See discussions, stats, and author profiles for this publication at: [Link]

net/publication/311838882

A Comprehensive Approach for Data Protection

Conference Paper · January 2016

DOI: 10.22161/ijaers/si.9

CITATIONS READS

0 172

2 authors, including:

Jaya Saxena
National Remote Sensing Centre
10 PUBLICATIONS 7 CITATIONS

SEE PROFILE

All content following this page was uploaded by Jaya Saxena on 16 August 2019.

The user has requested enhancement of the downloaded file.

 National Conference on Computer Security, Image Processing, Graphics, Mobility and Analytics (NCCSIGMA)
International Journal of Advanced Engineering Research and Science (IJAERS) Special Issue (NCCSIGMA-16)
[Link] ISSN: 2349-6495(P) | 2456-1908(O)

A Comprehensive Approach for Data Protection

Jaya Saxena1, V Subramanian2
1
PPEG, National Remote Sensing Center, Balanagar, Hyderabad, India
Email: jayasaxena@[Link],
2
PPEG, National Remote Sensing Center, Balanagar, Hyderabad, India
Email: subramanian_v@[Link]

Abstract— It has been predicted that analyzing Big Data understanding traffic patterns and using the insight to do
will become a key basis of competition, underpinning new better planning or provide incentives that can reduce
waves of productivity growth, innovation, and consumer traffic during peak hours. Many other examples can be
surplus. Since data is a critical component, it is essential given of how Big Data is being used to improve the
to ensure privacy and protect data no matter where it planet.
resides and how it is consumed. Organizations are now Since data is a critical component it is essential to ensure
defending for attacks occurred yesterday, however their privacy and protect data no matter where it resides and
adversaries look to exploit the vulnerabilities of how it is consumed. Different types of information have
tomorrow. Consequently, sophisticated intruders are different protection requirements; therefore, organizations
bypassing perimeter defenses to perpetrate dynamic must take a holistic approach to safeguard. Strategies,
attacks that are highly targeted and difficult to detect. In typically compliance-based and perimeter-oriented, have
this work we present a strategy focusing the few not kept pace with the sophisticated approaches intruders
important questions to the most critical data are evolving. Most organizations are now defending for
vulnerabilities. attacks occurred yesterday, however their adversaries
Keywords—Data protection, data access policy, look to exploit the vulnerabilities of tomorrow.
masking, threats and risks, security. Consequently, sophisticated intruders are bypassing
perimeter defenses to perpetrate dynamic attacks that are
I. INTRODUCTION highly targeted and difficult to detect, STUXNET[2] is a
Today, in the form of Big data, daily more than 2.5 good example. Many use well-researched phishing
quintillion bytes of data are created from digital pictures, exploits targeted groups. Similarly, the attack surface
videos, posts to social media sites, intelligent sensors, includes partners, suppliers, customers, and others, has
purchase transaction records, cell phone GPS signals to expanded with greater volume of data flows and through
name a few. There is a great interest both in commercial multiple channels. A study in 2012 conducted by
and in research communities around Big Data. It has been Symantec, calculated that global cybercrime cost USD114
predicted that analyzing Big Data will become a key basis billion annually and claimed more than one million
of competition, underpinning new waves of productivity- victims per day [3]. In an another study conducted by the
growth, innovation, and consumer surplus. Big data is not Ponemon Institute, the average organizational cost of a
just the size of an individual data set, but rather the data breach in 2011 was USD5.5 million [4], Target,
collection of data that is available to us online (e.g., Sony data breaches are few know examples.
government data, NGOs, local governments, journalists, Further, safeguarding all data at an equally high level is
etc). By putting these data together makes the big data a no longer practical as new attack vectors including cyber
value to the wider public. Data activists and engineers security threats (worms, trojans, rootkits, rogues and
world-wide easily discover data sets, merge them in a spyware) and security complexities resulting from
sensible fashion for a meaning full outcome. As an changing IT architectures challenge organizations to
example, helping people in crisis response situations has focus on data protection and requires more granularities.
huge potential when people have used Google Fusion In this work, we present a strategy focusing the following
Table to create maps with critical information for people few questions to the most critical data vulnerabilities:
after the Japan earthquake in 2011[1]. When it comes to 1) Where does the classified and sensitive data reside
natural resources, we are leveraging big data to optimize across the enterprise?
the placement of turbines in a wind farm so that we get 2) How access to the enterprise databases can be
the most power with the least environmental impact. We protected, monitored and audited?
can also look at man-made phenomena for example,

