25-07-2012, 03:36 PM
Exerting Modern Techniques for Data Leakage Problems Detect
Exerting Modern Techniques.pdf (Size: 158.19 KB / Downloads: 50)
Abstract
Sometimes sensitive data must be handed over to supposedly trust third parties. With the extensive application of database systems, the owners of the databases have urgent requirements to protect their copyright of databases. Some of the data is leaked and found in an unauthorized place the distributor must assess the likelihood that the leaked data came from one or more agents, as opposed to having been independently gathered by other means. Although watermarking techniques have been successfully utilized for copyright protection of multimedia data, yet the research of database water-marking technique is still facing a lot of challenges due to the differences between the relational database and multi- media data. This paper focus on detecting when the distributor’s sensitive data has been leaked by agents, and if possible to identify the agent that leaked the data. We present a model for calculating “guilt” probabilities in cases of data Leakage.We also present algorithms for distributing objects to agents, in a way that improves our chances of identifying a leaker. Finally, we also consider the option of adding “fake” objects to the distributed set.
INTRODUCTION
Sometimes data is leaked [1] and found in unauthorized Places Nowadays; more and more data are sold and transmitted on the intemet. Databases are being used widely in many important fields, such as, banking and so on. With the fast growth of database business on the net, the data may be unsafe after passing through the unsecure network. The data purchasers may hesitate to buy the data service for the following suspicion. First, the data receiver may suspect that the data are tampered with by unauthorized person. Second, they may suspect the data received are not produced and provided by the authorized suppliers. Third, the suppliers and purchasers actually with different interest should have different roles of rights in the database management or using. So how to protect and verifY the data becomes very important here.
RELATED WORK
The guilt detection [2] approach we present is related to the data provenance problem: tracing the lineage of an S object implies essentially the detection of the guilty agents. It provides a good overview on the research conducted in this field. Suggested solutions are domain specific, such as lineage tracing for data Warehouses, and assume some prior knowledge on the way a data view is created out of data sources. Our problem formulation with objects and sets is more general and simplifies lineage tracing, since we do not consider any data transformation from Ri sets to S.As far as the data allocation strategies are concerned, our work is mostly relevant to watermarking that is used as a means of establishing original ownership of distributed objects. Watermarks were initially used in images, video and audio data whose digital representation includes considerable redundancy.
EXISTING SYSTEM
Leakage detection is handled by watermarking [3], e.g., a unique code is embedded in each distributed copy. If that copy is later discovered in the hands of an unauthorized party, the leaker can be identified. Watermarks were initially used in images, video and audio data whose digital representation includes considerable redundancy. Watermarking aims to identify a data owner and, hence, is subject to attacks where a pirate claims ownership of the data or weakens a merchant’s claims.
PROPOSED SYSTEM
The distributor’s data allocation to agents has one Constraint and one objective. The distributor’s constraint is to satisfy agents’ requests, by providing them with the number of objects they request or with all available objects that satisfy their conditions. His objective is to be able to detect an agent who leaks any portion of his data. The constraint is considered as strict. The distributor may not deny serving an agent request and may not provide agents with different perturbed versions of the same objects. For this fake object distribution is the only possible constraint relaxation. The detection objective is ideal and tractable. The main objective to maximize the chances of detecting a guilty agent that leaks all his data objects.In this paper we develope a model for assessing the “guilt” of agents is developed.
SYSTEM ANALYSIS AND IMPLEMENTATION
The distributor maintains the entire database [7]. The distributor registers the details of all agents. All Entities must select "New” when they enter and register for first time. The new register will enter details. The distributor validates the request and if he finds the agent is guilty, he adds fake objects. Choose "Add/Update" to make changes to an existing registration entered using the new Registration process or to add "tagging" information. Use "View" to query the contents of the registration database or download the database to local computer. It will be asked to login a logon username and password to validate login process. And it verifies the username and password with database. Once verified, it allows continuing the requesting process. The objects are serialized to prevent the data leakage. Only the valid user can unserialize the objects. In the implementation of the system we maintain Database maintenance of the following Agent maintenance.
DETECTING GUILT AGENT
Suppose that after giving objects to agents, the distributor discovers that a set S has leaked. This means that some third party called the target has been caught in possession of S. For example, this target may be displaying S on its web site, or perhaps as part of a legal discovery process, the target turned over S to the distributor. Since the agents U1…..Un have some of the data, it is reasonable to suspect them leaking the data. However, the agents can argue that they are innocent, and that the S data was obtained by the target through other means. For example, say one of the objects in S represents a customer X. Perhaps X is also a customer of some other company, and that company provided the data to the target. Or perhaps X can be reconstructed from various publicly available sources on the web. The goal is to estimate the likelihood that the leaked data came from the agents as opposed to other sources. Intuitively, the more data in S, the harder it is for the agents to argue they did not leak anything. Similarly, the “rarer” the objects, the harder it is to argue that the target obtained them through other means.
CONCLUSION AND ENHANCEMENT
The data distribution strategies improve the distributor’s chances of identifying a leaker. It has been shown that distributing objects judiciously can make a significant difference in identifying guilty agents, especially in cases where there is large overlap in the data that agents must receive. In some cases “realistic but fake” data records are injected to improve the chances of detecting leakage and identifying the guilty party. In future the extension of our allocation strategies can handle agent requests in an online fashion (the presented strategies assume that there is a fixed set of agents with requests known in advance) can be implemented.