Muntaha Alawneh

Learn More
Dishonest employees, who have privileges to obtain corporate critical information and access internal resources, cause the problem of internal leakage. Employees, who have such privileges and know from where to obtain corporate sensitive information, are far more dangerous than outsiders. This paper proposes a mechanism for protecting information inside(More)
This paper is concerned about insiders and analyzing their threats in organizations. We start by deriving a novel definition of insiders, and identifying the criteria distinguishing insiders from potential insiders. The paper then discusses the main organization types, process workflow, and then derives their requirements. We analyze one of the major(More)
This paper proposes a novel mechanism for protecting sensitive information inside big organisations against unauthorised disclosure by insider or outsider adversaries. Protecting sensitive content from being disclosed to unauthorised parties is a major concern for big enterprises, such as government agencies, banks, clinics and corporations. This paper(More)
Digital Rights Management (DRM), unlike access control techniques, associates content with a rights object specifying content usage rules. The rights object is always bound with content and enforced wherever content is transferred and used. Such a rights object, in many cases, contains dynamic rights, which change with usage and time, e.g. play period,(More)
Clouds are composed of enormous resources and are associated with attractive properties, e.g. scalability and resilience. Such properties are the result of Clouds dynamic nature. Cloud dynamism is desirable property for different reasons such as resilience, resource consolidation, and maintenance windows. However, such dynamism exposes many security and(More)
In this paper we used Digital Rights Management (DRM) associated with Trusted Computing to enforce a contentspecific fine-grained access control policy defined by content owner. This policy is associated with content, and when content is copied its access control policy is copied and bound to the target copy. This paper presents a generic approach for(More)