[Link] Page | 41
 National Conference on Computer Security, Image Processing, Graphics, Mobility and Analytics (NCCSIGMA)
International Journal of Advanced Engineering Research and Science (IJAERS) Special Issue (NCCSIGMA-16)
[Link] ISSN: 2349-6495(P) | 2456-1908(O)
3) How data can be controlled from both authorized and software to convert low-level access privileges to
unauthorized access? high-level access privileges.
4) How data in non-production environments can be • SQL injection. SQL injection attacks involve a user
protected, and still be usable for training, application who takes advantage of vulnerabilities in front-end
development and testing? web applications and stored procedures to send
5) What types of data encryption are appropriate for unauthorized database queries, often with elevated
data at rest and in transit? privileges. Using SQL injection, attackers could even
ORGANIZATION OF THE PAPER gain unrestricted access to an entire database.
The paper is organized as follows: Section II, contains • Denial of service. Denial of service (DoS) may be
Threats and Risks associated to the IT infrastructure. In invoked through many techniques. Common DoS
Section III we present our approach to data protection, techniques include buffer overflows, data corruption,
followed by concluding remarks in Section IV and and network flooding and resource consumption. The
references in the last Section. latter is unique to the database environment and
frequently overlooked.
II. THREATS AND RISKS • Exposure of backup data. Some recent high-profile
As per Wiki[7], in IT area a threat is a possible danger attacks have involved theft of database backup tapes
that might exploit a vulnerability to breach security and and hard disks which were not encrypted.
thus cause possible harm. A threat can be either According to one of the leading computer security body
"intentional" (i.e., intelligent; e.g., an individual hacker or the OWASP top 10 threats are:
a criminal organization) or "accidental" (e.g., the Threat #1: virus
possibility of a computer malfunctioning, or the Threat #2: spam
possibility of a natural disaster such as an earthquake, a Threat #3: spoofing, phishing
fire, or a tornado) or otherwise a circumstance, capability, Threat #4: spyware
action, or event. However, the nature of computer crime Threat #5: keystroke logging (keylogging)
has changed over the years as the technology has changed Threat #6: adware
and the opportunities for crime have increased by Threat #7: botnet
multiple folds. Although thrill-seeking adolescent hackers Threat #8: worm
are still common, the field is increasingly dominated by Threat #9: trojan horse
professionals who steal information for sale and Threat #10: denial-of-service attack (dos attack)
disgruntled employees who damage systems or steal These can impact performance by slowing down the
information for revenge or profit. Survey after survey has computer or completely block thus can create instability
shown that most damage is done by insiders, people with by an active conduit for download and installation. It may
authorized access to a computer network. Many insiders also compromise the privacy by release of confidential,
have the access and knowledge to compromise or shut protected, or sensitive information, release of browser-
down entire systems and networks [8]. tracking information, logged keystrokes, or other forms of
Insider threats data. Infections can allow programs to spread to other
A high percentage of data breaches actually emanate from computers, mobile devices, or network file shares. These
internal weaknesses. These breaches range from can lead to data loss, corruption, or other forms of
employees who may misuse payment card numbers and operational impairment to infected hosts. In additional to
other sensitive information to those who save confidential legal issues surrounding violations of privacy laws,
data on laptops that are subsequently stolen. Furthermore, owners of infected hosts might find themselves liable for
organizations are also accountable for protecting data no harm or loss caused by infected computer. Spam relay
matter where the data resides, be it with business partners, programs can be implemented, allowing the creator to
consultants, contractors, vendors or other third parties. hide the origin of spam messages. Trojan horse programs
Few common sources of risk include: can replace common applications on the host computer,
• Excessive privileges and privileged user abuse. When creating vulnerabilities and softening the host’s defenses.
users (or applications) are granted database privileges Trojan horse programs can also be used to coordinate
that exceed the requirements of their job function, mass network scanning or network attack efforts, making
these privileges may be used to gain access to it harder to detect the profiling scan or attack coming
confidential information. from tens of thousands of separate computers controlled
• Unauthorized privilege elevation. Attackers may take by the creator of the program.
advantage of vulnerabilities in database management

