Computing Science

Computing Science

UNIVERSITY OF NEWCASTLE University of Newcastle upon Tyne COMPUTING SCIENCE A Trust-economic Perspective on Information Security Technologies S. E. Parkin and A. van Moorsel TECHNICAL REPORT SERIES No. CS-TR-1056 October, 2007 TECHNICAL REPORT SERIES No. CS-TR-1056 October, 2007 A Trust-economic Perspective on Information Security Technologies Simon Edward Parkin and Aad van Moorsel Abstract This report surveys existing enterprise technologies and products available to control access to confidential digital data. We survey USB access control solutions, digital rights management software, disk encryption techniques and operating system solutions. We compare the various technologies with respect to granularity and extent of administrative control, platform coverage, user education features, and accommodation of data use outside the boundaries of the company network. The researched technologies allow restrictions to be placed on copying, editing, viewing and printing from within various software applications, provide auditing options and prevent outsider access through encryption. Several of the mentioned technologies offer training and education options, informing users as to the reasoning of access control events as they occur and educating them about the permissions that apply to them. A serious drawback of many of the technologies is the central administration it requires. We are interested in cost trade-off, to be able to make trust-economic decisions. The cost of software deployment is linked to the features that each product provides, where finer granularity of device and file content control, encryption and user education implies that per-user purchase cost increases. © 2007 University of Newcastle upon Tyne. Printed and published by the University of Newcastle upon Tyne, Computing Science, Claremont Tower, Claremont Road, Newcastle upon Tyne, NE1 7RU, England. Bibliographical details PARKIN, S. E, VAN MOORSEL, A.. A Trust-economic Perspective on Information Security Technologies [By] S. E. Parkin, A. van Moorsel. Newcastle upon Tyne: University of Newcastle upon Tyne: Computing Science, 2007. (University of Newcastle upon Tyne, Computing Science, Technical Report Series, No. CS-TR-1056) Added entries UNIVERSITY OF NEWCASTLE UPON TYNE Computing Science. Technical Report Series. CS-TR-1056 Abstract This report surveys existing enterprise technologies and products available to control access to confidential digital data. We survey USB access control solutions, digital rights management software, disk encryption techniques and operating system solutions. We compare the various technologies with respect to granularity and extent of administrative control, platform coverage, user education features, and accommodation of data use outside the boundaries of the company network. The researched technologies allow restrictions to be placed on copying, editing, viewing and printing from within various software applications, provide auditing options and prevent outsider access through encryption. Several of the mentioned technologies offer training and education options, informing users as to the reasoning of access control events as they occur and educating them about the permissions that apply to them. A serious drawback of many of the technologies is the central administration it requires. We are interested in cost trade-off, to be able to make trust-economic decisions. The cost of software deployment is linked to the features that each product provides, where finer granularity of device and file content control, encryption and user education implies that per-user purchase cost increases. About the author Aad van Moorsel joined the University of Newcastle in 2004. He worked in industry from 1996 until 2003, first as a researcher at Bell Labs/Lucent Technologies in Murray Hill and then as a research manager at Hewlett-Packard Labs in Palo Alto, both in the United States. Aad got his PhD in computer science from Universiteit Twente in The Netherlands (1993) and has a Masters in mathematics from Universiteit Leiden, also in The Netherlands. After finishing his PhD he was a postdoc at the University of Illinois at Urbana-Champaign, Illinois, USA, for two years. Aad has worked in a variety of areas, from performance modelling to systems management, web services and grid computing. Most recently, he was responsible for HP's research in web and grid services, and worked on the software strategy of the company. Aad is Deputy Director of the North-East Regional e-Science Center. His research agenda is in the area of self-managing systems. Simon Parkin completed a BSc Computing Science degree in 2002 and an Advanced Masters degree in System Design for Internet Applications (SDIA) in 2003, both at Newcastle University. Between 2003 and 2007 Simon studied a PhD under the supervision of Dr. Graham Morgan. Research subjects covered during this period included E-Commerce, Service Level Agreements (SLAs) and Distributed Virtual Environments (DVEs). Simon also contributed to the EU-funded "Trusted and QoS-Aware Provision of Application Services" (TAPAS) project during this time. Simon is currently working with Dr. Aad van Moorsel. Suggested keywords USB ACCESS CONTROL, DIGITAL RIGHTS MANAGEMENT, DISK ENCRYPTION, TRUST ECONOMICS A Trust-economic Perspective on Information Security Technologies Simon Edward Parkin, Aad van Moorsel School of Computing Newcastle University {s.e.parkin, aad.vanmoorsel}@newcastle.ac.uk Abstract This report surveys existing enterprise technologies and products available to control access to confidential digital data. We survey USB access control solutions, digital rights management software, disk encryption techniques and operating system solutions. We compare the various technologies with respect to granularity and extent of administrative control, platform coverage, user education features, and accommodation of data use outside the boundaries of the company network. The researched technologies allow restrictions to be placed on copying, editing, viewing and printing from within various software applications, provide auditing options and prevent outsider access through encryption. Several of the mentioned technologies offer training and education options, informing users as to the reasoning of access control events as they occur and educating them about the permissions that apply to them. A serious drawback of many of the technologies is the central administration it requires. We are interested in cost trade-off, to be able to make trust-economic decisions. The cost of software deployment is linked to the features that each product provides, where finer granularity of device and file content control, encryption and user education implies that per-user purchase cost increases. Contents 1. Introduction ............................................................................................................................................1 1.1 Introduction.................................................................................................................................1 1.2 Illustrative Scenario ....................................................................................................................2 1.3 Requirements ..............................................................................................................................2 2. USB Access Control Solutions...............................................................................................................4 2.1 Platform Support.........................................................................................................................4 2.2 Product Motivations....................................................................................................................5 2.3 Sample Product Pricing Structures .............................................................................................5 2.4 Administrative Models................................................................................................................6 2.5 Device Coverage & Device Access Management Policies.........................................................7 2.6 File Access Management Policies...............................................................................................8 2.7 User Monitoring..........................................................................................................................8 2.8 Data Encryption ..........................................................................................................................9 2.9 Atypical Access ........................................................................................................................10 2.10 User Education..........................................................................................................................10 3. Digital Rights Management (DRM) Solutions.....................................................................................11 3.1 Platform Support.......................................................................................................................11 3.2 Sample Product Pricing Structures ...........................................................................................12 3.3 Product Motivations..................................................................................................................12 3.4 Administrative Models..............................................................................................................13

View Full Text

Details

  • File Type
    pdf
  • Upload Time
    -
  • Content Languages
    English
  • Upload User
    Anonymous/Not logged-in
  • File Pages
    34 Page
  • File Size
    -

Download

Channel Download Status
Express Download Enable

Copyright

We respect the copyrights and intellectual property rights of all users. All uploaded documents are either original works of the uploader or authorized works of the rightful owners.

  • Not to be reproduced or distributed without explicit permission.
  • Not used for commercial purposes outside of approved use cases.
  • Not used to infringe on the rights of the original creators.
  • If you believe any content infringes your copyright, please contact us immediately.

Support

For help with questions, suggestions, or problems, please contact us