International Journal of Computer Trends and Technology (IJCTT) – volume 7 number 3– Jan 2014
Data Flow for Effective Data Leakage Prevention using Elliptic Curve Digital Signature Algorithm Tony Thomas 1, V.Balajishanmugam 2 1
PG scholar, Computer Science and Engineering, United Institute of Technology, Tamil Nadu, India, 2Assistant Professor, Computer science and Engineering, United Institute of Technology, Tamil nadu, India
Abstract: Sensitive data is leaked in software firm, government sectors and also from the web. To prevent this leakage, data allocation strategies are used. Data allocation Strategy improves the probability of identifying leakages. The current model in leakage detection is handled by watermarking. Watermarks can be useful in some of the cases, but it again, modifies of the original data. If the recipient is malicious watermarks can be destroyed. After giving a set of data to agents, the distributor saw some of the same data in an unauthorized place. At this point the distributor came to know that the data is leaked and came from one or more agents. If the distributor got the enough evidence that an agent leaked data, he may initiate legal proceedings. The data allocation techniques are used to identify the leaking agent. The “guilt model” is used to find the probability of leaking agent. The ECDSA algorithm is used to prevent the data from untrusted party. The Algorithm used is Sample data request and explicit data request. By implementing guilt model and ECDSA techniques the distributor can identify the leaking agents and to whom the data leaks.
and the most important way the data was leaking from the organization is from email and from the web the protection of data is one of the most important task faced by any kind of business. We introduced data allocation for allocation data to agents and the ECDSA algorithm is used to prevent from untrusted party. The rest of this paper is organized as follows. Section II gives a brief background on related work. Section III describes the Digital signature algorithm. Section IV introduces our proposed work. Section V discusses the experiments and results. Finally, Section VI concludes the paper.
Index Terms: Data allocation, Data leakage, ECDSA, Leakage model, security. 1. INTRODUCTION Security is the most crucial part in the world. Many of the data are leaked and that data is found in the hands of untrusted party. The leakage of data is mainly affected by the organization. If the trusted party leaks the data and if the owner of the company have enough evidence he can take legal action. The data leaking areas are three possible ways they are Inside the organization Outside the organization and Third party location. Inside the organization data were leaked by the employees itself and the outside the organization the authorized person stolen the laptop. The third leaking areas is that from trusted party. The data can be stolen in many ways
2. BACKGROUND AND RELATED WORK Research in security has recently gained much attention due to the popularity of networks and the potential
ISSN: 2231-2803 Available online @ http://www.ijesat.org
http://www.ijcttjournal.org
Page160 160
International Journal of Computer Trends and Technology (IJCTT) – volume 7 number 3– Jan 2014 benefits that can be achieved. Data leakage detection tells clearly about the need for watermarking database relations to their piracy, it identifies the unique characteristics of relational data which tell us a new problem for watermarking. The relational data will provide the properties of water marking. A watermark can be applied to any relational database having attributes which are such that changes in a few of their values do not affect the applications [1]. The distributor will give data to agent order to improve the chances of detecting a guilty agent. The two types of requests were used one type is explicit data and other type is sample data request [2]. Message authentication protects two parties who exchange messages from any third party. A digital signature is an authentication mechanism that enables the creator of a message to attach a code that acts as a signature [3]. K-Anonymity algorithm is used data set so that the data will be hidden and third parties will not able to view the original data sets. K-anonymity provides simple and effective approaches to protect private information of individuals via only releasing k-anonymous views of a data set [4]. The fake object creation is used to allocate to agents and the fake data that we inject will look like real objects [5]. The provenances for database queries have been proposed and three main ideas of database provenance, some of their applications have to compare and contrast among them. Specifically, we review why the data provenance, how, and where the provenance, describe the relationships of these provenance, and describe some of their applications in confidence, maintenance , update and annotation propagation [6]. The guilty agents are that the trusted party who leaks the data to untrusted party. When the data is leaking by the trusted party the owner needs the evidence then only he can take the necessary action [7].
4. PROPOSED WORK
3. DIGITAL SIGNATURE ALGORITHM The ECDSA is the elliptic curve analog of the Digital signature algorithm. Digital signature schemes are the counterpart to handwritten signatures. A digital signature is the secret key only known by the owner and the message being signed. Without the access of signer’s private key the signature must be verifiable. Signatures should not be breakable under the chosen message attacks. Message authentication protects two parties who exchange messages from any untrusted party. However, message authentication does not protect the two parties against each other. In this situations the sender and receiver does not trust each other, a digital signature is an authentication when the message is sending a code is attached and that acts as a signature.