[Link] Page | 42
 National Conference on Computer Security, Image Processing, Graphics, Mobility and Analytics (NCCSIGMA)
International Journal of Advanced Engineering Research and Science (IJAERS) Special Issue (NCCSIGMA-16)
[Link] ISSN: 2349-6495(P) | 2456-1908(O)
III. OUR APPROACH FOR DATA The ability to understand which requirements are
PROTECTION applicable is particularly important because data security
Organizations may find it difficult to identify to protect is not a single process or single technology. Instead it is
sensitive data unless they know where it resides and how addressed through a defense in-depth approach using a
it is related across. Organizations need to define and variety of technologies and controls appropriate for
document all data assets and relationships, no matter what specific situations and a complex legal and threat
is the source. It is important exercise to classify data, landscape as no single best practice exists.
understand relationships and define service levels. The Organizations must understand the particulars of their
data discovery process analyzes data values and patterns unique use cases to enable better decision making, more
to identify the relationships that link disparate data cost effective investments and more successful
elements into logical units of information. Key issue is to technology implementations. This is especially
safeguard sensitive data, both structured and unstructured. challenging because of continuing uncertainty and
Structured data contained in databases must be protected constrained resources. Organizations also struggle to
from unauthorized access. Unstructured data in satisfy data security requirements as data is integrated and
documents and forms requires privacy policies to remove leveraged across a dynamic supply chain of information.
sensitive information while allowing required business The data gets created, accessed, used and retired. As data
data transaction. Data in nonproduction, development, moves through each phase, its value and the associated
training and quality-assurance environments needs to be risks change so security protection requirements need to
protected however, still usable during application be managed appropriately.
development, testing and training processes. Investment in data security controls should be evaluated
• Structured data: This data is based on a data model, within the context of the business goals, compliance
and is available in structured formats like databases mandates and risk levels. This requires a clear
or XML. understanding of how the data is used and what
• Unstructured data: This data is in forms or documents compliance mandates are important to that particular
which may be handwritten, typed or in file transaction as it can be different depending on what that
repositories, such as word processing documents, system does, who has access to it, what data is stored
email messages, pictures, digital audio, video, GPS there and how it is used in the end. Once sensitive data is
data and more. discovered, its vulnerability must be assessed. This
• Online data: This is data used daily to support the assessment may include several things from checking
business, including metadata, configuration data or admin-level access privileges to verifying the current
log files. configurations of databases are compliance with any
• Offline data: This is data in backup tapes or on known vulnerabilities.
storage devices. De-identifying data in non-production environments is
simply the process of systematically removing, masking
or transforming data elements that could be used to
identify an individual. Data de-identification enables
developers, testers and trainers to use realistic data and
produce valid results while protecting sensitive data. This
is especially important for organizations outsourcing
development or testing activities. Dynamic data masking
prevents unauthorized users from accessing structured
data in real time. Organizations can apply sophisticated,
flexible data masking rules based on business rules and
requirements. Dynamic data masking policies mask
sensitive information in transit after it is fetched from the
database and masked results are returned to the requesting
web application. Organizations with call centre setup of
operations typically use dynamic data masking to hide
customer information from call center employees. There
are many different types of encryption available.
Organizations should consider a file level encryption
approach because it provides a single, manageable and
Fig. 1. Data Classification

