A Labelling System for Derived Data Control

Abstract : Existing ERM/DRM systems and more generally usage control systems aim to control who accesses data and the usage data is subject to even after the data has been disseminated to recipients. However, once the data has been used, no control or protection is applied to the information created as result of the usage. We propose a solution to derive protection requirements for derived data that makes use of Multi-Level Security (MLS) labels to associate data with its protection level and usage functions (transformations) with the protection requirements of the data they can derive. Users are also associated with clearance labels according to their roles. Clearance and data labels are used to determine whether a user can access data as in traditional Mandatory Access Control systems, while labels associated with transformations are used to derive labels for derived data. The solution assumes that the amount of sensitive information flowing from the input to the output of a transformation can be deduced from the input data and the transformation itself, so that adequate protection can be associated with the derived output.
Type de document :
Communication dans un congrès
Sara Foresti; Sushil Jajodia. 24th Annual IFIP WG 11.3 Working Conference on Data and Applications Security and Privacy (DBSEC), Jun 2010, Rome, Italy. Springer, Lecture Notes in Computer Science, LNCS-6166, pp.65-80, 2010, Data and Applications Security and Privacy XXIV. 〈10.1007/978-3-642-13739-6_5〉
Liste complète des métadonnées

Littérature citée [20 références]  Voir  Masquer  Télécharger

https://hal.inria.fr/hal-01056668
Contributeur : Hal Ifip <>
Soumis le : mercredi 20 août 2014 - 13:38:57
Dernière modification le : vendredi 11 août 2017 - 17:32:55
Document(s) archivé(s) le : jeudi 27 novembre 2014 - 11:43:43

Fichier

_09.pdf
Fichiers produits par l'(les) auteur(s)

Licence


Distributed under a Creative Commons Paternité 4.0 International License

Identifiants

Citation

Enrico Scalavino, Vaibhav Gowadia, Emil C. Lupu. A Labelling System for Derived Data Control. Sara Foresti; Sushil Jajodia. 24th Annual IFIP WG 11.3 Working Conference on Data and Applications Security and Privacy (DBSEC), Jun 2010, Rome, Italy. Springer, Lecture Notes in Computer Science, LNCS-6166, pp.65-80, 2010, Data and Applications Security and Privacy XXIV. 〈10.1007/978-3-642-13739-6_5〉. 〈hal-01056668〉

Partager

Métriques

Consultations de la notice

75

Téléchargements de fichiers

94