Neon
| Autor: | Geoffrey M. Voelker, Alex C. Snoeren, Stefan Savage, Justin Ma, Michael Vrable, Nabil Schear, Amin Vahdat, John C. McCullough, Qing Zhang |
|---|---|
| Rok vydání: | 2010 |
| Předmět: |
Information management
business.industry Legal liability Computer science Data management Commodity Mobile computing Intellectual property Encryption computer.software_genre Computer security Computer Graphics and Computer-Aided Design Intellectual property management Virtual machine Information system Information flow (information theory) business Enforcement computer Software |
| Zdroj: | VEE |
| ISSN: | 1558-1160 0362-1340 |
| Popis: | Modern organizations face increasingly complex information management requirements. A combination of commercial needs, legal liability and regulatory imperatives has created a patchwork of mandated policies. Among these, personally identifying customer records must be carefully access-controlled, sensitive files must be encrypted on mobile computers to guard against physical theft, and intellectual property must be protected from both exposure and "poisoning." However, enforcing such policies can be quite difficult in practice since users routinely share data over networks and derive new files from these inputs--incidentally laundering any policy restrictions. In this paper, we describe a virtual machine monitor system called Neon that transparently labels derived data using byte-level "tints" and tracks these labels end to end across commodity applications, operating systems and networks. Our goal with Neon is to explore the viability and utility of transparent information flow tracking within conventional networked systems when used in the manner in which they were intended. We demonstrate that this mechanism allows the enforcement of a variety of data management policies, including data-dependent confinement, mandatory I/O encryption, and intellectual property management. |
| Databáze: | OpenAIRE |
| Externí odkaz: |
|