Policy Transformations for Preventing Leakage of Sensitive Information in Email Systems.

In this paper we identify an undesirable side-effect of combining different email-control mechanisms for protection from unwanted messages, namely, leakage of recipients' private information to message ... We assume a constraint logic programming based policy language for specification and evaluation of mail acceptance criteria and present two different program transformations that can prevent guessing attacks ... mechanisms. • We develop two policy transformation schemes, namely, necessary and sufficient policies that, when used in tandem, can prevent the leakage of sensitive email information. ...

doi:10.1007/11805588_12 fatcat:s273xehdhvfjlhwcnhlowof64m

At the end some conclusions about applicability of anti-theft and sensitive data leakage prevention technologies for protection of information security of eGovernment users was done. ... The technologies for data protection in case of theft or loss of computers and data devices and in case of data leakage are very important for eGovernment services users and must have appropriate properties ... • Integration of DLP technologies with other services like e-mail, instant messaging, Skype, social networking, etc would be a challenge and a big advantage for eGovernment services users. ...

doi:10.1007/978-3-642-19228-9_10 fatcat:as3nkfyhbbhybm4e2tyhph6mni

Information leaking is a big concern for a variety of businesses. Some data leakage detection models employed 'fake objects' stored in the server database. ... Sensitive information in firms, such as internal regulations, financial data, and personal information, might be compromised by a hostile user. ... Policy-Based Enforcement DLP systems allow enterprises to set detailed security policies that control the handling and transfer of sensitive data. ...

doi:10.55248/gengpi.5.0324.0701 fatcat:elijlsevhfewzbsqpaio4awffq

The advent of android operating systems introduced tools to keep track of users' information activities and prevent information leakage which bridged the trust between application developers and consumers ... This study presents a literature review of works on content Analyzers for information leakage detection and prevention on android-based devices. ... Related Works on Content Analyzer for Information Leakage Detection and Prevention in Android Smart Devices. ...

doi:10.53982/aijnas.2022.0201.02-j fatcat:xltm3eyeczcibl37m52l5v23za

Our approach provides data leakage prevention and detection for multiple leakage scenarios. We also propose a damage assessment model for data leakages. ... The implemented prototype supports a privacy-preserving exchange of Electronic Health Records that can be hosted by untrusted cloud providers, as well as detecting leakages made by insiders. ... The prototype was implemented in collaboration with Northrop Grumman and W3C/MIT and presented internally to Northrop Grumman in April 2017. We would like to thank Prof. ...

doi:10.1007/978-981-13-2035-4_10 fatcat:lzl3hhns4vbevh776ydg754jum

Insider threats are an increasing concern for most modern organizations. Information leakage is one of the most important insider threats, particularly according to its potential financial impact. ... Information can thus be encrypted in such a way that current DLP techniques cannot detect that sensitive information is being leaked. ... Acknowledgements We would like to specially thank the anonymous reviewers for providing us suggestions that have helped us to improve the content and quality of this paper. ...

doi:10.1016/j.cose.2012.01.008 fatcat:hbx7n7lurjh6xkyi2hijxuqlpi

However, detecting the exposure of sensitive information is challenging due to data transformation in the content, because of its unpredictable leak patterns. ... So organization needs tools to detect sensitive information being stored or transmitted in the clear. ... Data Leakage Prevention Data leak prevention (DLP) is a set of information security tools which is used to stop users from sending sensitive or critical information outside network. ...

doi:10.1109/access.2015.2506185 fatcat:bbv6pjlrorhmlpp6txw2looav4

DOAJ

For the areas like this, leakage of information is the crucial problem that the organization has to face, that poses high cost if information leakage is done. ... The information leakage is outcomes in vulnerability or its modification. So information can be protected by the outsider leakages. ... Preventing accidental data disclosure in modern operating systems (2013) Develops Aquifer as a policy system as well as system for avoiding accidental data disclosure in modern operating systems ...

doi:10.11591/ijece.v8i4.pp2247-2253 fatcat:ifgoiffmqrgshc5kx2oyfn67xa

Open Access

e e ectiveness of data loss prevention (DLP) solutions remains obscure, especially with respect to the types of attacks they claim to protect against. ... A systematic analysis of HTTP data leakage vectors and a test of three content-based DLP solutions give insight into these solutions' vulnerabilities. ... Acknowledgments This work was partially supported by the Zurich Information Security Center at ETH Zurich and represents only the views of the authors. ...

