Araştırma Makalesi
BibTex RIS Kaynak Göster

Yıl 2020, Cilt: 24 Sayı: 4, 770 - 781, 01.08.2020

Hussein Al-sanabani Murat İskefiyeli

https://doi.org/10.16984/saufenbilder.655984

Öz

Kaynakça

  • [1] S. Liu and R. Kuhn, “Data loss prevention,” IT Prof., vol. 12, no. 2, pp. 10–13, Mar. 2010.
  • [2] J.-S. Wu, Y.-J. Lee, S.-K. Chong, C.-T. Lin, and J.-L. Hsu, “Key Stroke Profiling for Data Loss Prevention,” in 2013 Conference on Technologies and Applications of Artificial Intelligence, pp. 7–12, 2013.
  • [3] R. Tahboub and Y. Saleh, “Data Leakage/Loss Prevention Systems (DLP),” in 2014 World Congress on Computer Applications and Information Systems (WCCAIS), vol. 1, pp. 1–6, 2014.
  • [4] S. Alneyadi, E. Sithirasenan, and V. Muthukkumarasamy, “A survey on data leakage prevention systems,” J. Netw. Comput. Appl., vol. 62, pp. 137–152, Feb. 2016.
  • [5] A. Shabtai, Y. Elovici, and L. Rokach, A Survey of Data Leakage Detection and Prevention Solutions. Boston, MA: Springer US, 2012.
  • [6] Symantec, “Internet Security Threat Report,” vol. 22, no. April, 2017.
  • [7] PwC, “Managing cyber risks in an interconnected world: Key fndings from The Global State of Information Security Survey 2015,” 2014.
  • [8] PwC, “The Global State of Information Security Survey 2018,” pwc.com, 2018. [Online]. Available: https://www.pwc.com/us/en/services/consulting/cybersecurity/library/information-security-survey.html. [Accessed: 09-May-2020].
  • [9] N. Mickelberg, Kevin; Schive, Laurie; Pollard, “US cybercrime: Rising risks, reduced readiness Key fndings from the 2014 US State of Cybercrime Survey,” 2014.
  • [10] S. Alneyadi, E. Sithirasenan, and V. Muthukkumarasamy, “Detecting Data Semantic: A Data Leakage Prevention Approach,” in 2015 IEEE Trustcom/BigDataSE/ISPA, vol. 1, pp. 910–917, 2015.
  • [11] R. Mogull and M. Rothman, “Understanding and Selecting a Data Loss Prevention Solution,” 2017.
  • [12] B. Reed and N. Wynne, “Magic Quadrant for Content-Aware Data Loss Prevention,” 2016.
  • [13] T. Wuchner and A. Pretschner, “Data Loss Prevention Based on Data-Driven Usage Control,” in 2012 IEEE 23rd International Symposium on Software Reliability Engineering, pp. 151–160, 2012.
  • [14] M. Petkovic, M. Popovic, I. Basicevic, and D. Saric, “A Host Based Method for Data Leak Protection by Tracking Sensitive Data Flow,” in 2012 IEEE 19th International Conference and Workshops on Engineering of Computer-Based Systems, pp. 267–274, 2012.
  • [15] M. H. Matthee, “Tagging Data to Prevent Data Leakage (Forming Content Repositories),” SANS Inst., pp. 1–26, 2016.
  • [16] I. McAfee, “McAfee Host Data Loss Prevention 2.2.1 Product Guide.” McAfee, Inc, pp. 1–80, 2008.
  • [17] I. McAfee, “McAfee Data Loss Prevention 11.0.300 Product Guide.” McAfee, Inc, pp. 1–211, 2020.
  • [18] S. S. Dandavate, P.P.; Dhotre, “Data Leakage Detection using Image and Audio Files,” Int. J. Comput. Appl., vol. 115, no. 8, pp. 1–4, 2015.
  • [19] P. S. V. Kale, Sandip A.; Kulkarni, “Data Leakage Detection,” Int. J. Adv. Res. Comput. Commun. Eng., vol. 1, no. 9, pp. 668–678, 2012.
  • [20] Microsoft, “Overview of data loss prevention,” microsoft.com, 2019. [Online]. Available: https://docs.microsoft.com/en-us/microsoft-365/compliance/data-loss-prevention-policies?view=o365-worldwide. [Accessed: 09-May-2020].
  • [21] J. Andress, “What is Information Security?,” in The Basics of Information Security, Elsevier, pp. 1–22, 2014.
  • [22] B. Guttman and E. Roback, An Introduction to Computer Security : The NIST Handbook, vol. SP800, no. 12. 1995.
  • [23] L. Arbel, “Data loss prevention: the business case,” Comput. Fraud Secur., vol. 2015, no. 5, pp. 13–16, May 2015.
  • [24] T. Caldwell, “Data loss prevention – not yet a cure,” Comput. Fraud Secur., vol. 2011, no. 9, pp. 5–9, Sep. 2011.
  • [25] B. Hauer, “Data and Information Leakage Prevention Within the Scope of Information Security,” IEEE Access, vol. 3, pp. 2554–2565, 2015.
  • [26] M. Diri, Mustafa; Gülçiçek, “Türkiye’de Kamu Hizmetinin Görülmesinde Kullanılmakta Olan Gizlilik Derecesi Tanımları: Uygulamadaki Sorunlar ve Çözüm Önerileri,” Maliye Derg., vol. 162y, pp. 497–537, 2012.
  • [27] Office Cabinet UK, Government Security Classifications April 2014, pp. 1–35, 2013.

