with incremental security University of Trento - University of Sheffield - Bruno Kessler Foundation Aim and relevant protocols Two-tier blockchain timestamping Proof of Security Overview Aim Protocol to provide I Integrity I Authenticity I Existence at a given time of data. Customer: financial sector Two-tier blockchain timestamped notarization with incremental security University of Trento - University of Sheffield - Bruno Kessler Foundation Aim and relevant protocols Two-tier blockchain timestamping Proof of Security Related Protocols Two-tier blockchain timestamped notarization with incremental security University of Trento - University of Sheffield - Bruno Kessler Foundation Aim and relevant protocols Two-tier blockchain timestamping Proof of Security Known protocols - Seminal Work I The hash h(d) of data d is sent to a Trusted Timestamping Authority A I returns a signed statement τ A τ = h(d) t σA (:::) jj jj Stuart Haber and W. Scott Stornetta. How to time-stamp a digital document. Journal of Cryp- tology, 3(2):99{111, 1991. Presented at CRYPTO 1990. Two-tier blockchain timestamped notarization with incremental security University of Trento - University of Sheffield - Bruno Kessler Foundation Aim and relevant protocols Two-tier blockchain timestamping Proof of Security Known protocols - RFC 3161 I The hash h(d) of data d is sent to a Trusted Timestamping Authority A I returns a signed statement τ A τ = h ( h(d) t ) σA (:::) jj jj IETF RFC 3161.
    [Show full text]
  • Barbosamarquesdeoliveira Ucc
    IMPROVED DISTRIBUTED LEDGER TRANSACTIONS WITH HOMOMORPHIC COMPUTATIONS by HANES BARBOSA MARQUES DE OLIVEIRA B.S., Universidade Potiguar, Brazil, 2009 A thesis submitted to the Graduate Faculty of the University of Colorado Colorado Springs in partial fulfillment of the requirements for the degree of Master of Science Department of Computer Science 2020 © Copyright by Hanes Barbosa Marques de Oliveira 2020 All Rights Reserved This thesis for the Master of Science degree by Hanes Barbosa Marques de Oliveira has been approved for the Department of Computer Science by Edward C. Chow, Chair Carlos Paz de Araujo Philip N. Brown 3 December 2020 Date ii Barbosa Marques de Oliveira, Hanes (M.S., Computer Science) Improved Distributed Ledger Transactions with Homomorphic Computations Thesis directed by Professor Edward C. Chow ABSTRACT This thesis proposes a model to protect and transfer data ownership securely, driven by Homomorphic Encryption (HE) primitives and protocols applied to private blockchain technologies. Regarding Blockchain-as-a-Service (BaaS), our contribution seeks to alleviate issues such as third-party custody of digital assets, opportunism, and other adversarial issues. We addressed a recurrent challenge in a Distributed Ledger Technology (DLT) by adapting a HE to the inherent blockchain principles. Both blockchain and HE technologies suffer from performance issues, and the combination of these tools can escalate the issue. Therefore, we apply Clifford Algebra as the algebraic structure for devising an efficient solution. We show the relationships between each aspect of the proposed model, the architecture and related principles, along with the concepts and values expected for a BaaS environment. Our prototype performs well with larger keys, where the system demonstrated a linear performance when keys ranged from 128 to 4096 bits, in operations such as encryption, the addition of ciphertexts, and decryption.
    [Show full text]