skip to main content
10.1145/2034691.2034746acmconferencesArticle/Chapter ViewAbstractPublication PagesdocengConference Proceedingsconference-collections
tutorial

Secure document engineering

Published: 19 September 2011 Publication History

Abstract

With the boom in interactive and composite documents and the increased coupling between the on-line and physical worlds, the need for secure document engineering is greater than ever. Four important factors contribute to the need to re-engineer document lifecycles and the associated workflows. The first is the rapid increase in mobile access to documents. The second is the movement of documents from private directories, shared directories and intranets to the cloud. The third is the increased generation of - and expectation for - document content, context and use analytics. Finally, the proliferation of social website applications and services over the past half-decade have created for many a constant state of log-in. Each of these trends creates a significantly increased "attack surface" for individuals, organizations and governments interested in breaching the privacy and security of web users. Combined, these transformations create as big a change to content security as that of the browser in the 1990s. In this workshop, we consider the impact of these ongoing transformations in document creation and interaction, and consider what the best approaches will be to provide privacy and security in light of these transformations.

References

[1]
An Exabyte-a-Day: RayOnStorage Blog, Storage, Strategy & Systems, http://silvertonconsulting.com/blog/2009/10/02/an-exabyte-a-day/, last accessed 8 July 2011.
[2]
Sony Investigating Another Hack, http://www.bbc.co.uk/news/business-13636704, last accessed 7 July 2011.
[3]
Lockheed Martin hit by Security Breach, http://online.wsj.com/article/SB10001424052702303654804576350083016866022.html, last accessed 7 July 2011.
[4]
Top Secret Stealth Helicopter Program Revealed in Osama Bin Laden Raid: Experts, http://abcnews.go.com/Blotter/top-secret-stealth-helicopter-program-revealed-osama-bin/story?id=13530693, last accessed 7 July 2011.
[5]
H. Balinsky and S. J. Simske, Differential Access for Publicly-Posted Composite Documents with Multiple Workflow Participants, ACM DocEng 2010, pp. 115--124, 2010.
[6]
S. J. Simske and H. Balinsky, APEX: Automated Policy Enforcement eXchange, ACM DocEng 2010, pp. 139--142, 2010.
[7]
H. Balinsky, D. Perez, S. J. Simske, "System Call Interception Framework", the Fifteenth IEEE International EDOC Conference (EDOC 2011), Helsinki, Finland, August, 2011.
[8]
M. Mowbray The Fog over the Grimpen Mire: Cloud Computing and the Law, 2009, vol. 6, issue 1, pp.132--146. Available at http://www.law.ed.ac.uk/ahrc/script-ed/vol6-1/mowbray.pdf.
[9]
Dropbox, http://www.dropbox.com/privacy, last accessed 8 July 2011.
[10]
S. Pearson, Y. Shen, M. Mowbray A Privacy Manager for Cloud Computing, HPL Technical Report http://www.hpl.hp.com/techreports/2009/HPL-2009-156.pdf
[11]
Global Secure Systems, Sensitive document vault, http://www.gss.co.uk/products/index/Identity_and_Security/Cyber-Ark/Sensitive_Document_Vault/, last accessed 8 July 2011.
[12]
White Paper, Beyond the Wall: Security in a Post-Perimeter World, http://www.informationweek.com/whitepaper/Security/Attacks-Breaches/beyond-the-wall-security-in-a-post-perimeter-wor-wp1286372808028, last accessed 8 July 2011.
[13]
S.J. Simske, M. Sturgill, P. Everest, and G. Guillory, "A system for forensic analysis of large image sets," Proc. IEEE WIFS, pp. 16--20, 2009.
[14]
S.J. Simske, S.B. Pollard & G. Adams, An imaging system for simultaneous inspection, authentication and forensics, IEEE IST, pp. 266--269, 2010.

Cited By

View all
  • (2019)Enhanced Automated Policy Enforcement eXchange framework (eAPEX)Proceedings of the ACM Symposium on Document Engineering 201910.1145/3342558.3345408(1-4)Online publication date: 23-Sep-2019
  • (2015)Policy algebra for access control in enterprise document management systems2015 9th International Conference on Application of Information and Communication Technologies (AICT)10.1109/ICAICT.2015.7338551(225-228)Online publication date: Oct-2015
  • (2013)Access control requirements for structured document in cloud computingInternational Journal of Grid and Utility Computing10.1504/IJGUC.2013.0562444:2/3(95-102)Online publication date: 1-Sep-2013
  • Show More Cited By

Recommendations

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences
DocEng '11: Proceedings of the 11th ACM symposium on Document engineering
September 2011
296 pages
ISBN:9781450308632
DOI:10.1145/2034691
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

In-Cooperation

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 19 September 2011

Permissions

Request permissions for this article.

Check for updates

Author Tags

  1. access control
  2. identity based encryption
  3. publicly posted composite document
  4. security

Qualifiers

  • Tutorial

Conference

DocEng '11
Sponsor:
DocEng '11: ACM Symposium on Document Engineering
September 19 - 22, 2011
California, Mountain View, USA

Acceptance Rates

Overall Acceptance Rate 194 of 564 submissions, 34%

Contributors

Other Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

  • Downloads (Last 12 months)3
  • Downloads (Last 6 weeks)0
Reflects downloads up to 19 Feb 2025

Other Metrics

Citations

Cited By

View all
  • (2019)Enhanced Automated Policy Enforcement eXchange framework (eAPEX)Proceedings of the ACM Symposium on Document Engineering 201910.1145/3342558.3345408(1-4)Online publication date: 23-Sep-2019
  • (2015)Policy algebra for access control in enterprise document management systems2015 9th International Conference on Application of Information and Communication Technologies (AICT)10.1109/ICAICT.2015.7338551(225-228)Online publication date: Oct-2015
  • (2013)Access control requirements for structured document in cloud computingInternational Journal of Grid and Utility Computing10.1504/IJGUC.2013.0562444:2/3(95-102)Online publication date: 1-Sep-2013
  • (2013)A framework for usage-based document reengineeringProceedings of the 2013 ACM symposium on Document engineering10.1145/2494266.2494309(99-102)Online publication date: 10-Sep-2013
  • (2013)Structured Document Model and Its Secure Access Control in Cloud ComputingProceedings of the 2013 International Conference on Cloud Computing and Big Data10.1109/CLOUDCOM-ASIA.2013.101(592-596)Online publication date: 16-Dec-2013

View Options

Login options

View options

PDF

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

Figures

Tables

Media

Share

Share

Share this Publication link

Share on social media