Journal on Data Semantics II pp 176-198
Information Release Control: A Learning-Based Architecture
Modern information system applications involve collaboration in the form of information flow through organization boundaries. Indeed, organizations have vast amounts of information that is shared with other organizations and even the general public for various purposes. In addition to the standard network-level protections, systems usually use some access control mechanisms to protect data. However, access control systems are not designed to deal with deliberate and accidental release of information, to which the user has the authority to access but is not supposed to be released. Moreover, effective access control assumes a perfect categorization of information, which is increasingly difficult in a complex information system. Information release control is viewed as complementary to access control, and aims at restricting the outgoing information flow at the boundary of information systems. This paper presents a general architectural view of a release control system, and discusses the integration in the proposed architecture of a module for learning release control constraints. Continuous learning is applied to adjust the release control constraints in order to reduce both mistakenly released and mistakenly restricted documents. The paper describes in detail the process of learning keyword-based release control constraints.
Unable to display preview. Download preview PDF.