Linux Security Modules: General Security Support for the Linux Kernel
Proceedings of the 11th USENIX Security Symposium
First Principles of Copyright for DRM Design
IEEE Internet Computing
From the Editors: Whose Data Are These, Anyway?
IEEE Security and Privacy
Open-Source Applications of TCPA Hardware
ACSAC '04 Proceedings of the 20th Annual Computer Security Applications Conference
Design and implementation of a TCG-based integrity measurement architecture
SSYM'04 Proceedings of the 13th conference on USENIX Security Symposium - Volume 13
Uclinux: a linux security module for trusted-computing-based usage controls enforcement
Proceedings of the 2007 ACM workshop on Scalable trusted computing
Secure web-based retrieval of documents with usage controls
Proceedings of the 2009 ACM symposium on Applied Computing
Usage control enforcement - a survey
ARES'11 Proceedings of the IFIP WG 8.4/8.9 international cross domain conference on Availability, reliability and security for business, enterprise and health information systems
Hi-index | 0.00 |
Currently, collaborations often require non-disclosure agreements (NDAs). NDAs can be time-consuming and expensive to negotiate and enforce. Usage controls could be an atractive alternative or adjunct to NDAs. Usage controls enable the distributor of a file to limit how recipients of that file may use it. However, existing usage controls (e.g., PDF's) often are software-based and easy to break. They may not interoperate, and their impact on collaborative workflows is typically unknown. We designed and implemented operating system and Web server and browser modifications that allow hardware-based usage controls to be easily added to existing software-based ones. This paper describes and evaluates our system's user interfaces. In a user study, untrained users role-played design engineers in two similar collaborative scenarios with or without usage controls. Users found the interfaces easy to use, and usage controls had insignificant impact on the completion times and accuracy of the assigned tasks. These results suggest that our usage control approach can add security to collaborative workflows with minimal training and performance penalties.