[Link] Page | 43
 National Conference on Computer Security, Image Processing, Graphics, Mobility and Analytics (NCCSIGMA)
International Journal of Advanced Engineering Research and Science (IJAERS) Special Issue (NCCSIGMA-16)
[Link] ISSN: 2349-6495(P) | 2456-1908(O)
scalable solution to encrypt enterprise data both structured and audit functions are also very useful. It can function as
and unstructured without sacrificing application a compensating control for privileged user by monitoring
performance or creating key management complexity. all administrator activity. Activity monitoring also
Data encryption is ideal for protecting online and offline improves security by detecting unusual access to
data. Unfortunately, it is not enough to understand database, data warehouse, file share and update activities
sensitive data and establish the right kinds of policies to from the application layer. Activity monitoring solutions
protect the data. Organizations also have to continuously should be able to detect malicious activity or
monitor data sources for suspicious behavior. inappropriate or unapproved privileged user access.
Organizations should not rely on manual auditing Data redaction can remove sensitive data from forms and
procedures to detect suspicious behaviors. This approach documents based on job role or business purpose.
prolongs audits and is resource intensive. Traditionally, protecting unstructured information in
In most IT environments, privileged users such as DBAs, forms, documents and graphics has been performed
developers and outsourced personnel can have unfettered manually by deleting electronic content and using a black
access to sensitive data, with little or no monitoring marking pen on paper to delete or hide sensitive
controls around their activities. These super users can information. But this manual process can introduce errors,
easily bypass application or network-level security control inadvertently omit information and leave behind hidden
points. In addition, detecting database changes is information within files that exposes sensitive data.
important from the perspective of placing controls around Today’s high volumes of electronic forms and documents
privileged users. These changes can be indicators that a make this manual process too burdensome for practical
database has been compromised. However, it is also purposes, and increase an organization’s risk of exposure.
important from an external security perspective. For example, physicians need to see sensitive information
Create fine-grained audit trails and reporting to prove and such as symptoms and medical data, whereas a billing
validate compliance, organizations must have a defined clerk needs the patient’s insurance data and billing
process for monitoring, recording and reporting database address. The challenge is to provide the appropriate
access and change activity on a periodic basis. A fine- protection, while meeting business needs and ensuring
grained audit trail identifies the “who, what, when, where, that data is managed on a “need-to-know” basis.
and how” of each transaction. Through continuous Despite data encryption is an old technology, and many
monitoring and reporting, detection of data access different approaches exist, encryption is explicitly
violations gives IT management and auditors the required by many regulations across globe. It is
necessary information to show that the proper controls are challenging for an organization to identify the best
in place and are being enforced. Audit trails provide encryption approach due to various prolific offerings. For
details and analysis of behaviors and patterns that may be encrypting structured data, consider a file-level approach.
deemed suspicious versus legitimate or routine. Any This will protect both structured data in the database
behavior that is not identified as routine and valid access management system (DBMS) and also unstructured files
to the database must be examined and analyzed further. such as DBMS log or configuration files, and is
Building a centralized audit and reporting environment transparent to the network, storage and applications.
enables: Explore for encryption offerings which provide a strong
• A secure centralized repository containing a fine- separation of duties, a unified policy and key management
grained audit trail of all database activities across the system to centralize and simplify data security
enterprise, as well as important file sharing activities. management.
• Customizable workflow automation to generate A security solution which addresses the entire database
compliance reports on a scheduled basis, distribute security and compliance life cycle back-end data store
them to oversight teams for electronic sign-offs, with workflow automation system should consist of
escalation and store the results of remediation vulnerabilities repository and configuration flaws list. It
activities in the repository. should ensure that configurations are locked down after
• Continuous monitoring and analyzing of data to recommended changes are implemented while providing
identify unauthorized or suspicious activities and 100% visibility and granularity into all data source
execute a response action ranging from blocking the transactions across all platforms and protocols with a
transaction in real time to generate an alert. secure, tamper-proof audit trail that supports separation of
Activity monitoring provides privileged and non- duties. Monitor and enforce policies for sensitive data
privileged user related information. Application access access, privileged user actions, change control,
monitoring that is independent of native database logging application user activities and security exceptions. Create