doi:10.1109/msp.2015.88 fatcat:smbcxxpbdndalenazsfatxolwu

Context: One of the main targets of cyber-attacks is data exfiltration, which is the leakage of sensitive or private data to an unauthorized entity. ... These countermeasures aim to detect, prevent, or investigate exfiltration of sensitive or private data. ... In order to prevent data leakage, a number of preventive techniques classify data based on the sensitivity level. ...

doi:10.1016/j.jnca.2017.10.016 fatcat:fweg67tparct5owb3r4qrpgvxq

WebMail proposes to migrate existing SMTP-based mail systems to Web-Services. ... We show how a verifiably-correct, generic mail service that enables extensions of SMTP-based standard mail use cases that avoids known misuse cases can be specified using WSDL and orchestrated using BPEL ... For the transformation procedures below we assume that a policy can be represented as a logical formula in disjunctive normal form (DNF), i.e., it can be represented as d 1 ∨d 2 ∨…∨d n where each d i is ...

doi:10.1145/1180367.1180383 dblp:conf/sws/KaushikWA06 fatcat:wmg4rxycy5fzjnv37uuh5ckt3i

The security of any system and people continues to remain a top priority for the company. ... This article gives an overview of the importance of corporate security in today's business. Information security has stood out as paramount importance to organizations. ... , emails of all employees in one system which allows the crisis management team to deliver time-sensitive information such as critical alerts, information on safe locations, emergency contacts, and ongoing ...

doi:10.6084/m9.figshare.7930529 fatcat:qayakajss5hovnnzt6iwyjojn4

Thus, presence authorization policy and privacy filter, which are components of XCAP, are improved based on k-anonymity for stopping indirect privacy leakage. ... For controlling what presence information can be given to which watcher, and when in mHealth presence service, XML Configuration Access Protocol (XCAP) is introduced. ... ACKNOWLEDGEMENTS The author would like to thank Sensible Thing that Communicate (STC) for their founding and the members of sensor reality group for their help. ...

doi:10.5121/ijngn.2010.2403 fatcat:ka3jdnpt7nekzbxlsqgvb2h5pu

The protection and prevention of sensitive data from leakages is a vital issue to every organization, as the data is the most valuable source for any organization. ... In addition, during the time of data sharing, there may be huge chances for the data exposure, leading to leakage or unauthorized modifications. ... A Privacy Policy Model for Enterprises In privacy policy model aimed at enterprises that can serve as the basis for an internal access control system to handle received data in accordance with privacy ...

doi:10.26483/ijarcs.v8i7.4338 fatcat:3gpibsxcpbbd7k46l7zzswrriq

Open Access

In this way, the users' sensitive information is always protected even information leakage occurs. The obfuscated information is properly restored for legitimate browser transactions. ... As user's sensitive information is often the target of such attacks, in this paper, we aim to proactively defeat information leakage with our iObfus framework. ... For example, if iObfus detects an email address smith@gmail.com in its input, it will transform the email address into a fake one such as hnrgs@ymail.com, which can be restored later for legitimate I/O ...

doi:10.1007/978-3-319-02726-5_3 fatcat:njfzvqicxner7azu2y5z5dvqdi

Policy Transformations for Preventing Leakage of Sensitive Information in Email Systems [chapter]

Preserved Fulltext

Some Technologies for Information Security Protection in Weak-Controlled Computer Systems and Their Applicability for eGovernment Services Users [chapter]

Preserved Fulltext

A Survey on Data Leakage Detection and Prevention

Preserved Fulltext

Review of Works Content Analyzer for Information Leakage Detection and Prevention in Android Smart Devices

Preserved Fulltext

Secure Data Exchange and Data Leakage Detection in an Untrusted Cloud [chapter]

Preserved Fulltext

Bypassing information leakage protection with trusted applications

Preserved Fulltext

Data and Information Leakage Prevention Within the Scope of Information Security

Preserved Fulltext

A Survey: Data Leakage Detection Techniques

Preserved Fulltext

Can Content-Based Data Loss Prevention Solutions Prevent Data Leakage in Web Traffic?

Preserved Fulltext

Data exfiltration: A review of external attack vectors and countermeasures

Preserved Fulltext

BPEL orchestration of secure webmail

Preserved Fulltext

Overview of the Importance of Corporate Security in business

Preserved Fulltext

Privacy for MHEALTH Presence

Preserved Fulltext

A COMPREHENSIVE STUDY AND COMPARISON OF VARIOUS METHODS ON DATA LEAKAGES

Preserved Fulltext

Defeat Information Leakage from Browser Extensions via Data Obfuscation [chapter]

Preserved Fulltext