Modern organizations face increasingly complex information management requirements. A combination of commercial needs, legal liability and regulatory imperatives has created a patch-work of mandated policies. Among these, personally identifying customer records must be carefully access-controlled, sensitive files must be encrypted on mobile computers to guard against physical theft and intellectual property must be protected from both exposure and ``poisoning.'' However, enforcing such policies can be quite difficult in practice since users routinely share data over networks and derive new files from these inputs -- incidentally laundering any policy restrictions. In this paper, we describe a VMM system called Neon that transparently labels derived data using byte-level ``tints'' and tracks these labels end-to-end across commodity applications, operating systems and networks. We demonstrate that this mechanism allows the enforcement of a variety of data management policies, including data-dependent confinement, intellectual property management, and mandatory I/O encryption.
The authors of these documents have submitted their reports to this technical report series for the purpose of non-commercial dissemination of scientific work. The reports are copyrighted by the authors, and their existence in electronic format does not imply that the authors have relinquished any rights. You may copy a report for scholarly, non-commercial purposes, such as research or instruction, provided that you agree to respect the author's copyright. For information concerning the use of this document for other than research or instructional purposes, contact the authors. Other information concerning this technical report series can be obtained from the Computer Science and Engineering Department at the University of California at San Diego, firstname.lastname@example.org.
[ Search ]