Computer Security Applications Conference, Annual (2000)
New Orleans, Louisiana
Dec. 11, 2000 to Dec. 15, 2000
Jaehong Park , Lab. for Inf. Security Technol., George Mason Univ., Fairfax, VA, USA
R. Sandhu , Lab. for Inf. Security Technol., George Mason Univ., Fairfax, VA, USA
J. Schifalacqua , Lab. for Inf. Security Technol., George Mason Univ., Fairfax, VA, USA
Besides securing transmission of digital information at lower layers, several application-level security solutions for controlled dissemination of digital information have been developed using cryptographic, watermarking or use-control technologies. These dissemination control solutions have been designed for different business purposes. Little research, if any, identifies security architectures for controlling or tracking digital information dissemination in general. The identification of such will provide a foundation for developing appropriate security solutions for organizations' secure dissemination of digital information, and provide a better understanding of current application-level security solutions. We identify eight application-level security architectures based on the following three elements: virtual machine, control set and distribution style. Some of the architectures provide control and tracking capabilities for dissemination and usage of digital information, while others provide only tracking capability. We describe the architectures and compare their capabilities, merits and demerits. In addition, we review briefly some of the required mechanisms, including watermarking and use-control technologies. Also, we relate some of commercial solutions to our security architectures in order to provide insight on the current availability of our solutions architectures.
security of data; information dissemination; copy protection; business data processing; security architectures; controlled digital information dissemination; application-level security; cryptography; watermarking; use control; business; virtual machine; control set; distribution style
R. Sandhu, J. Park and J. Schifalacqua, "Security architectures for controlled digital information dissemination," Computer Security Applications Conference, Annual(ACSAC), New Orleans, Louisiana, 2000, pp. 224.