Persistent information security: beyond the e-commerce threat model

Authors:
Merv Matson;Mihaela Ulieru
Affiliations:
RightsX Inc., Calgary, AB Canada;Univ. of New Brunswick, Fredericton, NB Canada
Venue:
ICEC '06 Proceedings of the 8th international conference on Electronic commerce: The new e-commerce: innovations for conquering current barriers, obstacles and limitations to conducting successful business on the internet
Year:
2006

Citing 0
Cited 2

Flexible and secure enterprise rights management based on trusted virtual domains

Proceedings of the 3rd ACM workshop on Scalable trusted computing
The 'how' and 'why' of persistent information security

Proceedings of the 2006 International Conference on Privacy, Security and Trust: Bridge the Gap Between PST Technologies and Business Services

Quantified Score

Hi-index	0.00

Visualization

Abstract

This paper introduces a new class of information security solution. The core technology, to authorize and track the use of digital files, was originally developed in eCommerce applications, there known as Digital Rights Management (DRM). In applications to non-commercial confidential records, such as health and safety documents, we call the solution "Persistent Information Security". We distinguish it from DRM because the threat models of the fields of application differ significantly. An implementation, RightsEnforcer, is described to clarify some concepts of operation. A simple model for a cost-benefit study of deploying a security technology is suggested and illustrated.