One of the most crucial components of modern Information Technology (IT) systems is data. It can be argued that the majority of IT systems are built to collect, store, modify, communicate and use data, enabling different data stakeholders to access and use it to achieve different business objectives. The confidentiality, integrity, availability, audit ability, privacy, and quality of the data is of paramount concern for end-users ranging from ordinary consumers to multi-national companies. Over the course of time, different frameworks have been proposed and deployed to provide data security. Many of these previous paradigms were specific to particular domains such as military or media content providers, while in other cases they were generic to different verticals within an industry. There is a much needed push for a holistic approach to data security instead of the current bespoke approaches. The age of the Internet has witnessed an increased ease of sharing data with or without authorisation. These scenarios have created new challenges for traditional data security. In this paper, we study the evolution of data security from the perspective of past proposed frameworks, and present a novel Unified Model for Data Security (UMDS). The discussed UMDS reduces the friction from several cross-domain challenges, and has the functionality to possibly provide comprehensive data security to data owners and privileged users

Akram, Raja Naeem

Ko, Ryan K. L.

One of the most crucial components of modern Information Technology (IT) systems is data. It can be argued that the majority of IT systems are built to collect, store, modify, communicate and use data, enabling different data stakeholders to access and use it to achieve different business objectives. The confidentiality, integrity, availability, auditability, privacy, and quality of the data is of paramount concern for end-users ranging from ordinary consumers to multi-national companies. Over the course of time, different frameworks have been proposed and deployed to provide data security. Many of these previous paradigms were specific to particular domains such as military or media content providers, while in other cases they were generic to different verticals within an industry. There is a much needed push for a holistic approach to data security instead of the current bespoke approaches. The age of the Internet has witnessed an increased ease of sharing data with or without authorisation. These scenarios have created new challenges for traditional data security. In this paper, we study the evolution of data security from the perspective of past proposed frameworks, and present a novel Unified Model for Data Security (UMDS). The discussed UMDS reduces the friction from several cross-domain challenges, and has the functionality to possibly provide comprehensive data security to data owners and privileged users

Royal Holloway - Pure

Unified Model for Data Security -- A Position Paper

Abstract—One of the most crucial components of modern Information Technology (IT) systems is data. It can be argued that the majority of IT systems are built to collect, store, modify, communicate and use data, enabling different data stakeholders to access and use it to achieve different business objectives. The confidentiality, integrity, availability, auditability, privacy, and quality of the data is of paramount concern for end-users ranging from ordinary consumers to multi-national companies. Over the course of time, different frameworks have been proposed and deployed to provide data security. Many of these previous paradigms were specific to particular domains such as military or media content providers, while in other cases they were generic to different verticals within an industry. There is a much needed push for a holistic approach to data security instead of the current bespoke approaches. The age of the Internet has witnessed an increased ease of sharing data with or without authorisation. These scenarios have created new challenges for traditional data security. In this paper, we study the evolution of data security from the perspective of past proposed frameworks, and present a novel Unified Model for Data Security (UMDS). The discussed UMDS reduces the friction from several cross-domain challenges, and has the functionality to possibly provide comprehensive data security to data owners and privileged users

Raja Naeem Akram

Ryan K. L. Ko

CiteSeerX

1Unified Model for Data Security – A Position Paper*

Ko, Ryan K.L.

Research Commons@Waikato

English

A ﬁne-grained workﬂow model with provenance-aware security views,”

A Formal Foundation for XrML,”

A Four-layer Model for Security of Digital Rights Management,”

A framework for policies over provenance,”

Access Control: Policies, Models, and Mechanisms,”

An Attribute Based Framework for Risk-Adaptive Access Control Models,”

Apple Removes DRM Restrictions from iTunes.

Automated forensic extraction of encryption keys using behavioral analysis,”

Covert channels in multiple access protocols,”

Data Provenance - the foundation of data quality,”

Data Security in the World of

Design principles and issues of rights expression languages for digital rights management,”

Digital Rights Management for Content Distribution,”

Digital rights management for multimedia content over 3G mobile networks,”

EA: &quot;DRM is a failed dead-end strategy&quot;.

Fable: A language for enforcing user-deﬁned security policies,”

Flogger: A ﬁle-centric logger for monitoring ﬁle access and transfers within cloud computing environments,”

From system-centric to datacentric logging-accountability, trust & security in cloud computing,”

How to track your data: The case for cloud computing provenance,”

Instagram apologizes to users: We won’t sell you photos.

Instagram says it now has the right to sell your photos.

Integrity Considerations for Secure Computer Systems,”

ISO/IEC 21000-5: Information Technology-Multimedia Framework Part 5: Rights Expression Language,

Lineage Retrieval for Scientiﬁc Data Processing: A Survey,”

Lucy in the Sky Without Diamonds: Stealing Conﬁdential Data in the Cloud,”

Medicare & Medicaid Services, “The Health Insurance Portability and Accountability Act of

of Standards and Technology, “A Survey of Access Control Models,” Online,

On the Impossibility of Cryptography Alone for Privacy-preserving Cloud Computing,”

Physical One-way Functions,”

Project: An Open Provenance Architecture for Distributed Applications,”

Protection and the control of information sharing in multics,”

Protection in

Provenance for the Cloud,”

Provenance-aware Storage Systems,”

Pseudorandom Number Generation in Smart Cards: An Implementation, Performance and Randomness Analysis,”

Research on Policy-based Access Control Model,”

Risk-Adaptable Access Control (RAdAC),”

Role-based access control,” in

S2logger: End-to-end data tracking mechanism for cloud data provenance,”

Sarbanes-Oxley Act of

Secure Computer Systems:

Secure Data Management in Trusted Computing,” in Cryptographic Hardware and Embedded Systems - CHES

Secure Provenance: The Essential of Bread and Butter of Data Forensics in Cloud Computing,”

Security and Data Accountability

TBDRM: A TPM-Based Secure

Trustcloud - a framework for accountability and trust in cloud computing,”

Trusted Computing and Operating System Architecture,”

Trusted Computing Group, TCG Speciﬁcation Architecture Overview,” The Trusted Computing Group (TCG),

Unified model for data security - A position paper

University of Queensland eSpace

Unified Model for Data Security - A Position Paper

Name not available

http://researchcommons.waikato.ac.nz/bitstream/handle/10289/9282/Unified%20Model%20for%20Data%20Security%20-%20A%20Position%20Paper.pdf%3Bjsessionid%3D636E2AD7EAE226235CAADCBF8A7AFF53?sequence%3D2

Unified Model for Data Security -- A Position Paper

Abstract

Similar works

Full text

Available Versions

Royal Holloway - Pure

CiteSeerX

Research Commons@Waikato

University of Queensland eSpace

Name not available