A network based document management model to prevent data extrusion

Morovati, Kamran; Kadam, Sanjay; Ghorbani, Ali A.

doi:10.1016/j.cose.2016.02.003

Cited by 9 publications

(6 citation statements)

References 14 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…This cyberattack can be in the form of DDoS on the Power Grid [24], Web attack [31], or attack the point of Sale (POS) [30]. Apart from cyberattacks, there are also External attacks [33,34], Insider Threat [35,36], Unauthorized Access [37,38], Targeted attacks [39,40], Hybrid Threats [41], Hazardous Event [42], Nature Disasters [43], Social Engineering [44], Falsification Attacks [45], Breach Attack [46], Data Theft [47], and Data Tampering [48] commonly found in CIIP. If we quote directly from the literature, vulnerability also has many terms.…”

Section: Data Extractionmentioning

confidence: 99%

“…There is a lack of connection between CII managers, so it is necessary to control safeguards to avoid risks. Other vulnerabilities found in the literature are Misconfigured Security Control [32,37,47], Collaborative Systems [38,52], Financial Vulnerability [30,31], Operator Mistakes [35,44], Lack Traceability [48,54], Unsecure Framework [53], Internal Turmoil [34], Unresolved Risk [42], Unknown Machine Failure [43], Manual Negotiation of Access Control [49], IoT Interconnection [45], Insecure Communication Technology [46], No Defense In-Depth [36], Sensor Misconfiguration [29], and Design Vulnerability [39].…”

Section: Data Extractionmentioning

confidence: 99%

See 1 more Smart Citation

Review of Security Principles and Security Functions in Critical Information Infrastructure Protection

Putro¹,

Sensuse²

2022

IJSSE

View full text Add to dashboard Cite

There is quite a lot of research on Critical Information Infrastructure Protection (CIIP), but what threats and vulnerabilities are considered in the security principle offered is unknow. Likewise, the security functions provided have not been measured. This study is a review of CIIP using the Kitchenham framework. From 31 scientific publications and 5 CIIP standards, it was found that there were 13 threats and 16 vulnerabilities were categorized into three security principles. As a result of measuring security functions on CIIP, we found that only 25% provide all security functions.

show abstract

Section: Data Extractionmentioning

confidence: 99%

Section: Data Extractionmentioning

confidence: 99%

Review of Security Principles and Security Functions in Critical Information Infrastructure Protection

Putro¹,

Sensuse²

2022

IJSSE

View full text Add to dashboard Cite

show abstract

“…Upon the DLP research topic, G. Lawton, Sultan Alneyadi, and P. Papadimitriou respectively studied on and contributed to data leakage detection, protection and prevention since 2008 [1−4] , Kamran Morovati proposed network based document management model to prevent data extrusion [5] , Xuyun Zhang et al proposed privacy leakage upper bound constraint-based approach in cloud environment [6] , G. Katz proposed a context based model for data leakage prevention [7] , J. Chavan and P. Desai studied relational data leakage detection using fake object and allocation strategies [8] , Charles Perez built up a multi-layer imbrication method for data leakage prevention from mobile devices [9] , M. Hart proposed text classification for data loss prevention [10] , A. Kumar focused on comparative evaluation of algorithms for effective data leakage detection [11] . While famous security enterprises such as McAfee [12] , Symantec [13] , Websense [14] and Chinese Security Enterprise VRV [15] , Esafenet [16] developed their DLP/ILP products for data leakage protection and prevention.…”

Section: Related Workmentioning

confidence: 99%

CPSec DLP: Kernel‐Level Content Protection Security System of Data Leakage Prevention

2017

Chin. j. electron.

View full text Add to dashboard Cite

“…Government services with absolute protection or security control administer the latest technologies, such as cybersecurity in IoT (Chatfield and Reddick, 2019). With the definition of smart government as the CII of the government administration sector, the development of security controls (security control development) dominates the security trend in this sector (Chaisuriya et al , 2018; Khalil, 2016; Laugé et al , 2015; Morovati et al , 2016; Ravishankar et al , 2018; Rodríguez-Hoyos et al , 2019). These studies identified technology for preventive and detective functions by examining the risk and interdependency with other critical services.…”

Section: Introductionmentioning

confidence: 99%

Framework for critical information infrastructure protection in smart government: a case study in Indonesia

Putro,

Sensuse,

Wibowo

2023

ICS

View full text Add to dashboard Cite

Purpose This paper aims to develop a framework for critical information infrastructure (CII) protection in smart government, an alternative measure for common cybersecurity frameworks such as NIST Cybersecurity Framework and ISO 27001. Smart government is defined as the government administration sector of CII due to its similarity as a core of smart technology. Design/methodology/approach To ensure the validity of the data, the research methodology used in this paper follows the predicting malfunctions in socio-technical systems (PreMiSTS) approach, a variation of the socio-technical system (STS) approach specifically designed to predict potential issues in the STS. In this study, PreMiSTS was enriched with observation and systematic literature review as its main data collection method, thematic analysis and validation by experts using fuzzy Delphi method (FDM). Findings The proposed CII protection framework comprises several dimensions: objectives, interdependency, functions, risk management, resources and governance. For all those dimensions, there are 20 elements and 41 variables. Practical implications This framework can be an alternative guideline for CII protection in smart government, particularly in government administration services. Originality/value The author uses PreMiSTS, a socio-technical approach combined with thematic analysis and FDM, to design a security framework for CII protection. This combination was designed as a mixed-method approach to improve the likelihood of success in an IT project.

show abstract

A network based document management model to prevent data extrusion

Cited by 9 publications

References 14 publications

Review of Security Principles and Security Functions in Critical Information Infrastructure Protection

Review of Security Principles and Security Functions in Critical Information Infrastructure Protection

CPSec DLP: Kernel‐Level Content Protection Security System of Data Leakage Prevention

Framework for critical information infrastructure protection in smart government: a case study in Indonesia

Contact Info

Product

Resources

About