The University of Southampton
University of Southampton Institutional Repository

Preventing unauthorized data flows

Uzun, Emre, Parlato, Gennaro, Atluri, Vijayalakshmi, Ferrara, Anna Lisa, Vaidya, Jaideep, Sural, Shamik and Lorenzi, David, (2017) Preventing unauthorized data flows Livraga, G. and Zhu, S. (eds.) In Data and Applications Security and Privacy XXXI. DBSec 2017. vol. 10359, Springer. 0 pp, pp. 41-62. (doi:10.1007/978-3-319-61176-1_3).

Record type: Conference or Workshop Item (Paper)

Abstract

Trojan Horse attacks can lead to unauthorized data flows and can cause either a confidentiality violation or an integrity violation. Existing solutions to address this problem employ analysis techniques that keep track of all subject accesses to objects, and hence can be expensive. In this paper we show that for an unauthorized flow to exist in an access control matrix, a flow of length one must exist. Thus, to eliminate unauthorized flows, it is sufficient to remove all one-step flows, thereby avoiding the need for expensive transitive closure computations. This new insight allows us to develop an efficient methodology to identify and prevent all unauthorized flows leading to confidentiality and integrity violations. We develop separate solutions for two different environments that occur in real life, and experimentally validate the efficiency and restrictiveness of the proposed approaches using real data sets.

PDF DBSEC17 - Accepted Manuscript
Download (356kB)

More information

Accepted/In Press date: 5 May 2017
e-pub ahead of print date: 22 June 2017
Published date: July 2017
Venue - Dates: Conference on Data and Applications Security and Privacy: 31st Annual IFIP WG 11.3, Philadelphia, United States, 2017-07-19 - 2017-07-21
Organisations: Electronics & Computer Science, Electronic & Software Systems

Identifiers

Local EPrints ID: 410623
URI: http://eprints.soton.ac.uk/id/eprint/410623
PURE UUID: 4b38b6a0-59c6-4274-b517-c66635095fc2

Catalogue record

Date deposited: 09 Jun 2017 09:15
Last modified: 08 Aug 2017 16:31

Export record

Altmetrics

Contributors

Author: Emre Uzun
Author: Gennaro Parlato
Author: Vijayalakshmi Atluri
Author: Anna Lisa Ferrara
Author: Jaideep Vaidya
Author: Shamik Sural
Author: David Lorenzi
Editor: G. Livraga
Editor: S. Zhu

University divisions

Download statistics

Downloads from ePrints over the past year. Other digital versions may also be available to download e.g. from the publisher's website.

View more statistics

Atom RSS 1.0 RSS 2.0

Contact ePrints Soton: eprints@soton.ac.uk

ePrints Soton supports OAI 2.0 with a base URL of http://eprints.soton.ac.uk/cgi/oai2

This repository has been built using EPrints software, developed at the University of Southampton, but available to everyone to use.

We use cookies to ensure that we give you the best experience on our website. If you continue without changing your settings, we will assume that you are happy to receive cookies on the University of Southampton website.

×