A lattice model of secure information flow
Communications of the ACM
Protecting privacy using the decentralized label model
ACM Transactions on Software Engineering and Methodology (TOSEM)
An authorization model for temporal and derived data: securing information portals
ACM Transactions on Information and System Security (TISSEC)
A fine-grained access control system for XML documents
ACM Transactions on Information and System Security (TISSEC)
Securing XML Documents with Author-X
IEEE Internet Computing
Tracing Data Lineage Using Automed Schema Transformation Pathways
BNCOD 19 Proceedings of the 19th British National Conference on Databases: Advances in Databases
Security architectures for controlled digital information dissemination
ACSAC '00 Proceedings of the 16th Annual Computer Security Applications Conference
DEXA '03 Proceedings of the 14th International Workshop on Database and Expert Systems Applications
The UCONABC usage control model
ACM Transactions on Information and System Security (TISSEC)
Dimensions and Principles of Declassification
CSFW '05 Proceedings of the 18th IEEE workshop on Computer Security Foundations
Communications of the ACM - Privacy and security in highly dynamic systems
Labels and event processes in the Asbestos operating system
ACM Transactions on Computer Systems (TOCS)
PrivateFlow: decentralised information flow control in event based middleware
Proceedings of the Third ACM International Conference on Distributed Event-Based Systems
Data lineage tracing in data warehousing environments
BNCOD'07 Proceedings of the 24th British national conference on Databases
Declassification with explicit reference points
ESORICS'09 Proceedings of the 14th European conference on Research in computer security
Using schema transformation pathways for data lineage tracing
BNCOD'05 Proceedings of the 22nd British National conference on Databases: enterprise, Skills and Innovation
Enhancing the core scientific metadata model to incorporate derived data
Future Generation Computer Systems
Hi-index | 0.00 |
Existing ERM/DRM systems and more generally usage control systems aim to control who accesses data and the usage data is subject to even after the data has been disseminated to recipients. However, once the data has been used, no control or protection is applied to the information created as result of the usage. We propose a solution to derive protection requirements for derived data that makes use of Multi-Level Security (MLS) labels to associate data with its protection level and usage functions (transformations) with the protection requirements of the data they can derive. Users are also associated with clearance labels according to their roles. Clearance and data labels are used to determine whether a user can access data as in traditional Mandatory Access Control systems, while labels associated with transformations are used to derive labels for derived data. The solution assumes that the amount of sensitive information flowing from the input to the output of a transformation can be deduced from the input data and the transformation itself, so that adequate protection can be associated with the derived output.