1 research outputs found
A policy-based containerized filter for secure information sharing in organizational environments
In organizational environments, sensitive information is unintentionally exposed and sent to the cloud without encryption by insiders that even were previously informed about cloud risks. To mitigate the effects of this information privacy paradox, we propose the design, development and implementation of SecFilter, a security
filter that enables organizations to implement security policies for
information sharing. SecFilter automatically performs the following
tasks: (a) intercepts files before sending them to the cloud; (b)
searches for sensitive criteria in the context and content of the
intercepted files by using mining techniques; (c) calculates the risk
level for each identified criterion; (d) assigns a security level to
each file based on the detected risk in its content and context; and (e)
encrypts each file by using a multi-level security engine, based on
digital envelopes from symmetric encryption,
attribute-based encryption and digital signatures to guarantee the
security services of confidentiality, integrity and authentication on
each file at the same time that access control mechanisms
are enforced before sending the secured file versions to cloud storage.
A prototype of SecFilter was implemented for a real-world file sharing
application that has been deployed on a private cloud. Fine-tuning of
SecFilter components is described and a case study has been conducted
based on document sharing of a well-known repository (MedLine corpus).
The experimental evaluation revealed the feasibility and efficiency of
applying a security filter to share information in organizational
environmentsThis work has been partially supported by the Spanish “Ministerio de Economia y Competitividad” under the project grant TIN2016-79637-P “Towards Unification of HPC and Big Dataparadigms”