Skip to main content Skip to main navigation


Information Flow in Disaster Management Systems

Achim Brucker; Dieter Hutter
In: M. Takizawa; A M. Tjoa (Hrsg.). Proceedings of the 5th International Conference on Availability, Reliability and Security 2010. International Conference on Availability, Reliability and Security (ARES-2010), February 15-18, Krakau, Poland, IEEE Computer Society, 1/2010.


Collaborations between organizations in the public sector, \eg, fire brigades, polices, military units, is often done via liaison officers. A liaison officer liaises between two organizations by providing a single point of contact and ensuring the efficient communication and coordination of their activities. Usually an organization embeds a liaison officer in another organization to provide face-to-face coordination. Liaison officers demand special requirements to the security mechanism of the IT infrastructure of the organization that act as host for a liaison officer. This holds, in particular, for Disaster Management Information Systems (DMIS). Such systems need, on the one hand, to support various ways of communication in a flexible and ad hoc manner. On the other hand, these systems need to protect, by law, the leakage of sensitive data. In this paper, we present a novel mechanism, based on role-based access control (RBAC), for supporting the flexible and secure information exchange between organizations using liaison officers. Our mechanism enables liaison officers to decide on their own authority which information they wants share with their home organizations while allowing the host organization to limit the access of liaisons officers to their system in a fine-grained manner.