Survey
* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
Download Three dimensions of information protection and monitoring
Document related concepts
Transcript
Using Logic, Strategy, and DRM to Protect and Manage Content Matthew Bruce, Senior Solutions Consultant, Adobe UNCLASSIFIED Agenda Introduction Digital Rights Management: Authentication / Authorization / Auditing Why does DRM exist? …a brief history. How does DRM Work? Insider Threats / Hackers / Data Leakage and Spillage Snowden and Manning OPM Data Breach AshleyMadison.com Misuse of Sensitive Materials Applying DRM Conclusion UNCLASSIFIED Introduction: Matthew Bruce Solutions Consultant at Adobe Systems 20+ Years in DoD: Intelligence Community (NSA, DIA) DoD (Pentagon, DISA) Army.mil, BrainLine.org, IASE.Disa.mil SIGINT Analyst / CryptaAnalyst, US Army UNCLASSIFIED Why does DRM exist? …a brief history. Digital Millennium Copyright Act (DMCA) Music Industry Movie Industry Gaming Industry UNCLASSIFIED Digital Rights Management: Authentication / Authorization / Auditing Email Print Email Server Dedicated Networks ACL Media Storage Safes Websites CMS Shared Drive Mobile File System Data Repository Download UNCLASSIFIED Screen Capture Digital Rights Management: Authentication / Authorization / Auditing DRM: A set of technologies to protect and control content/data at rest and in motion. Document ID & Authenticated User DRM Solution / System Read Sign Validity Period Print Offline Accessibility Modify Copy Revoke UNCLASSIFIED Digital Rights Management: Authentication / Authorization / Auditing Prove you are who you say you are: PKI- CAC/PIV LDAP/Active Directory SSO SAML Kerberos User Name Password Invited User Anonymous Tie into Identity Manager UNCLASSIFIED Digital Rights Management: Authentication / Authorization / Auditing A DRM Server acts as a Policy Enforcement Point (PEP) and the Policy Decision Point (PDP) Can pull from other services to determine authorization: External Authorization Provider Active Directory Webservices Database Lookup A DRM server can act as the PEP and connect with an External Authorization Service Provider as the PDP UNCLASSIFIED • Dynamically controlled by server • One policy per document • Can use external authorization provider • Revocation: • Policy level • Document level Policy Uses: 1. Protection 2. Version Control 3. Tracking Only 4. Time-based Digital Rights Management: Authentication / Authorization / Auditing UNCLASSIFIED 3 As | Auditing: Correlation—Continuous Monitoring PLACES • Rooms & Buildings • IP address • Subnets • GeoIP THINGS PEOPLE • PKI • User ID • Employee # • LDAP/AD • Documents • Downloads • Emails • Portals • Devices Time User Event Place 07:00 1234 Tablet DC 08:00 1234 Turnstile DC 08:15 1234 Login DC 08:30 1234 Doc open OCONUS 08:31 1234 Doc print OCONUS #events=50 Distance=far Credential=low assurance NOUN (Notification Of Unusual Nuances) UNCLASSIFIED Insider Threats / Hackers / Data Leakage and Spillage Insider Threats: Snowden and Manning • Both had access to sensitive content • Both intentionally stole and distributed sensitive content • Both had clearances • Uncontrolled distribution of content is on-going… • Repercussions are on-going… UNCLASSIFIED Insider Threats / Hackers / Data Leakage and Spillage Hackers: OPM Data Breach • Content not protected or encrypted • Once content was stolen, no control over content • Uncontrolled distribution of content is on-going… • Repercussions are on-going… UNCLASSIFIED Insider Threats / Hackers / Data Leakage and Spillage Hackers: AshleyMadison.com • Content not protected or encrypted • Once content was stolen, no control over content • Uncontrolled distribution of content is on-going… • Repercussions are on-going… UNCLASSIFIED Insider Threats / Hackers / Data Leakage and Spillage General Misuse of Sensitive Content • Content Leakage not intentional • Misunderstood policy and common work-arounds • Content not protected or encrypted • Once content is stolen, no control over content • Uncontrolled distribution of content is on-going… • Repercussions are on-going… UNCLASSIFIED Insider Threats / Hackers / Data Leakage and Spillage Network / System Security Content / Data at rest and in motion Security UNCLASSIFIED Applying DRM: Evaluation Guide for Protection & Monitoring Recommended features to consider: Strong FIPS140 Suite B encryption (AES256) Cross-platform (Windows, Mac, iOS, Android) Multi-format (PDF, Office, CAD, custom) Ubiquitous Client Dynamic policy (change after publishing, including revocation) Continuous monitoring (advanced auditing) Automation ready (bulk automated encryption) Customization ready (client SDK, Server SPIs) Strong authentication sources (multi-domain LDAP, AD, SSO, PKI) Cloud-friendly (private and FedRAMP managed service) UNCLASSIFIED Conclusion Digital Rights Management: Authentication / Authorization / Auditing Insider Threats / Hackers / Data Leakage and Spillage Why does DRM exist? …a brief history. How does DRM Work? Snowden and Manning OPM Data Breach AshleyMadison.com Misuse of Sensitive Materials Applying DRM UNCLASSIFIED
