|
| | | |
Proposal for Effective Information Flow Control Model for Sharing and Protecting Sensitive Information
Arai, M. and Hidehiko, T.
Information leakage has become a serious problem for
computer systems that handle a company's sensitive
information, such as intellectual properties and
manufacturing know-how. The majority of the causes can
be attributed to loss or theft of information or worms and
viruses. As a countermeasure, forbidding the sharing of
information through removable media or the Internet is
effective, but it also places restriction on the handling of
general information that can be made public. Also, the
sandbox model can be used to segregate sensitive
information from environments that can easily be infected
by worms or viruses; however, even sensitive information
is sent as email attachments to various locations within the
organization, and this model cannot be applied to business
cases where information must be stored and carried out on
removable media. In this article, we propose an
information flow control model that is suitable for both
sharing and protecting sensitive information on computer
systems in which general information that can be made
public and sensitive information that cannot be exposed
outside the company are mixed. In the proposed model,
sensitive information are protected from environments that
can be easily infected by worms or viruses by segregating
the environment for programs that use the Internet and the
environment in which programs handling sensitive
information are executed, using existing techniques such
as the sandbox model. At the same time, by combining
automatic file encryption and encrypted file access control,
sensitive information can be safely transmitted as
encrypted text through removable media or the Internet as
the need arises. |
Cite as: Arai, M. and Hidehiko, T. (2009). Proposal for Effective Information Flow Control Model for Sharing and Protecting Sensitive Information. In Proc. Seventh Australasian Information Security Conference (AISC 2009), Wellington, New Zealand. CRPIT, 98. Brankovic, L. and Susilo, W., Eds. ACS. 89-98. |
(from crpit.com)
(local if available)
|
|