A framework to secure a document outside Its organization
A framework to secure a document outside Its organization
Electronic information in any enterprise is an asset, and may be stored in a database or as electronic documents (word, PDF, and spreadsheet). This research focuses on the information leakage caused by documents going astray. Current document security statistics suggest that 63% of information was leaked as documents in 2012. Half of this was due to employee unawareness, and it has cost billions in terms of Intellectual Property IP, effort and money. The problem is that individual documents are almost defenceless outside the enterprise. Encryption and password protection are not impenetrable; it is only a question of time before the information is extracted using intense computing processing power. This research contributes a new conceptual framework to secure a document, regardless of its place inside or outside the organisation. The framework combines the concepts of Active document, Digital Rights Management, Certificate Authorities, and content providers. The Tamper Proof Framework (TPF) will enable any document to be involved in decisions regarding the basic operations performed on it. Security experts and security-related IT staff confirmed these components. The research produced a general conceptual framework that can be used in different domains. Formal methods were used to produce an event-based conceptual formal model. This model is an intermediate step for many future research directions.
University of Southampton
Aaber, Zeyad
db8d16e9-db2e-4ac2-a4c0-d409c3e08cfe
December 2016
Aaber, Zeyad
db8d16e9-db2e-4ac2-a4c0-d409c3e08cfe
Wills, Gary
3a594558-6921-4e82-8098-38cd8d4e8aa0
Aaber, Zeyad
(2016)
A framework to secure a document outside Its organization.
University of Southampton, Doctoral Thesis, 145pp.
Record type:
Thesis
(Doctoral)
Abstract
Electronic information in any enterprise is an asset, and may be stored in a database or as electronic documents (word, PDF, and spreadsheet). This research focuses on the information leakage caused by documents going astray. Current document security statistics suggest that 63% of information was leaked as documents in 2012. Half of this was due to employee unawareness, and it has cost billions in terms of Intellectual Property IP, effort and money. The problem is that individual documents are almost defenceless outside the enterprise. Encryption and password protection are not impenetrable; it is only a question of time before the information is extracted using intense computing processing power. This research contributes a new conceptual framework to secure a document, regardless of its place inside or outside the organisation. The framework combines the concepts of Active document, Digital Rights Management, Certificate Authorities, and content providers. The Tamper Proof Framework (TPF) will enable any document to be involved in decisions regarding the basic operations performed on it. Security experts and security-related IT staff confirmed these components. The research produced a general conceptual framework that can be used in different domains. Formal methods were used to produce an event-based conceptual formal model. This model is an intermediate step for many future research directions.
Text
CORRECT FINAL THESIS
- Version of Record
More information
Published date: December 2016
Identifiers
Local EPrints ID: 429283
URI: http://eprints.soton.ac.uk/id/eprint/429283
PURE UUID: 7d3a8f07-da9c-4a3a-ab7d-24179bbce8be
Catalogue record
Date deposited: 25 Mar 2019 17:30
Last modified: 16 Mar 2024 02:52
Export record
Contributors
Author:
Zeyad Aaber
Thesis advisor:
Gary Wills
Download statistics
Downloads from ePrints over the past year. Other digital versions may also be available to download e.g. from the publisher's website.
View more statistics