Preventing unauthorized data flows
| dc.citation.epage | 62 | en_US |
| dc.citation.spage | 41 | en_US |
| dc.citation.volumeNumber | 10359 | en_US |
| dc.contributor.author | Uzun, Emre | en_US |
| dc.contributor.author | Parlato, G. | en_US |
| dc.contributor.author | Atluri, V. | en_US |
| dc.contributor.author | Ferrara, A. L. | en_US |
| dc.contributor.author | Vaidya, J. | en_US |
| dc.contributor.author | Sural, S. | en_US |
| dc.contributor.author | Lorenzi, D. | en_US |
| dc.coverage.spatial | Philadelphia, PA, USA | en_US |
| dc.date.accessioned | 2018-04-12T11:46:48Z | |
| dc.date.available | 2018-04-12T11:46:48Z | |
| dc.date.issued | 2017 | en_US |
| dc.department | Department of Computer Technology and Information Systems | en_US |
| dc.department | Department of Computer Engineering | en_US |
| dc.description | Conference name: 31st Annual IFIP WG 11.3 Conference, DBSec 2017 | en_US |
| dc.description | Date of Conference: July 19-21, 2017 | en_US |
| dc.description.abstract | Trojan Horse attacks can lead to unauthorized data flows and can cause either a confidentiality violation or an integrity violation. Existing solutions to address this problem employ analysis techniques that keep track of all subject accesses to objects, and hence can be expensive. In this paper we show that for an unauthorized flow to exist in an access control matrix, a flow of length one must exist. Thus, to eliminate unauthorized flows, it is sufficient to remove all one-step flows, thereby avoiding the need for expensive transitive closure computations. This new insight allows us to develop an efficient methodology to identify and prevent all unauthorized flows leading to confidentiality and integrity violations. We develop separate solutions for two different environments that occur in real life, and experimentally validate the efficiency and restrictiveness of the proposed approaches using real data sets. © IFIP International Federation for Information Processing 2017. | en_US |
| dc.identifier.doi | 10.1007/978-3-319-61176-1_3 | en_US |
| dc.identifier.doi | 10.1007/978-3-319-61176-1 | en_US |
| dc.identifier.isbn | 9783319611754 | en_US |
| dc.identifier.issn | 0302-9743 | en_US |
| dc.identifier.uri | http://hdl.handle.net/11693/37651 | en_US |
| dc.language.iso | English | en_US |
| dc.publisher | Springer, Cham | en_US |
| dc.relation.isversionof | http://dx.doi.org/10.1007/978-3-319-61176-1_3 | en_US |
| dc.relation.isversionof | https://doi.org/10.1007/978-3-319-61176-1 | en_US |
| dc.source.title | Data and Applications Security and Privacy XXXI | en_US |
| dc.subject | Access control | en_US |
| dc.subject | Data transfer | en_US |
| dc.subject | Malware | en_US |
| dc.subject | Analysis techniques | en_US |
| dc.subject | Data flow | en_US |
| dc.subject | Keep track of | en_US |
| dc.subject | Real data sets | en_US |
| dc.subject | Step flow | en_US |
| dc.subject | Transitive closure computations | en_US |
| dc.subject | Trojan Horse attacks | en_US |
| dc.subject | Data privacy | en_US |
| dc.title | Preventing unauthorized data flows | en_US |
| dc.type | Conference Paper | en_US |
Files
Original bundle
1 - 1 of 1
Loading...
- Name:
- Preventing unauthorized data flows.pdf
- Size:
- 411.74 KB
- Format:
- Adobe Portable Document Format
- Description:
- Full Printable Version