Application-Screen Masking: A Hybrid Approach

Large organizations often face difficult tradeoffs in balancing the need to share information with the need to safeguard sensitive data. A prominent way to deal with this tradeoff is on-the-fly screen masking of sensitive data in applications. A proposed hybrid approach for masking Web application s...

Ausführliche Beschreibung

Gespeichert in:

Bibliographische Detailangaben
Veröffentlicht in:	IEEE software 2015-07, Vol.32 (4), p.40-45
Hauptverfasser:	Goldsteen, Abigail, Kveler, Ksenya, Domany, Tamar, Gokhman, Igor, Rozenberg, Boris, Farkash, Ariel
Format:	Artikel
Sprache:	eng
Schlagworte:	Big business Browsers Computer security Context modeling context-based rules Data integrity data masking Flexibility HTML Information sharing screen masking Security Software software development Software developmnet Software engineering Studies Tradeoff analysis Visualization Web applications Web apps Web privacy Web security Web services
Online-Zugang:	Volltext bestellen
Tags:	Tag hinzufügen Keine Tags, Fügen Sie den ersten Tag hinzu!

container_end_page	45
container_issue	4
container_start_page	40
container_title	IEEE software
container_volume	32
creator	Goldsteen, Abigail Kveler, Ksenya Domany, Tamar Gokhman, Igor Rozenberg, Boris Farkash, Ariel
description	Large organizations often face difficult tradeoffs in balancing the need to share information with the need to safeguard sensitive data. A prominent way to deal with this tradeoff is on-the-fly screen masking of sensitive data in applications. A proposed hybrid approach for masking Web application screens combines the advantages of the context available at the presentation layer with the flexibility and low overhead of masking at the network layer. This solution can identify sensitive information in the visual context of the application screen and then automatically generate the masking rules to enforce at run time. This approach supports the creation of highly expressive masking rules, while keeping rule authoring easy and intuitive, resulting in an easy to use, effective system. This article is part of a special issue on Security and Privacy on the Web. The Web extra at https://youtu.be/4u2FLqjaIiI is a short demonstration of a proposed hybrid approach for masking Web application screens that combines the advantages of the context available at the presentation layer with the flexibility and low overhead of masking at the network layer. The second Web extra at https://youtu.be/-Hz3P_H0UnU is a full-length demonstration of a proposed hybrid approach for masking Web application screens that combines the advantages of the context available at the presentation layer with the flexibility and low overhead of masking at the network layer.
doi_str_mv	10.1109/MS.2015.75
format	Article
fullrecord	<record><control><sourceid>proquest_RIE</sourceid><recordid>TN_cdi_ieee_primary_7106392</recordid><sourceformat>XML</sourceformat><sourcesystem>PC</sourcesystem><ieee_id>7106392</ieee_id><sourcerecordid>3738558251</sourcerecordid><originalsourceid>FETCH-LOGICAL-c279t-d4366bec2e85c2d99c39e57f01010b4143992607a8aa71ffc32ae2bf704386a83</originalsourceid><addsrcrecordid>eNo90L1PwzAQBXALgUQpLKwskdiQXO78EcdsVQUUqRFDYLYc14aUkgQ7Hfrfk6oI3XDLT-9Jj5BrhBki6PuymjFAOVPyhExQc0UFanFKJqAEUCWkPicXKW0AQCKHCaHzvt82zg5N19LKRe_brLTpq2k_HrJ5ttzXsVlnI4qddZ-X5CzYbfJXf39K3p8e3xZLunp9flnMV9QxpQe6FjzPa--YL6Rja60d116qADheLVBwrVkOyhbWKgzBcWY9q4MCwYvcFnxKbo-5Y-3PzqfBbLpdbMdKg7mWgEoKHNXdUbnYpRR9MH1svm3cGwRzmMOUlTnMYZQc8c0RN977f6gQcq4Z_wWUsFgr</addsrcrecordid><sourcetype>Aggregation Database</sourcetype><iscdi>true</iscdi><recordtype>article</recordtype><pqid>1695017541</pqid></control><display><type>article</type><title>Application-Screen Masking: A Hybrid Approach</title><source>IEEE Electronic Library (IEL)</source><creator>Goldsteen, Abigail ; Kveler, Ksenya ; Domany, Tamar ; Gokhman, Igor ; Rozenberg, Boris ; Farkash, Ariel</creator><creatorcontrib>Goldsteen, Abigail ; Kveler, Ksenya ; Domany, Tamar ; Gokhman, Igor ; Rozenberg, Boris ; Farkash, Ariel</creatorcontrib><description>Large organizations often face difficult tradeoffs in balancing the need to share information with the need to safeguard sensitive data. A prominent way to deal with this tradeoff is on-the-fly screen masking of sensitive data in applications. A proposed hybrid approach for masking Web application screens combines the advantages of the context available at the presentation layer with the flexibility and low overhead of masking at the network layer. This solution can identify sensitive information in the visual context of the application screen and then automatically generate the masking rules to enforce at run time. This approach supports the creation of highly expressive masking rules, while keeping rule authoring easy and intuitive, resulting in an easy to use, effective system. This article is part of a special issue on Security and Privacy on the Web. The Web extra at https://youtu.be/4u2FLqjaIiI is a short demonstration of a proposed hybrid approach for masking Web application screens that combines the advantages of the context available at the presentation layer with the flexibility and low overhead of masking at the network layer. The second Web extra at https://youtu.be/-Hz3P_H0UnU is a full-length demonstration of a proposed hybrid approach for masking Web application screens that combines the advantages of the context available at the presentation layer with the flexibility and low overhead of masking at the network layer.</description><identifier>ISSN: 0740-7459</identifier><identifier>EISSN: 1937-4194</identifier><identifier>DOI: 10.1109/MS.2015.75</identifier><identifier>CODEN: IESOEG</identifier><language>eng</language><publisher>Los Alamitos: IEEE</publisher><subject>Big business ; Browsers ; Computer security ; Context modeling ; context-based rules ; Data integrity ; data masking ; Flexibility ; HTML ; Information sharing ; screen masking ; Security ; Software ; software development ; Software developmnet ; Software engineering ; Studies ; Tradeoff analysis ; Visualization ; Web applications ; Web apps ; Web privacy ; Web security ; Web services</subject><ispartof>IEEE software, 2015-07, Vol.32 (4), p.40-45</ispartof><rights>Copyright IEEE Computer Society Jul-Aug 2015</rights><lds50>peer_reviewed</lds50><woscitedreferencessubscribed>false</woscitedreferencessubscribed><citedby>FETCH-LOGICAL-c279t-d4366bec2e85c2d99c39e57f01010b4143992607a8aa71ffc32ae2bf704386a83</citedby><cites>FETCH-LOGICAL-c279t-d4366bec2e85c2d99c39e57f01010b4143992607a8aa71ffc32ae2bf704386a83</cites></display><links><openurl>$$Topenurl_article</openurl><openurlfulltext>$$Topenurlfull_article</openurlfulltext><thumbnail>$$Tsyndetics_thumb_exl</thumbnail><linktohtml>$$Uhttps://ieeexplore.ieee.org/document/7106392$$EHTML$$P50$$Gieee$$H</linktohtml><link.rule.ids>314,776,780,792,27901,27902,54733</link.rule.ids><linktorsrc>$$Uhttps://ieeexplore.ieee.org/document/7106392$$EView_record_in_IEEE$$FView_record_in_$$GIEEE</linktorsrc></links><search><creatorcontrib>Goldsteen, Abigail</creatorcontrib><creatorcontrib>Kveler, Ksenya</creatorcontrib><creatorcontrib>Domany, Tamar</creatorcontrib><creatorcontrib>Gokhman, Igor</creatorcontrib><creatorcontrib>Rozenberg, Boris</creatorcontrib><creatorcontrib>Farkash, Ariel</creatorcontrib><title>Application-Screen Masking: A Hybrid Approach</title><title>IEEE software</title><addtitle>S-M</addtitle><description>Large organizations often face difficult tradeoffs in balancing the need to share information with the need to safeguard sensitive data. A prominent way to deal with this tradeoff is on-the-fly screen masking of sensitive data in applications. A proposed hybrid approach for masking Web application screens combines the advantages of the context available at the presentation layer with the flexibility and low overhead of masking at the network layer. This solution can identify sensitive information in the visual context of the application screen and then automatically generate the masking rules to enforce at run time. This approach supports