Sensitive Data Identification and Security Assurance in Cloud and IoT based Networks

Full Text (PDF, 552KB), PP.11-27

Views: 0 Downloads: 0


Soumya Ray 1 Kamta Nath Mishra 1,* Sandip Dutta 1

1. Dept. of CSE, B.I.T. Mesra, India

* Corresponding author.


Received: 21 Jun. 2021 / Revised: 15 Dec. 2021 / Accepted: 8 May 2022 / Published: 8 Oct. 2022

Index Terms

Moving Sensitive Data, Distributed Computing, Cloud-IoT Technology, Quasi technique, Static Sensitive Data, Security Surveillance


Sensitive data identification is a vital strategy in any distributed system. However, in the case of non-appropriate utilization of the system, sensitive data security can be at risk. Therefore, sensitive data identification and its security validation are mandatory. The paper primarily focuses on novel sensitive data recognition methodologies. Further, the sensitivity score of the attributes distinguishes non-sensitive attributes, and domain expert plays an important role in this process. The designing of the security assurance Algo and their corresponding decision tables make the system more robust and reliable. The result section is validated with the help of graphical representation, which clearly makes the authenticity of the research work. In summary, the authors may say that the sensitive data identification and security assurance of the proposed system is automated and work optimally in a cloud-based system.

Cite This Paper

Soumya Ray, Kamta Nath Mishra, Sandip Dutta, "Sensitive Data Identification and Security Assurance in Cloud and IoT based Networks", International Journal of Computer Network and Information Security(IJCNIS), Vol.14, No.5, pp.11-27, 2022. DOI:10.5815/ijcnis.2022.05.02


[1]Rajendra P., Harsha D., Chirag M.,“Designing an efficient security framework for detecting intrusions in a virtual net of cloud computing", Computers & Security, Volume 85, pp. 402-422, August 2019
[2]Ado Adamou Abba , Olgaengni N., Chafiq T., Ousmane T., Alidou M., Abdelhak M.G., “Enabl priva and secu in Cloud of Things: Archit, apps, security & priv challeng”, Appl Comp & Info, pp. 1-23, 2019.
[3]Ahmed Kayed, Suha Omar,”Periodical Key change for cloud mutable security protocol," Microprocessor and Microsystems, Vol.69, pp. 152-158, 2019
[4]Reyhaneh Rabaninejadet al.,”Comments on a lightweight cloud auditing scheme: Security analysis and improvement," Journal of Net and Comp Apps, Vol.139, pp.49-56, (2019)
[5]Poornima M. C., Mahabaleshwar S. K., "Security and Privacy in IoT: A Survey," Wireless Personal Communications, Vol. 115, pp. 1668-1693, 2020.
[6]Jin L. et al., "Security and privacy in IoT communication," Annals of Telecommunications, Vol.74, pp. 373-374 (Editorial),
[7]Yuqing M., "A Data Security Storage Method for IoT Under Hadoop Cloud Computing Platform," Int. J. of Wireless Info Nets, Vol.26, pp.152-157, 2019.
[8]Pankaj K., Lokesh C., "A sec authentic scheme for IoT app in the smart home", Peer-to-peer Net & Apps., Volume 14, pp. 420-438, 2021.
[9]Sutrala, A.K et al., “Secure anonymity-preserving password-based user authentication and session key agreement scheme for telecare medicine information systems," Comput. Methods Programs Biomed. 135, 167–185, 2016.
[10]A. Dorri, S. Kanhere, R. Jurdak, "Blockchain for IoT security and privacy: The case study of a smart home," IEEE Int. Conf on Perv Comp and Comm Wkshop, pp. 1-6, 2017.
[11]Casas-R. Et al., "A summary of k-degree anonymous methods for privacy-preserving on networks," Adv Res in Data Priv, 567, pp231-250, 2015.
[12]Amiri F. