Aplicação de Técnicas de Encriptação e Anonimização em Nuvem para Proteção de Dados
Resumo
A atual tendência de implantar serviços online pode expor os sistemas existentes a tentativas de invasão e vazamento de dados. Além disso, são necessárias soluções de segurança que não alterem os sistemas legados dos clientes. Dentro deste contexto, este artigo apresenta um sistema para proteger os dados sensíveis de bancos de dados existentes (sistemas legados de clientes) com base em duas técnicas, as quais adequamos à nossa solução: Busca em Criptografia simétrica para bancos de dados (SSE-DB) e (2) Permutação e manutenção de propriedades anonimização (PPM-Anon). O sistema proposto evita problemas de vazamento de dados e violação de privacidade, anexando uma solução de segurança aos bancos de dados existentes (sem nenhuma alteração nesses sistemas legados). Resultados de experimentos reais usando um ambiente de nuvem real sugerem que a solução proposta é adequada para proteger os dados sem prejudicar o desempenho dos serviços existentes.
Referências
Aparajit, S., Shah, R., Chopdekar, R., and Patil, R. (2022). Data protection: The cloud security perspective. In 2022 3rd International Conference for Emerging Technology (INCET), pages 1–5.
Costa, W. L., Portela, A. L., and Gomes, R. L. (2021). Features-aware ddos detection in heterogeneous smart environments based on fog and cloud computing. International Journal of Communication Networks and Information Security, 13(3):491–498.
D, S. and Karibasappa, K. (2021). Enhancing data protection in cloud computing using key derivation based on cryptographic technique. In 2021 5th International Conference on Computing Methodologies and Communication (ICCMC), pages 291–299.
Flinta, C., Yan, W., and Johnsson, A. (2020). Predicting round-trip time distributions in iot systems using histogram estimators. In NOMS 2020 - 2020 IEEE/IFIP Network Operations and Management Symposium, pages 1–9.
Gomes, R. L., Bittencourt, L. F., Madeira, E. R., Cerqueira, E., and Gerla, M. (2016). A combined energy-bandwidth approach to allocate resilient virtual software defined networks. Journal of Network and Computer Applications, 69:98–106.
Gomes, R. L., Bittencourt, L. F., and Madeira, E. R. M. (2020). Reliability-aware network slicing in elastic demand scenarios. IEEE Communications Magazine, 58(10):29–34.
Gong, X., Chen, Y., Wang, Q., Wang, M., and Li, S. (2022). Private data inference attacks against cloud: Model, technologies, and research directions. IEEE Communications Magazine, 60(9):46–52.
GUPTA, I. and SINGH, A. K. (2020). An integrated approach for data leaker detection in cloud environment. Journal of Information Science Engineering, 36(5):993 – 1005.
Gupta, I., Singh, A. K., Lee, C.-N., and Buyya, R. (2022). Secure data storage and sharing techniques for data protection in cloud environments: A systematic review, analysis, and future directions. IEEE Access, 10:71247–71277.
Huang, C., Chen, S., Zhang, Y., Zhou, W., Rodrigues, J. J. P. C., and de Albuquerque, V. H. C. (2022). A robust approach for privacy data protection: Iot security assurance using generative adversarial imitation learning. IEEE Internet of Things Journal, 9(18):17089–17097.
Kalugina, O., Barankova, I., and Mikhailova, U. (2020). Development of a tool for modeling security threats of an enterprise information system. In 2020 International Conference on Electrical, Communication, and Computer Engineering (ICECCE), pages 1–5.
Li, J., Huang, Y., Wei, Y., Lv, S., Liu, Z., Dong, C., and Lou, W. (2019a). Searchable symmetric encryption with forward search privacy. IEEE Transactions on Dependable and Secure Computing, 18(1):460–474.
Li, J., Niu, X., and Sun, J. S. (2019b). A practical searchable symmetric encryption scheme for smart grid data. In ICC 2019-2019 IEEE International Conference on Communications (ICC), pages 1–6. IEEE.
Mann, Z. , Kunz, F., Laufer, J., Bellendorf, J., Metzger, A., and Pohl, K. (2021). Radar: Data protection in cloud-based computer systems at run time. IEEE Access, 9:70816– 70842.
Mosca, E. E. P., Ribeiro, S., Urbano, A., Silva, D. S., and Gomes, R. L. (2023). Evaluation of security techniques in heterogeneous iot devices. LADC ’22, page 91–94, New York, NY, USA. Association for Computing Machinery.
Rafique, A., Van Landuyt, D., Heydari Beni, E., Lagaisse, B., and Joosen, W. (2021). Cryptdice: Distributed data protection system for secure cloud data storage and computation. Information Systems, 96:101671.
Sengupta, S., Kim, H., and Rexford, J. (2022). Continuous in-network round-trip time monitoring. In Proceedings of the ACM SIGCOMM 2022 Conference, SIGCOMM ’22, page 473–485, New York, NY, USA. Association for Computing Machinery.
Thabit, F., Alhomdy, S., and Jagtap, S. (2021). A new data security algorithm for the cloud computing based on genetics techniques and logical-mathematical functions. International Journal of Intelligent Networks, 2:18–33.
Wang, T., Yang, Q., Shen, X., Gadekallu, T. R., Wang, W., and Dev, K. (2022). A privacy-enhanced retrieval technology for the cloud-assisted internet of things. IEEE Transactions on Industrial Informatics, 18(7):4981–4989.
Yu, J., Moon, H., Chua, B.-L., and Han, H. (2022). Hotel data privacy: strategies to reduce customers’ emotional violations, privacy concerns, and switching intention. Journal of Travel & Tourism Marketing, 39(2):213–225.