OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

xacml message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: FW: XACML DLP Profile

Hi John,


I asked Mandy Pang, the PM for our Data Protection product, to review the draft of the DLP Profile and list additional use cases we often see with our customers.  Her use cases are below. 


In addition, a common use of DLP is in the identification/discovery of sensitive data based on content analysis.  We apply policy to this.  One is to have a PEP which is a content discovery process it scans document repositories and submit a query with the action DISCOVER then we have a PIP which can analyse the content of the file.  Then we have a resource attributes for a number of content rules (e.g. contains-pii, contains-pci).  The PIP can provide us a count for each rule (e.g. Contains-pii = 100).  Typical obligations of scan are tag, encrypt, mark, move or create incident.


On the IP side we use CIDR ranges for matching, instead of wildcards.  This is standard practice in firewalls.





From: Mandy Pang
Sent: Monday, October 14, 2013 1:25 PM
To: Andy Han; Sandeep Chopra
Cc: Keng Lim
Subject: RE: XACML DLP Profile


Other use cases are:

1.       Prevent sensitive data from being copied from sensitive document to non-sensitive document

2.       Prevent sensitive data from being printed to unauthorized printer

3.       Prevent sensitive data from being opened by unauthorized applications

4.       Prevent sensitive data from being transferred by to disallowed FTP sites



From: Andy Han
Sent: Tuesday, October 08, 2013 5:47 PM
To: Mandy Pang; Sandeep Chopra
Cc: Keng Lim
Subject: XACML DLP Profile


Hi Mandy, Sandeep:


Can you supply a list of use cases that we can contribute to this profile that Boeing is working on.





The information contained in this electronic message and any attachments to this message are intended for the exclusive use of the addressee(s) and may contain confidential or privileged information. No representation is made on its accuracy or completeness of the information contained in this electronic message. Certain assumptions may have been made in the preparation of this material as at this date, and are subject to change without notice. If you are not the intended recipient, you are hereby notified that any dissemination, distribution or copying of this e-mail and any attachment(s) is strictly prohibited. Please reply to the sender at NextLabs Inc and destroy all copies of this message and any attachments from your system. ======================================================================

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]