International Research Journal of Engineering and Technology (IRJET)
e-ISSN: 2395 -0056
Volume: 04 Issue: 05 | May -2017
p-ISSN: 2395-0072
www.irjet.net
A Review on Tracing Data Provenance in Malicious Environments Neha Belekar, R. P. Dahake 1,2Dept.
of Computer Engineering, MET’s Institute Of Engineering Nasik, Maharashtra, India
--------------------------------------------------------------------***---------------------------------------------------------------------
Abstract - In today’s era, information leakage is one of the
most serious threats to companies. A data owner sends secret or confidential information to a group of trusted agents. Some of the information is lost and found in an inappropriate place. Thus data is leaked. Data leakage means data distributed by the data owner is leaked by one or more agents. This causes a huge harm to the business. The distributor must assess whether data is leaked from one or more agents. To improve the probability of identifying leakages data allocation strategies (across the agents) are used. A data lineage framework is used for identifying a guilty entity. The digital watermarking is a technique in which vital information is kept hidden in the original data for protecting unauthorized duplication and distribution of data. An accountable data transfer protocol is built using oblivious transfer, robust watermarking, and signature primitives. In some occasions fake data records are injected in order to improve detecting data loss and identifying the guilty entity. The data sent by the data owner must be protected, secret and it must not be regenerated. The framework of data lineage is considered for transmission of data and is a key step towards achieving accountability. Key Words: Information leakage, data provenance, accountability, watermarking, distributor, agent
1. INTRODUCTION In the course of technology and doing business, at many occasions sensitive important data is handed over to trusted third parties. For example, an organization may have associations with other organizations that share customer data. Another business enterprise may outsource its work to other companies where they require to send data to an external company. The owner of the data is called as the data owner or distributor and the third parties are called as the agents or data consumer. The aim is to detect leakage of sensitive data and identification of the guilty agent. In a very short time, large volumes of digital sensitive data can be copied by the attacker and can be spread across the internet. Currently there is no accountability method, the risk of getting caught for data provenance is very low. Nowadays, due to these reasons, the problem of data leakage has reached a new height.
and social networking. In today’s environment, individuals usually expose their personal data to various service providers, in return for some services which are free of cost. In the nonappearance of right regulations and accountability methods, many of these online applications share entities identifying information with couple of advertising and online tracking companies. Even with access control methods, where there is restricted access to confidential data, a malicious attacker can publish confidential data as soon as he receives. Information security mechanisms like encryption offer protection as long as the information is encrypted, but once the consumer decrypts a message, nobody can prevent the disclosure of decrypted content. Thus it seems impractical to avoid data leakage fanatically. Data provenance is the enormous threat in front of the companies and various different enterprises. Though there are number of different encryption mechanisms designed for securing information, there is a challenging problem of the integrity of the users of the systems. In order to offer security against data loss threat technologies like machine learning content/context based detectors, encryption, access control, firewalls and identity management have already been incorporated. The information distributed is considered as sensitive data when it consists of information about the client, budget, code and any design specification. The agents who get their hands on the sensitive data are also known as cyber criminals. Data leakage is done for their own profits which results in loss of the company. To overcome this problem, a general method of data transmission is used. This mechanism is referred as accountability. This accountability method can be directly correlated with detection of data transfer history across multiple nodes right from its origin. The distributor sends the data to the agent using strategies that increase the possibility of finding the agent by adding fake data to the information distributed. If any person receiving the data leaks the data then the distributor will find the agent by the help of number of fake objects released out and the distributor waits until he gets enough evidence and finally conform the agent and closes the business with him or takes any legal action on the agent.
It is a concern for not only organizations, but individuals are also affected by data provenance. The situation get worse because of the advent in the technology of mobile phones © 2017, IRJET
|
Impact Factor value: 5.181
|
ISO 9001:2008 Certified Journal
|
Page 1290