Skip to main content
Proceedings - 2012 IEEE 19th International Conference and Workshops on Engineering of Computer-Based Systems, ECBS 20122012, Article number 6195195, Pages 267-2742012 IEEE 19th International Conference and Workshops on Engineering of Computer-Based Systems, ECBS 2012; Novi Sad; Serbia; 11 April 2012 through 13 April 2012; Category numberE4664; Code 89879

A host based method for data leak protection by tracking sensitive data flow(Conference Paper)

  Save all to author list
  • RT-RK, Institute for Computer Based Systems, Novi Sad, Serbia

Abstract

This paper describes a method for data leak protection (DLP) based on tracking sensitive information as it flows inside file system on a host. The method is based on the idea that every flow from sensitive to non-sensitive object increases the security level of the target object to that of the source object. Any process which reads an object that contains sensitive data automatically itself becomes tagged as sensitive. When a process gets tagged, all subsequent write operations to any object make target objects also tagged. Any process created by a tagged process is also tagged. By spreading tags over all objects touched by a sensitive process, we have a guarantee that no one bit of sensitive information resides in a non-sensitive objects. Using any software tool to process a sensitive object results in a new sensitive object, this prevents bypassing security mechanisms. All objects tagged as sensitive are checked before being transferred out of the host according to security policy. The main goal of this method is to prevent covert channels for information leakage which use steganography, data modification, compression or encryption. It is implemented in Linux OS as a kernel module. It works with legacy applications, since all changes are on OS level. © 2012 IEEE.

Author keywords

computer securitycovert channelsdata leak protectioninformation flow control

Indexed keywords

Engineering uncontrolled termsCovert channelsdata leak protectionData modificationFile systemsHost-basedInformation flow controlInformation leakageKernel modulesLegacy applicationsLinux OSSecurity levelSecurity mechanismSecurity policySensitive datasSensitive informationsTarget objectWrite operations
Engineering controlled terms:Computer operating systemsData compressionSecurity systems
Engineering main heading:Security of data
  • ISBN: 978-076954664-3
  • Source Type: Conference Proceeding
  • Original language: English
  • DOI: 10.1109/ECBS.2012.5
  • Document Type: Conference Paper
  • Sponsors: IEEE Computer Society,IEEE TC on the Engineering of Computer Based System,IEEE TC on the Engineering of Autonomic and Autonomous System,IEEE,RT-RK Computer Based Systems

  Petković, M.; RT-RK, Institute for Computer Based Systems, Serbia;
© Copyright 2012 Elsevier B.V., All rights reserved.

Cited by 8 documents

Moudni, M.E. , Ziyati, E.
Data Leakage Prevention Approach Based On Insider Trust Calculation
(2023) Proceedings - 10th International Conference on Wireless Networks and Mobile Communications, WINCOM 2023
Kiperberg, M. , Amit, G. , Yeshooroon, A.
Efficient DLP-visor: An efficient hypervisor-based DLP
(2021) Proceedings - 21st IEEE/ACM International Symposium on Cluster, Cloud and Internet Computing, CCGrid 2021
Amit, G. , Yeshooroon, A. , Kiperberg, M.
DLP-Visor: A Hypervisor-based Data Leakage Prevention System
(2021) International Conference on Information Systems Security and Privacy
View details of all 8 citations
Inform me when this document is cited in Scopus:
Set citation alert Set citation feed
{"topic":{"name":"Data Leakage Prevention; Learning Systems; Artificial Intelligence","id":36672,"uri":"Topic/36672","prominencePercentile":71.477135,"prominencePercentileString":"71.477","overallScholarlyOutput":0},"dig":"601c106ff306d4d5322539a4de57a23c60eb58a0950cc75dedc2e58040f9e8bb"}

SciVal Topic Prominence

Topic:
Prominence percentile: