Research On Key Techniques Of Data Leakage Prevention For Insider Threats

With the rapid development of information networks, the application environment ofdata has become increasingly complex. The data owner would encounter various risk ofleakage in the whole life-cycle of data. The leakage caused by insider threats is increasingprominently. Traditional Data Leakage Prevention(DLP) technologies can effectivelydefend outsider attacks, but lack of protection against insider threats. Moreover, most ofthese technologies provide appropriate protection mechanisms against special situationsof data life-cycle with lack of unifying principles. So a failure at one point would breakdown all the protection mechanisms. What's more important, the extensive application ofdistributed computing and cloud computing have brought many new challenges to DLP.How to effectively prevent data leakage caused by insider threats and especially assure thesecurity of data in storage, usage and sharing by building unified protection mechanismsfor the whole life-cycle of data has become a burning problem for information security.This paper analyzes protection requirements in all stages of data life-cycle and proposesan active data leakage prevention model against insider threats. And then we presentthe theoretical basis and implementation techniques of this model though researching informationflow constraint mechanism, trusted subjects behavior isolation and active protectionimplementation architecture.Finally, we design and implement a secure removablestorage device which has active defense capabilities against data leakage.The main contributions of this paper are as follows:1. We propose an active data leakage prevention model against insider threats. Byextending the attributes and security mechanisms of data objects and data storage environment,this model contributes to adding the Secure Data Container(SDC) to data. TheSDC will provide trust detection and usage control with the data. Then we also give theimplementation framework for providing key ideas for the following research.2. We propose an Active Chinese Wall Model(ACWM) based on one-way informationflow constraints. This model extends the conflict and alliance relation in traditionalChinese Wall Model(CWM) and presents the conception of active conflict and alliance relation.Based on this , we present the formal description of ACWM and proof its securityfeatures. Then we compare ACWM with traditional CWMs and BLP model. The resultshows the flexibility and adaptability of ACWM. Implementation frameworks based on ACWM are also presented for DLP on three different scenarios in the end.3. We propose a dynamic isolation mechanism for the confinement of trusted subjects.This mechanism set the isolation domain according to the protection requirementof achieved data and dynamically extends the domain through isolation on read, write andcommunication operations of the trusted subject. We present implementation strategiesfor migration of files and processes. Then we give formal descriptions of the mechanismand proof the security for data leakage prevention. Based on this, we implement theDynamic-Isolation-enhanced Featherweight Virtual Machine(DI-FVM) by creating virtualizationlayer in the operating system level which can provide fine-grained behavioralconstraints for trusted subjects.4. We propose an Usage-Expectation-based Active Secure Storage(UE-ASS) architecture.In order to build an unified security requirement description mechanism for dataleakage, we present the conception of expectation according to the security constraintson attributes, access operations and usage contexts of the data object. Based on this, weextend the usage control model from the data perspective to providing continuous controlfrom storage device to usage environment. Then we give UE-ASS architecture, whichcombines the active protection mechanism with the storage device and constructs virtualisolated usage environment in terminal system before usage.5. Based on the above models and technologies, we design and implement a secureremovable storage device called UTrsutDisk. The hardware is integrated with an embeddedsecurity chip and achieves active defense by the Chip Operating System(COS). COSwill build a dynamic virtual isolation environment, named DI-FVM, in terminal systemand manage the usage expectations of data. So, UTrustDisk provides continuous protectionwhen the data is transmitting from the storage device to usage environment.All the above research results provide effective theories and technologies for dataleakage prevention especially against insider threats. The formal verification of informationflow confinement and dynamic isolation mechanism shows the theoretical contributions.Meanwhile, the implementation and evaluation result shows the effectiveness fordata leakage in practice.