• English
    • Norsk
  • English 
    • English
    • Norsk
  • Administration
View Item 
  •   Home
  • Øvrige samlinger
  • Høstingsarkiver
  • CRIStin høstingsarkiv
  • View Item
  •   Home
  • Øvrige samlinger
  • Høstingsarkiver
  • CRIStin høstingsarkiv
  • View Item
JavaScript is disabled for your browser. Some features of this site may not work without it.

Data Leakage Prevention for Secure Cross-Domain Information Exchange

Kongsgård, Kyrre Wahl; Nordbotten, Nils Agne; Mancini, Federico; Haakseth, Raymond; Engelstad, Paal E.
Journal article; PublishedVersion; Peer reviewed
View/Open
output (1).pdf (809.4Kb)
Year
2017
Permanent link
http://urn.nb.no/URN:NBN:no-62026

CRIStin
1515390

Metadata
Show metadata
Appears in the following Collection
  • Institutt for informatikk [3588]
  • CRIStin høstingsarkiv [15190]
Original version
IEEE Communications Magazine. 2017, 55 (10), 37-43, DOI: 10.1109/MCOM.2017.1700235
Abstract
Cross-domain information exchange is an increasingly important capability for conducting efficient and secure operations, both within coalitions and within single nations. A data guard is a common cross-domain sharing solution that inspects the security labels of exported data objects and validates that they are such that they can be released according to policy. While we see that guard solutions can be implemented with high assurance, we find that obtaining an equivalent level of assurance in the correctness of the security labels easily becomes a hard problem in practical scenarios. Thus, a weakness of the guard-based solution is that there is often limited assurance in the correctness of the security labels. To mitigate this, guards make use of content checkers such as dirty word lists as a means of detecting mislabeled data. To improve the overall security of such cross-domain solutions, we investigate more advanced content checkers based on the use of machine learning. Instead of relying on manually specified dirty word lists, we can build data-driven methods that automatically infer the words associated with classified content. However, care must be taken when constructing and deploying these methods as naive implementations are vulnerable to manipulation attacks. In order to provide a better context for performing classification, we monitor the incoming information flow and use the audit trail to construct controlled environments. The usefulness of this deployment scheme is demonstrated using a real collection of classified and unclassified documents.

© 2017 IEEE. Personal use of this material is permitted. Permission from IEEE must be obtained for all other uses, in any current or future media, including reprinting/republishing this material for advertising or promotional purposes, creating new collective works, for resale or redistribution to servers or lists, or reuse of any copyrighted component of this work in other works.
 
Responsible for this website 
University of Oslo Library


Contact Us 
duo-hjelp@ub.uio.no


Privacy policy
 

 

For students / employeesSubmit master thesisAccess to restricted material

Browse

All of DUOCommunities & CollectionsBy Issue DateAuthorsTitlesThis CollectionBy Issue DateAuthorsTitles

For library staff

Login
RSS Feeds
 
Responsible for this website 
University of Oslo Library


Contact Us 
duo-hjelp@ub.uio.no


Privacy policy