Abstract
Dishonest employees, who have privileges to obtain corporate critical information and access internal resources, cause the problem of internal leakage. Employees, who have such privileges and know from where to obtain corporate sensitive information, are far more dangerous than outsiders. This paper proposes a mechanism for protecting information inside organisations against unauthorised disclosure by internal adversaries. It mainly focusses on sharing and simultaneously guarding information assets from one another. This paper proposes a novel solution for binding sensitive content to organisation devices, thereby preventing uncontrolled content leakage to other devices. In the proposed solution we used trusted computing technology to provide a hardware-based root of trust on client side.
Chapter PDF
Similar content being viewed by others
Keywords
- Execution Environment
- Trusted Platform Module
- Dynamic Domain
- Trust Computing Group
- Authentication Credential
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
References
Abbadi, I.: Authorised domain management using location based services. In: Cheak, A.D., Chong, P.J., Seah, W., Ping, S. (eds.) Mobility 2007: proceedings of the 4th International Conference on Mobile Technology, Applications & Systems, September 2007, pp. 288–295. ACM Press, New York (2007)
Abbadi, I.: Digital rights management using a master control device. In: Cervesato, I. (ed.) ASIAN 2007. LNCS, vol. 4846, pp. 126–141. Springer, Heidelberg (2007)
Abbadi, I., Mitchell, C.: Digital rights management using a mobile phone. In: ICEC 2007: Proceedings of the ninth international conference on Electronic commerce, pp. 185–194. ACM Press, NY (2007)
Ferraiolo, D., Chandramouli, R., Kuhn, R.: Role-Based Access Control. Artech House, Norwood (2003)
International Organization for Standardization. ISO/IEC 9798-3, Information technology — Security techniques — Entity authentication — Part 3: Mechanisms using digital signature techniques, 2nd edn. (1998)
Miles, R.E., Snow, C.C. (eds.): Organizational Strategy, Structure and Process. Stanford University Press (2003)
Oh, S., Sandhu, R., Zhang, X.: An effective role administration model using organization structure. ACM Trans. Inf. Syst. Secur. 9(2), 113–137 (2006)
Park, J., Sandhu, R.: Towards usage control models: beyond traditional access control. In: SACMAT 2002: Proceedings of the Seventh ACM Symposium on Access Control Models and Technologies, pp. 57–64. ACM, New York (2002)
Park, J.S., Ho, S.M.: Composite role-based monitoring (CRBM) for countering insider threats. In: Chen, H., Moore, R., Zeng, D.D., Leavitt, J. (eds.) ISI 2004. LNCS, vol. 3073, pp. 201–213. Springer, Heidelberg (2004)
Power, R.: CSI/FBI computer crime and security survey. Computer security issues & trends (2002)
Rowell, L.F.: The ballad of DVD JON. NetWorker 10(4), 28–34 (2006)
Sadeghi, A.: Trusted computing — special aspects and challenges. In: Geffert, V., et al. (eds.) SOFSEM. LNCS, vol. 4910, pp. 98–117. Springer, Berlin (2008)
Sandhu, R., Ranganathan, K., Zhang, X.: Secure information sharing enabled by trusted computing and pei models. In: ASIACCS 2006: Proceedings of the 2006 ACM Symposium on Information, Computer and Communications Security, pp. 2–12. ACM Press, New York (2006)
Schoder, D., Fischbach, K.: Core concepts in peer-to-peer (p2p) networking (2005)
Inc. Sun Microsystems. NFS: Network File System Protocol specification. RFC 1094, Internet Engineering Task Force (March 1989)
Trusted Computing Group. Infrastructure Working Group Architecture, Part II, Integrity Management. Specification version 1.0 Revision 1.0 (2006)
Trusted Computing Group. TPM Main, Part 1, Design Principles. Specification version 1.2 Revision 94 (2006)
Trusted Computing Group. TPM Main, Part 2, TPM Structures. Specification version 1.2 Revision 94 (2006)
Trusted Computing Group. TPM Main, Part 3, Design Principles. Specification version 1.2 Revision 94 (2006)
Weiss, A.: Will the open, unrestricted PC soon become a thing of the past? Journal of Trusted Computing 10(3), 18–25 (2006)
Yu, Y., Chiueh, T.: Display-only file server: A solution against information theft due to insider attack. In: Feigenbaum, J., Sander, T., Yung, M. (eds.) Proceedings of the 4th ACM workshop on Digital Rights Management, pp. 31–39. ACM Press, New York (2004)
Author information
Authors and Affiliations
Editor information
Rights and permissions
Copyright information
© 2008 IFIP International Federation for Information Processing
About this paper
Cite this paper
Alawneh, M., Abbadi, I.M. (2008). Sharing but Protecting Content Against Internal Leakage for Organisations. In: Atluri, V. (eds) Data and Applications Security XXII. DBSec 2008. Lecture Notes in Computer Science, vol 5094. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-70567-3_19
Download citation
DOI: https://doi.org/10.1007/978-3-540-70567-3_19
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-70566-6
Online ISBN: 978-3-540-70567-3
eBook Packages: Computer ScienceComputer Science (R0)