Data Protection based on Searchable Encryption and Anonymization Techniques

  • Matheus M. Silveira UECE
  • Rafael L. Gomes UECE

Resumo


Data leakage compromises companies’ confidentiality and directly impacts the existing privacy laws, as well as it is necessary to perform a light integration with the legacy systems, in order not to harm the performance of its services. Within this context, this paper presents an innovative cloud system to protect the private data of existing databases (legacy systems of clients) based on Searchable Symmetric Encryption for Databases (SSE-DB) and Permutation and Proprieties Maintenance Anonymization (PPM-Anon), attaching a security solution to the existing databases (without any change in these legacy systems). Results from real experiments using a real cloud environment suggest that the proposed solution is suitable for protecting the data without harming the performance of the existing services.

Referências

Aleroud, A., Chen, Z., and Karabatis, G. (2016). Network trace anonymization using a prefix-preserving condensation-based technique (short paper). In OTM Confederated International Conferences On the Move to Meaningful Internet Systems, pages 934–942. Springer.

Aparajit, S., Shah, R., Chopdekar, R., and Patil, R. (2022). Data protection: The cloud security perspective. In 2022 3rd International Conference for Emerging Technology (INCET), pages 1–5.

Costa, W. L., Portela, A. L., and Gomes, R. L. (2021). Features-aware ddos detection in heterogeneous smart environments based on fog and cloud computing. International Journal of Communication Networks and Information Security, 13(3):491–498.

D, S. and Karibasappa, K. (2021). Enhancing data protection in cloud computing using key derivation based on cryptographic technique. In 2021 5th International Conference on Computing Methodologies and Communication (ICCMC), pages 291–299.

da Silva, G., Oliveira, D., Gomes, R. L., Bittencourt, L. F., and Madeira, E. R. M. (2020). Reliable network slices based on elastic network resource demand. In NOMS 2020 - 2020 IEEE/IFIP Network Operations and Management Symposium, pages 1–9.

Flinta, C., Yan, W., and Johnsson, A. (2020). Predicting round-trip time distributions in iot systems using histogram estimators. In NOMS 2020 2020 IEEE/IFIP Network Operations and Management Symposium, pages 1–9.

Gong, X., Chen, Y., Wang, Q., Wang, M., and Li, S. (2022). Private data inference attacks against cloud: Model, technologies, and research directions. IEEE Communications Magazine, 60(9):46–52.

Gupta, I., Singh, A. K., Lee, C.-N., and Buyya, R. (2022). Secure data storage and sharing techniques for data protection in cloud environments: A systematic review, analysis, and future directions. IEEE Access, 10:71247–71277.

Li, J., Huang, Y., Wei, Y., Lv, S., Liu, Z., Dong, C., and Lou, W. (2019a). Searchable symmetric encryption with forward search privacy. IEEE Transactions on Dependable and Secure Computing, 18(1):460–474.

Li, J., Niu, X., and Sun, J. S. (2019b). A practical searchable symmetric encryption scheme for smart grid data. In ICC 2019-2019 IEEE International Conference on Communications (ICC), pages 1–6. IEEE.

Mann, Z. , Kunz, F., Laufer, J., Bellendorf, J., Metzger, A., and Pohl, K. (2021). Radar: Data protection in cloud-based computer systems at run time. IEEE Access, 9:70816–70842.

Moreira, D. A., Marques, H. P., Costa, W. L., Celestino, J., Gomes, R. L., and Nogueira, M. (2021). Anomaly detection in smart environments using ai over fog and cloud computing. In 2021 IEEE 18th Annual Consumer Communications & Networking Conference (CCNC), pages 1–2. IEEE.

Portela, A. L., Menezes, R. A., Costa, W. L., Silveira, M. M., Bittecnourt, L. F., and Gomes, R. L. (2023). Detection of iot devices and network anomalies based on anonymized network traffic. In NOMS 2023-2023 IEEE/IFIP Network Operations and Management Symposium, pages 1–6.

Portela, A. L. C., Ribeiro, S. E. S. B., Menezes, R. A., de Araujo, T., and Gomes, R. L. (2024). T-for: An adaptable forecasting model for throughput performance. IEEE Transactions on Network and Service Management, pages 1–1.

Sengupta, S., Kim, H., and Rexford, J. (2022). Continuous in-network round-trip time monitoring. In Proceedings of the ACM SIGCOMM 2022 Conference, SIGCOMM ’22, page 473–485, New York, NY, USA. Association for Computing Machinery.

Silveira, M. M., Portela, A. L., Menezes, R. A., Souza, M. S., Silva, D. S., Mesquita, M. C., and Gomes, R. L. (2023a). Data protection based on searchable encryption and anonymization techniques. In NOMS 2023-2023 IEEE/IFIP Network Operations and Management Symposium, pages 1–5.

Silveira, M. M., Silva, D. S., Rodriguez, S. J. R., and Gomes, R. L. (2023b). Searchable symmetric encryption for private data protection in cloud environments. In Proceedings of the 11th Latin-American Symposium on Dependable Computing, LADC ’22, page 95–98, New York, NY, USA. Association for Computing Machinery.

Thabit, F., Alhomdy, S., and Jagtap, S. (2021). A new data security algorithm for the cloud computing based on genetics techniques and logical-mathematical functions. International Journal of Intelligent Networks, 2:18–33.

Wang, T., Yang, Q., Shen, X., Gadekallu, T. R., Wang, W., and Dev, K. (2022). A privacy-enhanced retrieval technology for the cloud-assisted internet of things. IEEE Transactions on Industrial Informatics, 18(7):4981–4989.

Yuan, S. and Wu, X. (2022). Trustworthy anomaly detection: A survey.
Publicado
21/07/2024
SILVEIRA, Matheus M.; GOMES, Rafael L.. Data Protection based on Searchable Encryption and Anonymization Techniques. In: CONCURSO DE TESES E DISSERTAÇÕES (CTD), 37. , 2024, Brasília/DF. Anais [...]. Porto Alegre: Sociedade Brasileira de Computação, 2024 . p. 158-167. ISSN 2763-8820. DOI: https://doi.org/10.5753/ctd.2024.2979.