23
Data Transfer
•Mediates data transfer between machines
–Drag / drop, Cut / paste, Shared folders
•Problems
–Red → Green : Malware entering
–Green → Red : Information leaking
•Possible policy
–Allowed transfers (configurable). Examples:
•No transfer of “.exe” from R to G
•Only transfer ASCII text from R to G
–Non-spoofable user intent; warning dialogs
–Auditing
•Synchronous virus checker; third party hooks, ...
Downloaded content through IE, Messenger, p2p, etc should be tagged with download source information – similar to IE zones.  As the content moves through the “airlock”, the tags should move as well.
Auditing – sync virus checker.  Mention the attachment execution services (AES) check