The Application of Chinese Wall Policy in Data Leakage Prevention
The primary objective of Data Leakage Prevention (DLP) is to control the data usage by authorized users. Traditional control mechanisms are mostly implemented based on security domains and deploy strict polices on actions spanning different domains which will decrease the usability and flexibility of the system. The Chinese Wall Policy combines discretionary and mandatory aspects of access control so that it is a good choice for DLP. This paper extends the traditional conflict and alliance relationship and presents an efficient framework ACWF. The ACWF maintains dynamic relationship between different data objects and provides reference mechanism to confine the corresponding usage domain. We present an applicable scenario analysis and implement a secure removable storage device based on ACWF. The results show the efficiency of ACWF in DLP application.
Chinese Wall policy Data Leakage Prevention (DLP) conflict relation ally virtualization featherweight virtual machine(FVM)
Ma Jun Wang Zhiying Ren Jiangchun Wu Jiangjiang Cheng Yong Mei Songzhu
School of Computer, National University of Defense Technology, Changsha, China
国际会议
哈尔滨
英文
334-337
2011-01-18(万方平台首次上网日期,不代表论文的发表时间)