Abstract
Recently, incidents in which data such as private information has leaked have occurred frequently. In many cases, the main causes of data leakage are as follows: taking data out illegally or unfairly, erroneous operation by a user with authority to access the data. We developed the operating system Salvia for the purpose of preventing data leakage resulting from these causes. Salvia provides the capability to attach data protection policies to each file. In addition, Salvia monitors resource access that may incur the possibility of data leakage. When a process requests to access to such resources, Salvia allows the operation only if it does not violate the policies of all files which are read by the process. That is, Salvia controls resource access by process. In this paper, we propose DF-Salvia, based on Salvia. An access control unit of DF-Salvia is data flow, which is finer-grained than the process-based access control of Salvia. This means that DF-Salvia applies a policy not to each process but to each data flow in a process in order to limit the extent of the effect of the policy to corresponding data flow. The results show a solution to the problem of over-restriction of irrelevant data.
Original language | English |
---|---|
Title of host publication | International MultiConference of Engineers and Computer Scientists, IMECS 2012 |
Publisher | Newswood Limited |
Pages | 182-189 |
Number of pages | 8 |
Volume | 2195 |
ISBN (Print) | 9789881925114 |
Publication status | Published - 2012 |
Externally published | Yes |
Event | 2012 International MultiConference of Engineers and Computer Scientists, IMECS 2012 - Kowloon, Hong Kong Duration: Mar 14 2012 → Mar 16 2012 |
Other
Other | 2012 International MultiConference of Engineers and Computer Scientists, IMECS 2012 |
---|---|
Country/Territory | Hong Kong |
City | Kowloon |
Period | 3/14/12 → 3/16/12 |
All Science Journal Classification (ASJC) codes
- Computer Science (miscellaneous)