The adoption of Web 2.0 tools and technologies has enabled new information sharing workflows that are mandated by a need-to-share in government and commercial environments. These workflows introduce new sources of potential information leaks, while the need for securing sensitive information remains critical as ever. Emerging net-centric tools, together with advanced automated cognitive techniques for content analysis and review, can provide users with multi-level security access (read/write) to content strictly in accordance with their level of authorization as governed by organizational policies. An emerging concern with usage of such tools is the security risk of leakage through information aggregation. Allowing lower-level users to discover information in higher-level security domains may provide both existential knowledge and inadvertent leakage through aggregation with other available content that by itself is safe for release. Enkia, a developer of advanced cognitive technologies and tools for monitoring and filtering unstructured text has prototyped SecureBlog as a multi-level content access platform with automated security guards, that supports browse-down and browse-up capabilities. In the proposed Phase I investigation Enkia will develop extensions to SecureBlog that demonstrate the capability of guarding against inadvertent leaks due to aggregation. Subsequently Enkia will extend the developed techniques to browsing multiple web sources.
Benefit: Information aggregation analysis has two anticipated commercial thrusts. The primary thrust is towards content monitoring and filtering solutions geared towards information security. The secondary commercial thrust is in applications of knowledge discovery. Examples: correlating separate criminal incidents in law enforcement, chatter monitoring and pattern detection for anti-terrorism applications, locating related case histories in medical or legal fields.
Keywords: Multi-Level Security Access, Net-Centric Access, Information Aggregation, Browse-Up, Browse-Down, Information Security Guard, Web 2.0, Blog