the creation of highly expressive masking rules, while keeping rule authoring easy and intuitive, resulting in an easy to use, effective system. This article is part of a special issue on Security and Privacy on the Web. The Web extra at https://youtu.be/4u2FLqjaIiI is a short demonstration of a proposed hybrid approach for masking Web application screens that combines the advantages of the context available at the presentation layer with the flexibility and low overhead of masking at the network layer. The second Web extra at https://youtu.be/-Hz3P_H0UnU is a full-length demonstration of a proposed hybrid approach for masking Web application screens that combines the advantages of the context available at the presentation layer with the flexibility and low overhead of masking at the network layer.</description><subject>Big business</subject><subject>Browsers</subject><subject>Computer security</subject><subject>Context modeling</subject><subject>context-based rules</subject><subject>Data integrity</subject><subject>data masking</subject><subject>Flexibility</subject><subject>HTML</subject><subject>Information sharing</subject><subject>screen masking</subject><subject>Security</subject><subject>Software</subject><subject>software development</subject><subject>Software developmnet</subject><subject>Software engineering</subject><subject>Studies</subject><subject>Tradeoff analysis</subject><subject>Visualization</subject><subject>Web applications</subject><subject>Web apps</subject><subject>Web privacy</subject><subject>Web security</subject><subject>Web services</subject><issn>0740-7459</issn><issn>1937-4194</issn><fulltext>true</fulltext><rsrctype>article</rsrctype><creationdate>2015</creationdate><recordtype>article</recordtype><sourceid>RIE</sourceid><recordid>eNo90L1PwzAQBXALgUQpLKwskdiQXO78EcdsVQUUqRFDYLYc14aUkgQ7Hfrfk6oI3XDLT-9Jj5BrhBki6PuymjFAOVPyhExQc0UFanFKJqAEUCWkPicXKW0AQCKHCaHzvt82zg5N19LKRe_brLTpq2k_HrJ5ttzXsVlnI4qddZ-X5CzYbfJXf39K3p8e3xZLunp9flnMV9QxpQe6FjzPa--YL6Rja60d116qADheLVBwrVkOyhbWKgzBcWY9q4MCwYvcFnxKbo-5Y-3PzqfBbLpdbMdKg7mWgEoKHNXdUbnYpRR9MH1svm3cGwRzmMOUlTnMYZQc8c0RN977f6gQcq4Z_wWUsFgr</recordid><startdate>201507</startdate><enddate>201507</enddate><creator>Goldsteen, Abigail</creator><creator>Kveler, Ksenya</creator><creator>Domany, Tamar</creator><creator>Gokhman, Igor</creator><creator>Rozenberg, Boris</creator><creator>Farkash, Ariel</creator><general>IEEE</general><general>IEEE Computer Society</general><scope>97E</scope><scope>RIA</scope><scope>RIE</scope><scope>AAYXX</scope><scope>CITATION</scope><scope>JQ2</scope></search><sort><creationdate>201507</creationdate><title>Application-Screen Masking: A Hybrid Approach</title><author>Goldsteen, Abigail ; Kveler, Ksenya ; Domany, Tamar ; Gokhman, Igor ; Rozenberg, Boris ; Farkash, Ariel</author></sort><facets><frbrtype>5</frbrtype><frbrgroupid>cdi_FETCH-LOGICAL-c279t-d4366bec2e85c2d99c39e57f01010b4143992607a8aa71ffc32ae2bf704386a83</frbrgroupid><rsrctype>articles</rsrctype><prefilter>articles</prefilter><language>eng</language><creationdate>2015</creationdate><topic>Big business</topic><topic>Browsers</topic><topic>Computer security</topic><topic>Context modeling</topic><topic>context-based rules</topic><topic>Data integrity</topic><topic>data masking</topic><topic>Flexibility</topic><topic>HTML</topic><topic>Information sharing</topic><topic>screen masking</topic><topic>Security</topic><topic>Software</topic><topic>software development</topic><topic>Software developmnet</topic><topic>Software engineering</topic><topic>Studies</topic><topic>Tradeoff analysis</topic><topic>Visualization</topic><topic>Web applications</topic><topic>Web apps</topic><topic>Web privacy</topic><topic>Web security</topic><topic>Web services</topic><toplevel>peer_reviewed</toplevel><toplevel>online_resources</toplevel><creatorcontrib>Goldsteen, Abigail</creatorcontrib><creatorcontrib>Kveler, Ksenya</creatorcontrib><creatorcontrib>Domany, Tamar</creatorcontrib><creatorcontrib>Gokhman, Igor</creatorcontrib><creatorcontrib>Rozenberg, Boris</creatorcontrib><creatorcontrib>Farkash, Ariel</creatorcontrib><collection>IEEE