Abstract:  

In this paper, we describe an enhancement of the Automated Policy Enforcement eXchange framework (APEX) called eAPEX. eAPEX uses version-control information as the basis for a more incremental approach to scanning document text to determine if security policies are being followed. Where APEX requires a full or deep scan of the document each time an exposure operation is invoked, eAPEX usually requires only a scan of changed elements (deltas). A new scanning approach was designed and implemented. eAPEX works by combining version-aware document technology with a policy database that functions as a cache of security policy results.