The goal of this effort is to provide an application program for the review and release of Microsoft Office file formats within information domains comprised of multiple security and/or privacy levels. This initiative proposes to develop a prototype, robust file inspection application designed to expose data hidden in files created by Microsoft Office applications including Microsoft Word, PowerPoint, and Excel. As part of the ISSE Guard initiative, Dolphin Technology developed a simple Microsoft Office File inspection tool capable of identifying five different types of hidden information in Microsoft office files. Specifically: After preliminary analysis, we have identified at least thirteen other ways of hiding information in these files that need to be analyzed. In order to be commercially viable, we believe we must analyze, design, and, if feasible, prototype a standalone application that includes Application Programmer Interfaces (APIs) allowing it to be easily integrated with a wide range of other security devices including other Guards, firewalls, Multi Level Security (MLS) devices, and workflow management applications.
Benefits: 1. The anticipated benefits of the MOFIA technology will come in the form of an application program interface for the review and release of Microsoft Office file formats within information domains comprised of multiple security levels (military) and/or levels of privacy (commercial). 2. The commercial applications will encompass companies who release private data such as financial institutions, medical records, etc.
Keywords: microsoft office file inspection, boundary control