Jaehong Park & Ravi Sandhu
George Mason University
USA

James Schifalacqua
SI International, Inc.
USA

Besides securing transmission of digital information at lower layers, several application-level security solutions for controlled dissemination of digital information have been developed using cryptographic, watermarking or use-control technologies. These dissemination control solutions have been designed for different business purposes. Little research, if any, identifies security architectures for controlling or tracking digital information dissemination in general. The identification of such will provide a foundation for developing appropriate security solutions for organizations’ secure dissemination of digital information, and provide a better understanding of current application-level security solutions.

In this paper, we identify eight application-level security architectures based on the following three elements: Virtual Machine, Control Set, and Distribution Style. Some of the architectures provide control and tracking capabilities for dissemination and usage of digital information, while others provide only tracking capability. We describe the architectures and compare their capabilities, merits, and demerits. In addition, we review briefly some of the required mechanisms, including watermarking and use-control technologies. Also, we relate some of commercial solutions to our security architectures in order to provide insight on the current availability of our solutions architectures.

Read Paper (in PDF)