Dynamic document reclassification for preventing insider abuse

Author

Garg, A. ; Pramanik, S. ; Sankaranarayanan, V. ; Upadhyaya, S.

Author_Institution

Dept. of Comput. Sci. & Eng., Univ. at Buffalo, NY, USA

fYear

2004

fDate

10-11 June 2004

Firstpage

218

Lastpage

225

Abstract

Digital documents in an organization are usually classified into static secrecy levels such as top-secret, secret, confidential and unclassified. Factors such as changes in the user hierarchy and addition of new projects generally require a change in a document´s importance. Enforcing such changes in relative importance (RI) of documents protect the privileged documents from insider abuse. In this paper we propose a new framework for monitoring and dynamically changing the RI of documents over time. The proposed scheme utilizes a reasoning technique which takes into consideration the organization-specific data and the document usage data to make an informed decision on the RI of documents. Various inputs to the reasoning framework are standardized using XML schemas to provide interoperability. We have performed simulations with synthetic document usage data and report the results as proof of concept.

Keywords

XML; authorisation; classification; decision making; organisational aspects; XML schemas; digital document reclassification; digital rights management; document relative importance; dynamic document categorization; insider threat; intrusion prevention; policy management; static secrecy levels; Access control; Computational modeling; Computer network management; Feedback; Monitoring; Operating systems; Postal services; Proposals; Protection; XML;

fLanguage

English

Publisher

ieee

Conference_Titel

Information Assurance Workshop, 2004. Proceedings from the Fifth Annual IEEE SMC

Print_ISBN

0-7803-8572-1

Type

conf

DOI

10.1109/IAW.2004.1437820

Filename

1437820