Title :
Global Virtual Vault: Preventing unauthorized physical disclosure by the insider
Author :
Fisk, Mike ; Miller, Scott ; Kent, Alex
Author_Institution :
Los Alamos Nat. Lab., Los Alamos, NM
Abstract :
Information providers on networks such as the global information grid need to share sensitive information while still protecting that information from misuse. We show how common information-sharing mechanisms encourage and allow high-bandwidth, hard-to-detect information exfiltration by malicious insiders, and by adversaries in the field. By leveraging netcentricity, modern stateless clients, and advances in distance visualization techniques, we can provide analysts and warfighters with highly-usable access to information that remains secured in high-availability, high-security data centers. We quantitatively analyze the intentional and inadvertent data exfiltration paths of several off-the-shelf secure computing solutions and demonstrate how to re-engineer these systems to greatly reduce residual risk by limiting access to human-interaction protocols. This approach eliminates large classes of insider attacks that are largely unaddressed in most systems and concentrates traditional insider access to manageable, well-defended physical security perimeters.
Keywords :
information services; security of data; distance visualization techniques; global information grid; global virtual vault; high-security data centers; human-interaction protocols; information exfiltration; information-sharing mechanisms; modern stateless clients; unauthorized physical disclosure; Computer networks; Control systems; Hardware; Information security; Laboratories; Monitoring; Physics computing; Portable computers; Protection; US Government;
Conference_Titel :
Military Communications Conference, 2008. MILCOM 2008. IEEE
Conference_Location :
San Diego, CA
Print_ISBN :
978-1-4244-2676-8
Electronic_ISBN :
978-1-4244-2677-5
DOI :
10.1109/MILCOM.2008.4753210
