DATA LEAKAGE DETECTION
Data leakage is defined as the accidental or unintentional distribution of private or sensitive data to an unauthorised entity .
Data leakage poses a serious issue for companies as the number of incidents and the cost to those experiencing them continue to increase.
Data leakage is enhanced by the fact that transmitted data including emails, instant messaging, website forms, and file transfers among others, are largely unregulated and unmonitored on their way to their destinations.
The main scope of this module is provide complete information about the data/content that is accessed by the users within the website.
Forms Authentication technique is used to provide security to the website in order to prevent the leakage of the data.
Continuous observation is made automatically and the information is send to the administrator so that he can identify whenever the data is leaked.
Above all the important aspect providing proof against the Guilty Objects. The following techniques are used.
Fake Object Generation.
Traditionally, leakage detection is handled by watermarking, e.g., a unique code is embedded in each distributed copy.
If that copy is later discovered in the hands of an unauthorised party, the leaker can be identified.
Disadvantages of Existing Systems
Watermarks can be very useful in some cases, but again, involve some modification of the original data. Furthermore, watermarks can sometimes be destroyed if the data recipient is malicious.
Similarly, a company may have partnerships with other companies that require sharing customer data. Another enterprise may outsource its data processing, so data must be given to various other companies. We call the owner of the data the distributor and the supposedly trusted third parties the agents.
The distributor may be able to add fake objects to the
distributed data in order to improve his effectiveness in detecting guilty agents.
Fake objects are objects generated by the distributor that are not in the original set.
The objects are designed which appear realistic, and are distributed among the agents along with the original objects.
Different fake objects may be added to the data sets of different agents in order to increase the chances of detecting agents that leak data.
The distributor can send data to these agents by inserting different fake objects into the data sets of different agents.Now, suppose the distributor discovers his sensitive data at an unauthorised party.
In this module, the original records fetched according to the agent’s request are combined with the fake records generated by the administrator.
The distributor is able to add fake objects in order to improve the effectiveness in detecting the guilty agent.
The Optimization Module is the distributor’s data allocation to agents has one constraint and one objective. The distributor’s constraint is to satisfy agents’ requests, by providing them with the number of objects they request or with all available objects that satisfy their conditions. His objective is to be able to detect an agent who leaks any Portion of his data.
A data distributor has given sensitive data to a set of Supposedly trusted agents (third parties). Some of the data is leaked and found in an unauthorised place (e.g., on the web or somebody’s laptop). The distributor must assess the likelihood that the leaked data came from one or more agents, as opposed to having been independently gathered by other means.
Administrator has to logon to the system.
Admin can add information about a new user.
Admin can add/view/delete/edit the user details.
Admin can create user groups and place users in it.
A user must login to use the services.
A user can send data sharing requests to other users.
A user can accept/reject data sharing requests from other users.
A user can trace the flow of its data i.e. can see what all users possess its data.
Data Loss Prevention (DLP)
Security measures to protect confidential and private datain-use in-motion at-rest
From both intentional and accidental loss of data
DLP SOLUTIONS –FOUR FOCUS AREAS
Portable/Removable media (USB)
• Compliance Regulations
Customer credit card information
DATA LOSS PREVENTION
To protect against confidential data theft and loss, a multi-layered security foundation is needed
Control/limit access to the data –firewalls, remote access controls, network access controls, physical security controls
Secure information from threats –protect perimeter and endpoints from malware, botnets, viruses, DoS, etc. with security technology
Control use of sensitive data once access is granted –policy-based content inspection, acceptable use, encryption
Build a secure foundation with a Self-Defending Network
Integrate DLP controls into security devices to protect data and increase visibility while decreasing the complexity and total cost of ownership of DLP deployments