By Topic

Collaboration requirements: a point of failure in protecting information

Sign In

Cookies must be enabled to login.After enabling cookies , please use refresh or reload or ctrl+f5 on the browser for the login options.

Formats Non-Member Member
$31 $13
Learn how you can qualify for the best price for this item!
Become an IEEE Member or Subscribe to
IEEE Xplore for exclusive pricing!
close button

puzzle piece

IEEE membership options for an individual and IEEE Xplore subscriptions for an organization offer the most affordable access to essential journal articles, conference papers, standards, eBooks, and eLearning courses.

Learn more about:

IEEE membership

IEEE Xplore subscriptions

1 Author(s)
Wiederhold, G. ; Dept. of Comput. Sci., Stanford Univ., CA, USA

It is sometimes necessary to collaborate with individuals and organizations which should not be fully trusted. Collaborators must be authorized to access information systems some of the data in which, typically, should be withheld. New collaborations require dynamic alterations to security provisions. Solutions based on extending access control to deal with collaborations are either awkward and costly, or unreliable. An alternative approach, complementing basic access control, is results filtering. Content filtering is also costly, but provides a number of benefits not obtainable with access control alone. The most important is that the complexity of setting up and maintaining isolating information cells for every combination of access rights is avoided. New classes of collaborators can be added without requiring a reorganization of the entire information structure. There is no overhead for internal use. Since content of documents, not their labels, is checked, misfiling will not cause inappropriate release. The approach used in the TIHI/SAW projects at Stanford uses simple rules to drive filtering primitives. The filters run on a modest, but dedicated computer managed by a security officer. The rules implement the security policy and balance manual effort and complexity. The functional allocation of responsibilities is good. Result filtering can also be used to implement pure intrusion detection, since it is invisible. The intruder can be given an impression of success, while becoming a target for monitoring or cover stories

Published in:

Systems, Man and Cybernetics, Part A: Systems and Humans, IEEE Transactions on  (Volume:31 ,  Issue: 4 )