A DLP Module Design Based on Plug-in for MS Word

Yıl 2020, Cilt: 24 Sayı: 4, 770 - 781, 01.08.2020

Hussein Al-sanabani Murat İskefiyeli

https://doi.org/10.16984/saufenbilder.655984

Öz

Inadvertent Data leakage by insiders is considered a serious problem for many organizations. Organizations are increasingly implementing Data Leakage/Loss Prevention solutions also know as (DLP), to protect the confidentiality of their data. Currently, DLP solutions have difficulties to identify confidential data as well as lack the ability to allow users to distinguish confidential from non-confidential data. Moreover, they are limited to work outside organizations. In order to solve this problem, it is important to introduce a DLP-Plugins model where the data owners can identify the privacy of the files during their entire lifecycle (creating, editing, etc.) by classifying them. This model uses security measures such as data encryption and access control to prevent accidental leakage of the classified files by the insiders. The proposed model guarantees that the right user will have access to the correct files according to their security access privilege inside or outside the organization. By always keeping classified files encrypted this will protect them all the time and everywhere. The DLP-Plugins model guarantees the usability for the users, all that will be required is to simply open and close the file as they do normally. As an example of the DLP-Plugins model, we have built a DLP-Plugin for Microsoft Word.

Anahtar Kelimeler

Data loss prevention data leakage prevention encryption access control plugin

Kaynakça

  • [1] S. Liu and R. Kuhn, “Data loss prevention,” IT Prof., vol. 12, no. 2, pp. 10–13, Mar. 2010.
  • [2] J.-S. Wu, Y.-J. Lee, S.-K. Chong, C.-T. Lin, and J.-L. Hsu, “Key Stroke Profiling for Data Loss Prevention,” in 2013 Conference on Technologies and Applications of Artificial Intelligence, pp. 7–12, 2013.
  • [3] R. Tahboub and Y. Saleh, “Data Leakage/Loss Prevention Systems (DLP),” in 2014 World Congress on Computer Applications and Information Systems (WCCAIS), vol. 1, pp. 1–6, 2014.
  • [4] S. Alneyadi, E. Sithirasenan, and V. Muthukkumarasamy, “A survey on data leakage prevention systems,” J. Netw. Comput. Appl., vol. 62, pp. 137–152, Feb. 2016.
  • [5] A. Shabtai, Y. Elovici, and L. Rokach, A Survey of Data Leakage Detection and Prevention Solutions. Boston, MA: Springer US, 2012.
  • [6] Symantec, “Internet Security Threat Report,” vol. 22, no. April, 2017.
  • [7] PwC, “Managing cyber risks in an interconnected world: Key fndings from The Global State of Information Security Survey 2015,” 2014.
  • [8] PwC, “The Global State of Information Security Survey 2018,” pwc.com, 2018. [Online]. Available: https://www.pwc.com/us/en/services/consulting/cybersecurity/library/information-security-survey.html. [Accessed: 09-May-2020].
  • [9] N. Mickelberg, Kevin; Schive, Laurie; Pollard, “US cybercrime: Rising risks, reduced readiness Key fndings from the 2014 US State of Cybercrime Survey,” 2014.
  • [10] S. Alneyadi, E. Sithirasenan, and V. Muthukkumarasamy, “Detecting Data Semantic: A Data Leakage Prevention Approach,” in 2015 IEEE Trustcom/BigDataSE/ISPA, vol. 1, pp. 910–917, 2015.
  • [11] R. Mogull and M. Rothman, “Understanding and Selecting a Data Loss Prevention Solution,” 2017.
  • [12] B. Reed and N. Wynne, “Magic Quadrant for Content-Aware Data Loss Prevention,” 2016.
  • [13] T. Wuchner and A. Pretschner, “Data Loss Prevention Based on Data-Driven Usage Control,” in 2012 IEEE 23rd International Symposium on Software Reliability Engineering, pp. 151–160, 2012.
  • [14] M. Petkovic, M. Popovic, I. Basicevic, and D. Saric, “A Host Based Method for Data Leak Protection by Tracking Sensitive Data Flow,” in 2012 IEEE 19th International Conference and Workshops on Engineering of Computer-Based Systems, pp. 267–274, 2012.
  • [15] M. H. Matthee, “Tagging Data to Prevent Data Leakage (Forming Content Repositories),” SANS Inst., pp. 1–26, 2016.
  • [16] I. McAfee, “McAfee Host Data Loss Prevention 2.2.1 Product Guide.” McAfee, Inc, pp. 1–80, 2008.
  • [17] I. McAfee, “McAfee Data Loss Prevention 11.0.300 Product Guide.” McAfee, Inc, pp. 1–211, 2020.
  • [18] S. S. Dandavate, P.P.; Dhotre, “Data Leakage Detection using Image and Audio Files,” Int. J. Comput. Appl., vol. 115, no. 8, pp. 1–4, 2015.
  • [19] P. S. V. Kale, Sandip A.; Kulkarni, “Data Leakage Detection,” Int. J. Adv. Res. Comput. Commun. Eng., vol. 1, no. 9, pp. 668–678, 2012.
  • [20] Microsoft, “Overview of data loss prevention,” microsoft.com, 2019. [Online]. Available: https://docs.microsoft.com/en-us/microsoft-365/compliance/data-loss-prevention-policies?view=o365-worldwide. [Accessed: 09-May-2020].
  • [21] J. Andress, “What is Information Security?,” in The Basics of Information Security, Elsevier, pp. 1–22, 2014.
  • [22] B. Guttman and E. Roback, An Introduction to Computer Security : The NIST Handbook, vol. SP800, no. 12. 1995.
  • [23] L. Arbel, “Data loss prevention: the business case,” Comput. Fraud Secur., vol. 2015, no. 5, pp. 13–16, May 2015.
  • [24] T. Caldwell, “Data loss prevention – not yet a cure,” Comput. Fraud Secur., vol. 2011, no. 9, pp. 5–9, Sep. 2011.
  • [25] B. Hauer, “Data and Information Leakage Prevention Within the Scope of Information Security,” IEEE Access, vol. 3, pp. 2554–2565, 2015.
  • [26] M. Diri, Mustafa; Gülçiçek, “Türkiye’de Kamu Hizmetinin Görülmesinde Kullanılmakta Olan Gizlilik Derecesi Tanımları: Uygulamadaki Sorunlar ve Çözüm Önerileri,” Maliye Derg., vol. 162y, pp. 497–537, 2012.
  • [27] Office Cabinet UK, Government Security Classifications April 2014, pp. 1–35, 2013.
Toplam 27 adet kaynakça vardır.

