About | Contact Us | Register | Login
ProceedingsSeriesJournalsSearchEAI
Collaborative Computing: Networking, Applications and Worksharing. 4th International Conference, CollaborateCom 2008, Orlando, FL, USA, November 13-16, 2008, Revised Selected Papers

Research Article

Protecting Sensitive Information in Directory Services Using Virtual Directories

Download(Requires a free EAI acccount)
602 downloads
Cite
BibTeX Plain Text
  • @INPROCEEDINGS{10.1007/978-3-642-03354-4_19,
        author={William Claycomb and Dongwan Shin},
        title={Protecting Sensitive Information in Directory Services Using Virtual Directories},
        proceedings={Collaborative Computing: Networking, Applications and Worksharing. 4th International Conference, CollaborateCom 2008, Orlando, FL, USA, November 13-16, 2008, Revised Selected Papers},
        proceedings_a={COLLABORATECOM},
        year={2012},
        month={5},
        keywords={Access controls Cryptographic controls Data encryption Public key cryptosystems Privacy Information resource management Data dictionary/directory},
        doi={10.1007/978-3-642-03354-4_19}
    }
    
  • William Claycomb
    Dongwan Shin
    Year: 2012
    Protecting Sensitive Information in Directory Services Using Virtual Directories
    COLLABORATECOM
    Springer
    DOI: 10.1007/978-3-642-03354-4_19
William Claycomb1,*, Dongwan Shin2,*
  • 1: Sandia National Laboratories
  • 2: New Mexico Tech
*Contact email: wrclayc@sandia.gov, doshin@nmt.edu

Abstract

Directory services are commonly used to store information related to individuals, and often act as a source for security services, such as authentication and access control, in collaborative applications within/across organizations. Hence, there is an urgent need to protect the sensitive information they contain. Existing solutions offer minimal protection against insider attacks, a growing threat to both government and industry data services. In this paper we present a solution for data protection that leverages virtual directories and data encryption to provide a user-centric approach to data protection, delegation, and collaboration. A security architecture is presented, along with the discussion of the benefits and vulnerabilities of our approach. We also discuss a proof-of-concept implementation and performance testing results.

Keywords
Access controls Cryptographic controls Data encryption Public key cryptosystems Privacy Information resource management Data dictionary/directory
Published
2012-05-11
http://dx.doi.org/10.1007/978-3-642-03354-4_19
Copyright © 2008–2025 ICST
EBSCOProQuestDBLPDOAJPortico
EAI Logo

About EAI

  • Who We Are
  • Leadership
  • Research Areas
  • Partners
  • Media Center

Community

  • Membership
  • Conference
  • Recognition
  • Sponsor Us

Publish with EAI

  • Publishing
  • Journals
  • Proceedings
  • Books
  • EUDL