FINDING INADVERTENT RELEASE OF INFORMATION

ROHINI K. SRIHARI

University at Buffalo, Buffalo, New York

1 INTRODUCTION

Inadvertent release of information is an important aspect of homeland security. Traditional cybersecurity techniques can be used to safeguard unauthorized access to such information, that is, preventing unauthorized users from being able to even see such information. Intrusion detection is an example of such a cybersecurity technique. This article approaches the problem from a different perspective, namely the content of the information. That is, assuming that the information was accessed through proper means, could a reader be able to gain information that was not meant to be released? A typical example of such a scenario is cross-domain information sharing, where a document classified at a higher level may be inadvertently released to users not authorized to see it. To prevent such situations, techniques that examine the content of the document must be deployed as a backup measure to traditional cross-domain information dissemination security measures. More subtle but equally catastrophic cases of inadvertent information release can occur with publicly disseminated information such as web pages. It is often the case that a document collection, such as a set of web pages, reveals interesting information other than what is explicitly stated. The hidden information may be a consequence of multiple sources and authors working independently, which may pose issues with ...