摘要:
A method for protecting information in a distributed stream processing system, including: assigning a principal label to a processing component; assigning a first channel label to a first communication channel that is input to the processing component; comparing the principal label to the first channel label to determine if the processing component can read data attributes of the first channel label; and reading the data attributes of the first channel label when the principal label is equal to or has precedence over the first channel label, wherein the principal label includes a read label and a write label and at least one of a selection label, an addition label or a suppression label.
摘要:
A method for protecting information in a distributed stream processing system, including: assigning a principal label to a processing component; assigning a first channel label to a first communication channel that is input to the processing component; comparing the principal label to the first channel label to determine if the processing component can read data attributes of the first channel label; and reading the data attributes of the first channel label when the principal label is equal to or has precedence over the first channel label, wherein the principal label includes a read label and a write label and at least one of a selection label, an addition label or a suppression label.
摘要:
A method for protecting information in a distributed stream processing system, including: assigning a principal label to a processing component; assigning a first channel label to a first communication channel that is input to the processing component; comparing the principal label to the first channel label to determine if the processing component can read data attributes of the first channel label; and reading the data attributes of the first channel label when the principal label is equal to or has precedence over the first channel label, wherein the principal label includes a read label and a write label and at least one of a selection label, an addition label or a suppression label.
摘要:
A method for protecting information in a distributed stream processing system, including: assigning a principal label to a processing component; assigning a first channel label to a first communication channel that is input to the processing component; comparing the principal label to the first channel label to determine if the processing component can read data attributes of the first channel label; and reading the data attributes of the first channel label when the principal label is equal to or has precedence over the first channel label, wherein the principal label includes a read label and a write label and at least one of a selection label, an addition label or a suppression label.
摘要:
A method for security planning with hard security constraints includes: receiving security-related requirements of a network to be developed using system inputs and processing components; and generating the network according to the security-related requirements, wherein the network satisfies hard security constraints.
摘要:
A method for security planning with hard security constraints includes: receiving security-related requirements of a network to be developed using system inputs and processing components; and generating the network according to the security-related requirements, wherein the network satisfies hard security constraints.
摘要:
System and methods are provided for managing and mitigating privacy risks in a system having a network of processing elements. According to one method, there is receive a request for at least one output product from the system. The request includes a set of privacy parameters. At least one set of workflow generating strategies are created that results in the output product having a privacy risk value below a predefined threshold. At least one of the workflow generating strategies is deployed for automatically producing the at least one output product.
摘要:
System and methods are provided for managing and mitigating privacy risks in a system having a network of processing elements. According to one method, there is receive a request for at least one output product from the system. The request includes a set of privacy parameters. At least one set of workflow generating strategies are created that results in the output product having a privacy risk value below a predefined threshold. At least one of the workflow generating strategies is deployed for automatically producing the at least one output product.
摘要:
A method for security planning with soft security constraints, include: receiving security-related requirements of a workflow to be developed using system inputs and processing components; and generating at least one proposed workflow according to the security-related requirements, wherein the at least one proposed workflow satisfies soft constraints.
摘要:
A method for security planning with soft security constraints, include: receiving security-related requirements of a workflow to be developed using system inputs and processing components; and generating at least one proposed workflow according to the security-related requirements, wherein the at least one proposed workflow satisfies soft constraints.