JFlow: practical mostly-static information flow control
Proceedings of the 26th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Controlled access and dissemination of XML documents
Proceedings of the 2nd international workshop on Web information and data management
A lattice model of secure information flow
Communications of the ACM
A fine-grained access control system for XML documents
ACM Transactions on Information and System Security (TISSEC)
Integrating Flexible Support for Security Policies into the Linux Operating System
Proceedings of the FREENIX Track: 2001 USENIX Annual Technical Conference
An infrastructure for managing secure update operations on XML data
Proceedings of the eighth ACM symposium on Access control models and technologies
Providing flexibility in information flow control for object oriented systems
SP '97 Proceedings of the 1997 IEEE Symposium on Security and Privacy
DEXA '03 Proceedings of the 14th International Workshop on Database and Expert Systems Applications
Security policies for downgrading
Proceedings of the 11th ACM conference on Computer and communications security
Access control in collaborative systems
ACM Computing Surveys (CSUR)
AC-XML documents: improving the performance of a web access control module
Proceedings of the tenth ACM symposium on Access control models and technologies
Relevancy based access control of versioned XML documents
Proceedings of the tenth ACM symposium on Access control models and technologies
A survey of data provenance in e-science
ACM SIGMOD Record
Towards XML version control of office documents
Proceedings of the 2005 ACM symposium on Document engineering
Digitally signed document sanitizing scheme based on bilinear maps
ASIACCS '06 Proceedings of the 2006 ACM Symposium on Information, computer and communications security
Role-based access management for ad-hoc collaborative sharing
Proceedings of the eleventh ACM symposium on Access control models and technologies
XACML policy integration algorithms: not to be confused with XACML policy combination algorithms!
Proceedings of the eleventh ACM symposium on Access control models and technologies
Semantic access control for information interoperation
Proceedings of the eleventh ACM symposium on Access control models and technologies
Provenance management in curated databases
Proceedings of the 2006 ACM SIGMOD international conference on Management of data
Platform for enterprise privacy practices: privacy-enabled management of customer data
PET'02 Proceedings of the 2nd international conference on Privacy enhancing technologies
ESORICS'05 Proceedings of the 10th European conference on Research in Computer Security
Detecting information leakage in updating XML documents of fine-grained access control
DEXA'06 Proceedings of the 17th international conference on Database and Expert Systems Applications
A provenance model for manually curated data
IPAW'06 Proceedings of the 2006 international conference on Provenance and Annotation of Data
Security issues in a SOA-Based provenance system
IPAW'06 Proceedings of the 2006 international conference on Provenance and Annotation of Data
Language-based information-flow security
IEEE Journal on Selected Areas in Communications
Hi-index | 0.00 |
Current business situations require improved confidentiality and integrity for office documents. However, existing content management systems for office documents lack required security properties such as the *-property, or have problems such as label creep. In this paper we propose a meta-data format called sticky provenance and a fine-grained information flow control architecture using the sticky provenance. The sticky provenance contains the change history and the labels of an office document in a secure form, and it ensures the verifiability of the change history of the documents in distributed environments. The Provenance Manager, which is a key module of the architecture, reduces the label creep problem of the information flow control models with the sticky provenance. In other words, the sticky provenance and the Provenance Manager can introduce a practical fine-grained information flow control capability to office applications so that we can ensure both the confidentiality and the verifiability of office documents.