Secure distribution of confidential information via self-destructing data

  • Authors:

  • Jason Croft;Robert Signorile

  • Affiliations:

  • Boston College, Computer Science Department, Chestnut Hill, MA;Boston College, Computer Science Department, Chestnut Hill, MA

  • Venue:
  • DNCOCO'09 Proceedings of the 8th WSEAS international conference on Data networks, communications, computers
  • Year:
  • 2009

Quantified Score

Hi-index 0.00

Visualization

Abstract

Control and ownership of data is difficult in any environment and with the increase in electronic data and records, the need to maintain ownership and control redistribution of data is becoming increasingly important. We propose a first-level protection against unauthorized redistribution using a method of self-destructing, one-time-use data. Transmitted data is encrypted, encapsulated within an executable, and authenticated to a single user and machine. Once accessed, measures are taken to ensure it cannot be used outside the executable (e.g., displayed within a non-selectable, non-editable window) and that the executable cannot be easily decompiled. After a single use, data is destroyed through a method of in-memory compilation of a new executable, which overwrites the original during runtime. In addition, a time-to-live (TTL) is integrated into the executable to provide an additional layer of security so that the data is only accessible within a defined time period. The executable is self-sufficient-it requires no network connection, communication with a central authority, or communication with the sender to authenticate the data since all authentication is integrated into the executable. This provides universal, environment-neutral protection of the data within any type of transfer, whether via server-client, peer-to-peer (P2P), or through external storage devices.