User-centric, Secure Information Flow Management in Enterprise Systems (USIFES)

企业系统中以用户为中心的安全信息流管理 (USIFES)

• 批准号: 183607037
• 负责人: Professor Dr. Colin Atkinson
• 金额: --
• 依托单位: Lehrstuhl für Informatik I - IT-Sicherheitsinfrastrukturen
• 依托单位国家: 德国
• 项目类别: Priority Programmes
• 财政年份: 2010
• 资助国家: 德国
• 起止时间: 2009-12-31 至 2013-12-31
• 项目状态: 已结题
• 来源: https://gepris.dfg.de/gepris/projekt/183607037?language=en
• 关键词: User; centric; Secure; Information; Flow

Data security is increasingly threatened by the complexity of networked enterprise information systems. Classical methods of access control and authorization fail because threats often arise from unintentional or intentional activities of authorized users. In this project, we focus on controlling undesired information flow at the interface between system and user. Often undesired information flows result not from malicious attacks but from the interaction of several usage events and information exchanges that, on their own, appear to be quite harmless. Together, however, they break the security policy of the system. The goal of this project is to develop a technique to identify, model, and protect against undesirable information flows resulting from the interplay between human-computer, human-human and computer-computer interactions. To this end, we formalize system and user actions that could potentially result in information flow and develop a domain specific language to specify sequences of such actions. We identify these actions by (1) taking the viewpoint of an attacker, and (2) mining information flow activities from real users. Our approach include the definition of test cases to verify, measure and certify the level to which system are secure against the identified threats. We validate our approach by developing a demonstrator in the context of existing standard enterprise software.

网络化企业信息系统的复杂性对数据安全构成越来越大的威胁。传统的访问控制和授权方法失败了，因为威胁通常来自授权用户的无意或有意的活动。在这个项目中，我们专注于在系统和用户之间的界面上控制不需要的信息流。通常，不受欢迎的信息流不是来自恶意攻击，而是几个使用事件和信息交换的交互作用，而这些事件和信息交换本身似乎是完全无害的。然而，它们一起打破了系统的安全策略。该项目的目标是开发一种技术来识别、建模和防止因人-计算机、人-人和计算机-计算机之间的交互作用而产生的不良信息流。为此，我们将可能导致信息流的系统和用户操作形式化，并开发特定于领域的语言来指定此类操作的序列。我们通过(1)从攻击者的角度来识别这些行为，以及(2)从真实用户中挖掘信息流活动。我们的方法包括定义测试用例，以验证、测量和证明系统针对已识别的威胁的安全级别。我们通过在现有标准企业软件环境中开发一个演示程序来验证我们的方法。