Sharing but Protecting Content Against Internal Leakage for Organisations

Authors:
Muntaha Alawneh;Imad M. Abbadi
Affiliations:
Information Security Group, Royal Holloway, University of London, Egham, UK TW20 0EX;Information Security Group, Royal Holloway, University of London, Egham, UK TW20 0EX
Venue:
Proceeedings of the 22nd annual IFIP WG 11.3 working conference on Data and Applications Security
Year:
2008

Citing 11
Cited 3

Towards usage control models: beyond traditional access control

SACMAT '02 Proceedings of the seventh ACM symposium on Access control models and technologies
Role-Based Access Control

Role-Based Access Control
Display-only file server: a solution against information theft due to insider attack

Proceedings of the 4th ACM workshop on Digital rights management
Secure information sharing enabled by Trusted Computing and PEI models

ASIACCS '06 Proceedings of the 2006 ACM Symposium on Information, computer and communications security
An effective role administration model using organization structure

ACM Transactions on Information and System Security (TISSEC)
Trusted computing

netWorker - Trusted computing: who will control the PC of the future?
The ballad of DVD Jon

netWorker
Digital rights management using a mobile phone

Proceedings of the ninth international conference on Electronic commerce
Authorised domain management using location based services

Mobility '07 Proceedings of the 4th international conference on mobile technology, applications, and systems and the 1st international symposium on Computer human interaction in mobile technology
Digital rights management using a master control device

ASIAN'07 Proceedings of the 12th Asian computing science conference on Advances in computer science: computer and network security
Trusted computing: special aspects and challenges

SOFSEM'08 Proceedings of the 34th conference on Current trends in theory and practice of computer science

Toward trustworthy clouds' internet scale critical infrastructure

ISPEC'11 Proceedings of the 7th international conference on Information security practice and experience
Secure interoperable digital content distribution mechanisms in a multi-domain architecture

Multimedia Tools and Applications
A framework for establishing trust in the Cloud

Computers and Electrical Engineering

Quantified Score

Hi-index	0.00

Visualization

Abstract

Dishonest employees, who have privileges to obtain corporate critical information and access internal resources, cause the problem of internal leakage. Employees, who have such privileges and know from where to obtain corporate sensitive information, are far more dangerous than outsiders. This paper proposes a mechanism for protecting information inside organisations against unauthorised disclosure by internal adversaries. It mainly focusses on sharing and simultaneously guarding information assets from one another. This paper proposes a novel solution for binding sensitive content to organisation devices, thereby preventing uncontrolled content leakage to other devices. In the proposed solution we used trusted computing technology to provide a hardware-based root of trust on client side.