[Link] Page | 44
 National Conference on Computer Security, Image Processing, Graphics, Mobility and Analytics (NCCSIGMA)
International Journal of Advanced Engineering Research and Science (IJAERS) Special Issue (NCCSIGMA-16)
[Link] ISSN: 2349-6495(P) | 2456-1908(O)
a single, centralized audit repository for enterprise wide cost of security control implementation and vulnerability
compliance reporting, performance optimization, mitigation.
investigations and forensics. Further identification of shared security services and
Masking Solution reuse of security strategies while improving security
A comprehensive set of data masking techniques that can posture through proven methods and techniques will
support data privacy compliance part is required The facilitate for decision making through comprehensive risk
masking capabilities will ensure that masked data, like management in a timely manner. In this work we
names and street addresses, resembles the look and feel of attempted to answers few of the questions which provide
the original information. the foundation for a holistic approach to data protection
• Context-aware, prepackaged data masking routines and scales as organizations embrace the new era of
make it easy to de-identify elements such as payment computing. The answers also help organizations focus in
card numbers, street addresses and email addresses. on key areas they may be neglecting with current
• Persistent masking capabilities propagate masked approaches.
replacement values consistently across applications,
databases, operating systems and hardware platforms. REFERENCES
• Static or dynamic data masking supports both [1] "A Decade at Google", Alon Halevy, ACM
production and non-production environments. SIGMOD, September 20, 2015
The solution should consist of a single, manageable and [Link]
scalable solution to encrypt enterprise data without [2] "The Real Story of Stuxnet", David Kushner, IEEE
sacrificing application performance or creating key SPECTRUM. Feb 2013,
management complexity. it should consistent, transparent [Link]
encryption method across complex enterprises which can story-of-stuxnet
be auditable with almost no or minimal application, [3] “Norton Study Calculates Cost of Global
database or system changes while having secure and Cybercrime: $114 Billion Annually,” Sept. 7, 2011,
centralized key management across distributed [Link]/about/news/release/[Link]?pr
environments. The solution may be intelligent, easy-to- id=20110907_02
customize data security policies for strong, persistent data [4] “2011 Cost of Data Breach Study,” Ponemon
security with strong separation of duties. Institute LLC, March 2012,
After data has been located and locked down, [Link]/content/en/us/about/media/pdfs/
organizations must prove compliance, and monitor b-ponemon-2011-cost-of-data-breach-
systems on an ongoing basis. Monitoring of user [Link]?om_ext_cid=biz_socmed_twitter_facebo
activities, object creation, data repository configurations ok_marketwire_linkedin_2012Mar_worldwide__CO
and entitlements help IT professionals and auditors trace DB_US
users between applications and databases. These teams [5] "Target cyber breach hits 40 million payment cards at
can set fine-grained policies for appropriate behavior and holiday peak", By Jim Finkle and Dhanya
receive alerts if these policies are violated. Organizations Skariachan, Technology News,Dec 19, 2013 ,
need to quickly show compliance and empower auditors [Link]
to verify compliance status. Audit reporting and sign-offs idUSBRE9BH1GX20131219
help facilitate the compliance process while keeping costs [6] "PlayStation Network hackers access data of 77
low and minimizing technical and business disruptions. million users" Ben Quinn and Charles Arthur, The
Thus organizations should create continuous, fine-grained Guardian, 26 April 2011
audit trails of all database activities. [Link]
6/playstation-network-hackers-data
IV. CONCLUSION [7] [Link]
We may like to give our conclude remarks that in order to [8] "A Survey of Insider Attack Detection Research",
be most effective, information security must be integrated Malek Ben Salem, Shlomo Hershkop Salvatore J.
into the SDLC from system inception. Early integration of Stolfo
security in the SDLC enables agencies to maximize return [Link]
on investment in their security programs. It is observed ider_survey.pdf
that early identification and mitigation of security
vulnerabilities and misconfigurations, results in lower

[Link] Page | 45

View publication stats