POSTER: Data Leakage Detection for Health Information System based on Memory Introspection
| Autor: | Min-Chieh Wu, Guan-Zhang Huang, Wei-Chun Lin, Yu-Sung Wu, Chun-An Bau, Chen-Yu Yang, Sanoop Mallissery |
|---|---|
| Rok vydání: | 2020 |
| Předmět: |
Information privacy
business.industry Computer science Hypervisor 02 engineering and technology Data breach Application software computer.software_genre Virtualization Encryption Embedded system Component-based software engineering 0202 electrical engineering electronic engineering information engineering 020201 artificial intelligence & image processing business computer Personally identifiable information |
| Zdroj: | AsiaCCS |
| DOI: | 10.1145/3320269.3405437 |
| Popis: | The abundance of highly sensitive personal information in the Health Information System (HIS) has made it a prime target of data breach attacks. However, securing the system with existing Data Leakage Prevention (DLP) solutions is difficult due to a lack of security perimeter and diverse composition of software components. We propose the use of hypervisor-based memory introspection for implementing data leakage detection in such an environment. The approach looks for the presence of sensitive raw data in the memory of both the client machines and the server machines, transcending the dependence of pre-existing security perimeters. It is inherently compatible with different types of application software and robust against transport or at-rest data encryption. A prototype has been built on the Bareflank hypervisor and the OpenEMR platform. The evaluation results confirmed the effectiveness of the approach. |
| Databáze: | OpenAIRE |
| Externí odkaz: |
|