International Research Journal of Engineering and Technology (IRJET)
e-ISSN: 2395-0056
Volume: 11 Issue: 11 | Nov 2024
p-ISSN: 2395-0072
www.irjet.net
Case Study on Data Leakage Prevention File System (DLPFS) Kshitij Rai, Aman Tripathi, Vijesh Chaudhari, Dr. Sujata Bhairnallykar 1Consultant at MindCraft Software Pvt. ltd, Mumbai, India
2Java Developer at Tata Consultancy Services Ltd, Thane, India 3Software Engineer at Code B solutions Pvt. ltd, Mumbai, India
4Head Of Department at Saraswati College of Engineering, Kharghar
---------------------------------------------------------------------***--------------------------------------------------------------------Abstract - Data Leakage Prevention (DLP) is a crucial costly and impractical, especially for large-scale data handling.
technique used by organizations to safeguard sensitive or confidential data. A core component of DLP is the deidentification of Personally Identifiable Information (PII) before sharing it with third parties or stakeholders. Techniques such as masking and replacement are employed to conceal or anonymize PII. Masking involves substituting specific elements, like names or addresses, with generic placeholders such as "<PERSON>" or "*". Replacement substitutes sensitive data with similar but fictitious values, for instance, replacing the name "Aman" with "Rishi". Beyond de-identification, DLP systems incorporate access control mechanisms for uploading and reviewing files, ensuring that only authorized personnel can access the data. Additionally, DLP systems encrypt stored data to prevent breaches, rendering the data inaccessible without the appropriate decryption key, even in the event of theft. As organizations increasingly need to share information with multiple parties, the adoption of DLP technology is essential for maintaining the privacy and security of sensitive information while enabling secure data sharing with relevant stakeholders. Keywords: De-identification, Extraction, Pseudonymization, anonymization
1.1 DLP File System The Data Leakage Prevention File System (DLPFS) introduces an innovative approach to secure data sharing across applications and systems. By leveraging advanced data type identification and de-identification technologies, DLPFS provides robust data protection. It integrates seamlessly into existing infrastructures by exposing a POSIX file system API, enabling applications to access protected data subtrees without significant modifications. DLPFS enables users to share data securely and maintain privacy across multiple systems without the need to generate custom copies of data for different applications. Additionally, it supports legacy applications by allowing them to operate on de-identified data in real-time, eliminating the need for modifications to the applications themselves.
Encryption,
While the original DLPFS was designed to secure data within POSIX-compliant file systems, its architecture is inherently tied to file-based operations, limiting its applicability in modern, web-based environments. In response to the growing need for privacy-preserving data handling in distributed and dynamic web systems, this project reimagines DLPFS as a web-based application, addressing the challenges of real-time data sharing over HTTP protocols.
1.INTRODUCTION Data breaches are frequently attributed to human error, such as misconfigurations or inadequate data governance, rather than external hacking attempts. Misconfigured applications and software bugs pose a constant risk to the confidentiality of sensitive information. Common examples of data leakage include log files that inadvertently store sensitive details like usernames and passwords, as well as stack traces or core dumps from crashed applications that expose private data.
The adapted system retains the core principles of DLPFS, such as sensitive data detection, de-identification, and robust access control, while extending its functionality to meet the demands of web-based workflows. By replacing the POSIX file system API with a scalable web architecture, this project integrates state-of-the-art data masking, redaction, and anonymization techniques into a middleware solution that operates seamlessly across distributed systems.
Traditional data protection strategies, such as access control and encryption, are often insufficient to address all potential data leakage scenarios. Data leakage can occur when data is shared among multiple users or systems, or when it must be accessible for purposes like auditing or debugging. The widely practiced approach of creating multiple versions of datasets for different purposes is
© 2024, IRJET
|
Impact Factor value: 8.315
1.2 Transitioning DLPFS to a Web-Based Application
|
ISO 9001:2008 Certified Journal
|
Page 501