The research area of Data Usage Control extends classic access control. The fundamental idea is to create comprehensive control possibilities that you can use to control your data in a fine-grained manner, even after you have granted others access to your data.
In modern company networks, sensitive data are stored, processed, and exchanged around the clock through distributed services, processes, and staff. Comprehensive security measures are necessary to protect your business data from undesirable usage and (possibly unintentional) dissemination. These measures must take into account both malicious external attacks and unintentional wrongful data usage by your own employees. The megatrend towards Cloud Computing entails additional complexity and leads to new information security challenges. Control over your data is particularly important here as the boundaries between domains, systems, and services are becoming increasingly blurred in the Cloud.
Staff mobility is growing in many business environments. It is hard to conceive of doing everyday business without using mobile devices. However, the use of smartphones and tablets in the business environment not only opens up improvement potential for business processes, but also brings along various potential risks. Permanent connectivity and mobility in combination with the often large amount of data stored on the devices carry the inherent risk of unauthorized disclosure of business-critical information. A flexible and context-sensitive security solution helps you protect your data comfortably and effectively on mobile devices.
Ensuring the security of your intellectual property or your private data goes far beyond simple access control. Even if access was granted, you may want to maintain control over the further usage and dissemination of your digital assets. To do this, data usage control extends the classic access control mechanisms so that the usage of the data can be controlled (control). The originator of the data must be able to know at all times what is happening with their data (transparency). Important issues for achieving these goals are analysis of and controlled intervention in data flows to allow control of the usage of your data depending on the usage situation. Individual data fields, for instance, must be either shown, hidden, or presented in an anonymized form depending on the data recipient or the usage situation. This allows providing and processing data in a user-specific or business-model-specific way.