ISSN: 2231-2803 Available online @ http://www.ijesat.org
The distributor is distributing data to the agents by using data allocation techniques. The ECDSA algorithm is used to protect the data from the untrusted party. No other user can access the data only authorized user can access the data. The data cannot be misused by unauthorized party. While distributing the data to agents We also inject “realistic but fake” data records. The fake data will looks like real data. The distributor adds fake objects to the distributed data in order to improve his effectiveness in detecting guilty agents. When the distributor allocates data to the agent using allocation strategies and setting up that the agents only can exchange the data. For eg “A1” can send to A2 and A3 and “A2” can send to A1 and A3 and “A3” can send to A1 and A2. If one of the agents leaks the data distributor identifies the leaking agent.
http://www.ijcttjournal.org
Page161 161
International Journal of Computer Trends and Technology (IJCTT) – volume 7 number 3– Jan 2014
5. EXPERIMENTS AND RESULTS
REFERENCES
The distributor allocates data’s to the agents. While distributing the data the fake data is attached to the real data and send to agents, so that the distributor can identify the guilty agents. Our main goal is to identify the guilty agent who leaks the data. The agent signup is first created and then the data is transfer to the agent. The ECDSA algorithm is used to prevent from the untrusted party. No other user can access the data only authorized user can access the data. Here a user can have the accessibility authority after the registration. The agent guilt model is used identify the leaking agents. The Distributor ‘T’ has the data = t1,t2,t3 The Agent is = A1 and A2 The A1 and A2 has the data { t1 ,t2 } and { t1 ,t3 } The third party = S
[1]. Panagiotis Papadimitriou, Hector Garcia-Molina “Data Leakage Detection” IEEE transactions on knowledge and data engineering, volume. 23, no. 1, January 2011, page no 51-63.
T
{t1, t2, t3}
A1
{t1, t2}
A2
{t1, t3}
S
{t1, t3}
[2]. Sridhar Gade, Kiran Kumar Munde, Krishnaiah.R.V. “Data Allocation Strategies for Leakage Detection“ IOSR Journal of Computer Engineering (IOSRJCE) Volume 5, Issue 2,Sep-Oct 2012,page no 30-35. [3]. Sattar B. Sadkhan & Najlae Falah Hameed “Proposed Developments of Elliptic Curve Digital Signature Algorithm” World Academy of Science, Engineering and Technology 2010, page no 679-681. [4]. Ms.B.Kohila, Mrs.K.Sashi, “Data leakage detection using kanonymity algorithm“ International Journal of Computer Science and Management Research Volume.1, Issue 5,December 2012, page no 991-998. [5]. Sujana Dommala, SreeDevi “Leakage Detection Using Fake Objects” International Conference on Computer Science and Information Technology, June, 2012, page no 42-46.
The data t1,t3 is leaked and found that A2 is a guilty agent
6. CONCLUSION When transforming the data to the agents the senders apply ECDSA to secure them. The approaches used now in the data transformation are able to detect the data leakage in an efficient way. The data transformation is also helpful in finding the guilty agent who leaked the data. The originality and quality is mainly concentrated in data allocation techniques. The distributor must agree that working with agents is not trusted because agents can misuse the data, since certain data cannot admit watermarks. The ECDSA algorithm is used to prevent from untrusted party. The data allocation techniques are used to improve the distributor’s chances of identifying a leaker. By implementing guilt model and ECDSA techniques the distributor can identify the leaking agents and to whom the data leaks.
[6]. R. Agrawal and J. Kiernan, “ Watermarking Relational Databases,” Proc. 28th Int’l Conf. Very Large Data Bases (VLDB ’02), VLDB Endowment, pp. 155-166, 2002. [7].B.Kiran Kumar, M.Kiran Kumar “A study on implementations of guilt agent models & analysis” International Journal of Advanced Research and Innovations Vol.1, Issue .1, November 2012, page no 46-51.
Acknowledgements First I thank the almighty for His blessings on us to complete this paper successfully. I express my hearty thanks to my project guide, Department of Computer Science and Engineering for his encouragement and valuable guidance with keen interest towards the completion of this paper. Finally I convey my thanks to all those who support me to complete the paper.
ISSN: 2231-2803 Available online @ http://www.ijesat.org
http://www.ijcttjournal.org
Page162 162