All-Society Periodicals Package (ASPP) 2005-present</collection><collection>IEEE All-Society Periodicals Package (ASPP) 1998-Present</collection><collection>IEEE Electronic Library (IEL)</collection><collection>CrossRef</collection><collection>ProQuest Computer Science Collection</collection><jtitle>IEEE software</jtitle></facets><delivery><delcategory>Remote Search Resource</delcategory><fulltext>fulltext_linktorsrc</fulltext></delivery><addata><au>Goldsteen, Abigail</au><au>Kveler, Ksenya</au><au>Domany, Tamar</au><au>Gokhman, Igor</au><au>Rozenberg, Boris</au><au>Farkash, Ariel</au><format>journal</format><genre>article</genre><ristype>JOUR</ristype><atitle>Application-Screen Masking: A Hybrid Approach</atitle><jtitle>IEEE software</jtitle><stitle>S-M</stitle><date>2015-07</date><risdate>2015</risdate><volume>32</volume><issue>4</issue><spage>40</spage><epage>45</epage><pages>40-45</pages><issn>0740-7459</issn><eissn>1937-4194</eissn><coden>IESOEG</coden><abstract>Large organizations often face difficult tradeoffs in balancing the need to share information with the need to safeguard sensitive data. A prominent way to deal with this tradeoff is on-the-fly screen masking of sensitive data in applications. A proposed hybrid approach for masking Web application screens combines the advantages of the context available at the presentation layer with the flexibility and low overhead of masking at the network layer. This solution can identify sensitive information in the visual context of the application screen and then automatically generate the masking rules to enforce at run time. This approach supports the creation of highly expressive masking rules, while keeping rule authoring easy and intuitive, resulting in an easy to use, effective system. This article is part of a special issue on Security and Privacy on the Web. The Web extra at https://youtu.be/4u2FLqjaIiI is a short demonstration of a proposed hybrid approach for masking Web application screens that combines the advantages of the context available at the presentation layer with the flexibility and low overhead of masking at the network layer. The second Web extra at https://youtu.be/-Hz3P_H0UnU is a full-length demonstration of a proposed hybrid approach for masking Web application screens that combines the advantages of the context available at the presentation layer with the flexibility and low overhead of masking at the network layer.</abstract><cop>Los Alamitos</cop><pub>IEEE</pub><doi>10.1109/MS.2015.75</doi><tpages>6</tpages></addata></record>
fulltext	fulltext_linktorsrc
identifier	ISSN: 0740-7459
ispartof	IEEE software, 2015-07, Vol.32 (4), p.40-45
issn	0740-7459 1937-4194
language	eng
recordid	cdi_ieee_primary_7106392
source	IEEE Electronic Library (IEL)
subjects	Big business Browsers Computer security Context modeling context-based rules Data integrity data masking Flexibility HTML Information sharing screen masking Security Software software development Software developmnet Software engineering Studies Tradeoff analysis Visualization Web applications Web apps Web privacy Web security Web services
title	Application-Screen Masking: A Hybrid Approach
url	https://sfx.bib-bvb.de/sfx_tum?ctx_ver=Z39.88-2004&ctx_enc=info:ofi/enc:UTF-8&ctx_tim=2025-02-11T05%3A28%3A06IST&url_ver=Z39.88-2004&url_ctx_fmt=infofi/fmt:kev:mtx:ctx&rfr_id=info:sid/primo.exlibrisgroup.com:primo3-Article-proquest_RIE&rft_val_fmt=info:ofi/fmt:kev:mtx:journal&rft.genre=article&rft.atitle=Application-Screen%20Masking:%20A%20Hybrid%20Approach&rft.jtitle=IEEE%20software&rft.au=Goldsteen,%20Abigail&rft.date=2015-07&rft.volume=32&rft.issue=4&rft.spage=40&rft.epage=45&rft.pages=40-45&rft.issn=0740-7459&rft.eissn=1937-4194&rft.coden=IESOEG&rft_id=info:doi/10.1109/MS.2015.75&rft_dat=%3Cproquest_RIE%3E3738558251%3C/proquest_RIE%3E%3Curl%3E%3C/url%3E&disable_directlink=true&sfx.directlink=off&sfx.report_link=0&rft_id=info:oai/&rft_pqid=1695017541&rft_id=info:pmid/&rft_ieee_id=7106392&rfr_iscdi=true