Abstract
Data Leakage Prevention (DLP) is the general term for a new approach to avoid data breaches. To achieve this goal, all currently available implementations of this concept perform an analysis of intercepted data to detect breaches in a generic way. The analysis is typically based on user-defined policies which specify what data is valuable. There are several different approaches to both define these content policies and to intercept data to enable analysis.
In this paper, we introduce a methodology to evaluate DLP solutions and we exemplify the method by testing two DLP implementations in detail. Our review process is an essential step in the life cycle of every new software or concept: there should be a continuous cycle of test phases and examinations before a solution can be regarded to be dependable. To perform such an analysis in a structured way, we develop a set of generic tests which evaluate critical parts of important functionality in a DLP solution. We focus on the development of a set of tests that evaluate the DLP specific functionality, instead of performing a traditional vulnerability assessment.
Our empirical tests reveal security vulnerabilities in the tested products. The vulnerabilities have different impact, like the fact that data breaches can still happen or even new leakage vectors can arise.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
Similar content being viewed by others
References
BBC. Teacher’s details on missing disk. http://news.bbc.co.uk/1/hi/england/west_midlands/7636822.stm, 2008.
Simon Byers. Information Leakage Caused by Hidden Data in Published Documents. IEEE Security and Privacy, 2(2):23–27, 2004.
P. Proctor E. Quellet and R. Mogull. Magic Quadrant for Content Monitoring and Filtering and Data Loss Prevention. Technical report, Gartner RAS Core Research, 2007.
The Guardian. Ebay camera contains secret MI6 terrorist images. http://www.guardian.co.uk/politics/2008/sep/30/terrorism.ebay, 2008.
M. E. Johnson and Scott Dynes. Inadvertent disclosure - Information Leaks in the Extended Enterprise. In Proceedings of the Sixth Workshop on the Economics of Information Security. Carnegie Mellon University, 2007.
Rich Mogull. Understanding and Selecting a Data Loss Prevention Solution. Technicalreport, SANS Institute, 2007.
E. Quellet and P. Proctor. Magic Quadrant for Content Monitoring and Filtering and Data Loss Prevention. Technical report, Gartner RAS Core Research, 2008.
Der Spiegel. Diebe klauten 17 Millionen T-Mobile-Datensaetze. http://www.spiegel.de/wirtschaft/0,1518,581938,00.html, 200html, 200
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2011 Vieweg+Teubner Verlag | Springer Fachmedien Wiesbaden GmbH
About this chapter
Cite this chapter
Luft, M., Holz, T. (2011). A Small Leak will Sink a Great Ship: An Empirical Study of DLP Solutions. In: Pohlmann, N., Reimer, H., Schneider, W. (eds) ISSE 2010 Securing Electronic Business Processes. Vieweg+Teubner. https://doi.org/10.1007/978-3-8348-9788-6_34
Download citation
DOI: https://doi.org/10.1007/978-3-8348-9788-6_34
Publisher Name: Vieweg+Teubner
Print ISBN: 978-3-8348-1438-8
Online ISBN: 978-3-8348-9788-6
eBook Packages: EngineeringEngineering (R0)