Data-centric security

Authors:

  • Amund Gudmundson Hunstad
  • Lars Westerdahl

Publish date: 2019-12-12

Report number: FOI-R--4865--SE

Pages: 36

Written in: Swedish

Keywords:

  • Data-centric security
  • object based security
  • coalitions
  • interoperability
  • security domains

Abstract

Information security is a wide field of study. For information systems, information security efforts has in the practical sense mainly focused on protecting IT systems that store information and the protection of information when it is transported between these systems. This approach can today be seen as limiting because the need for quick access to information has increased, partly internally between one's own systems and partly between systems from different security domains. The need to control what information can be shared centrally and with whom, whether it be consumers of information within the organization's own operations or a partner in a coalition, has increased over the years. Data-centric security (DCS) is a concept that primarily focuses on what should be protected and not where the information is stored. Key principles for DCS are a Centralized control, Gapless Protection, Automation and Adaptability. In this report, the concept of DCS is described and related to development in fields such as Attribute-Based Access Control and Attribute-Based Encryption, as well as development projects and research from other nations. The goal of this report is to describe the degree of maturity for DCS solutions with the goal of supporting the Swedish Armed Forces' work with, for example, Federated Mission Networking (FMN).