Ayrıntılar

Birincil Dil İngilizce
Konular Bilgisayar Yazılımı
Bölüm Araştırma Makalesi
Yazarlar

Hussein Al-sanabani 0000-0001-6580-4470

Murat İskefiyeli 0000-0002-8210-5070

Yayımlanma Tarihi 1 Ağustos 2020
Gönderilme Tarihi 8 Aralık 2019
Kabul Tarihi 2 Haziran 2020
Yayımlandığı Sayı Yıl 2020 Cilt: 24 Sayı: 4

Kaynak Göster

APA Al-sanabani, H., & İskefiyeli, M. (2020). A DLP Module Design Based on Plug-in for MS Word. Sakarya University Journal of Science, 24(4), 770-781. https://doi.org/10.16984/saufenbilder.655984
AMA Al-sanabani H, İskefiyeli M. A DLP Module Design Based on Plug-in for MS Word. SAUJS. Ağustos 2020;24(4):770-781. doi:10.16984/saufenbilder.655984
Chicago Al-sanabani, Hussein, ve Murat İskefiyeli. “A DLP Module Design Based on Plug-in for MS Word”. Sakarya University Journal of Science 24, sy. 4 (Ağustos 2020): 770-81. https://doi.org/10.16984/saufenbilder.655984.
EndNote Al-sanabani H, İskefiyeli M (01 Ağustos 2020) A DLP Module Design Based on Plug-in for MS Word. Sakarya University Journal of Science 24 4 770–781.
IEEE H. Al-sanabani ve M. İskefiyeli, “A DLP Module Design Based on Plug-in for MS Word”, SAUJS, c. 24, sy. 4, ss. 770–781, 2020, doi: 10.16984/saufenbilder.655984.
ISNAD Al-sanabani, Hussein - İskefiyeli, Murat. “A DLP Module Design Based on Plug-in for MS Word”. Sakarya University Journal of Science 24/4 (Ağustos 2020), 770-781. https://doi.org/10.16984/saufenbilder.655984.
JAMA Al-sanabani H, İskefiyeli M. A DLP Module Design Based on Plug-in for MS Word. SAUJS. 2020;24:770–781.
MLA Al-sanabani, Hussein ve Murat İskefiyeli. “A DLP Module Design Based on Plug-in for MS Word”. Sakarya University Journal of Science, c. 24, sy. 4, 2020, ss. 770-81, doi:10.16984/saufenbilder.655984.
Vancouver Al-sanabani H, İskefiyeli M. A DLP Module Design Based on Plug-in for MS Word. SAUJS. 2020;24(4):770-81.
 Kapak Resmi İndir

Sakarya University Journal of Science (SAUJS)