Advertisement

Some Technologies for Information Security Protection in Weak-Controlled Computer Systems and Their Applicability for eGovernment Services Users

  • Anton Palazov
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 6555)

Abstract

The users of eGovernment services start exchanging documents with administrative authorities, making ePayments, and in such communications the risks of confidential information disclosure and direct financial losses are growing up. The computer systems of these users are weak-controlled and are outside of sphere of well-defined information security protection decisions. The technologies for data protection in case of theft or loss of computers and data devices and in case of data leakage are very important for eGovernment services users and must have appropriate properties to be useful for their security needs. A model of anti-theft technology implementation, which disables stolen computers and can send them data-destructive commands to erase sensitive data, is presented. The technologies for control over the channels which can lead to data leakage protect data by whitelisting or blacklisting some devices or ports, by prohibit and allow some actions and operations, or by transparent encryption of outbound data. Some technologies for control over the leaving data use pre-defined set of sensitive data type definitions. Users can select definitions to apply or can customize some of them according specific conditions or regulations. At the end some conclusions about applicability of anti-theft and sensitive data leakage prevention technologies for protection of information security of eGovernment users was done.

Keywords

eGovermnemt services users anti-theft data leakage prevention sensitive data type definitions 

References

  1. 1.
    State of Internet security: protecting the network. Webroot software (2009)Google Scholar
  2. 2.
    Zeltser, L.: Emerging Internet security threats in 2009 (2009)Google Scholar
  3. 3.
    CSI Computer Crime and security survey. CSI (2009)Google Scholar
  4. 4.
    CISCO Midyear Security Report., CISCO (2009)Google Scholar
  5. 5.
    Symantec Endpoint Protection - value delivery research study. Symantec Corp. (2009)Google Scholar
  6. 6.
    Magic Quadrant for Endpoint protection platform. Gartner (2009)Google Scholar
  7. 7.
    Endpoint security and data protection. Sophos (2009)Google Scholar
  8. 8.
    Filkins, B., Radcliff, D.: Data leakage landscape: Where data leaks and how to apply next generation tools. SANS Institute (2008)Google Scholar
  9. 9.
    Mogull, R.: Is DLP keeping your data where it should be? Information Security magazine 2 (2009)Google Scholar
  10. 10.
    The evolution of endpoint security. Sophos (2009)Google Scholar
  11. 11.
    State of Endpoint. Ponemon institute (2009)Google Scholar
  12. 12.
    Palazov, A.: Policies and architectures for information security of citizens as users of the eGovernment. Sofia, Alternativi (2008)Google Scholar

Copyright information

© IFIP International Federation for Information Processing 2011

Authors and Affiliations

  • Anton Palazov
    • 1
  1. 1.Department of Information Technologies and Communications, UNSSUniversity of National and World EconomySofiaBulgaria

Personalised recommendations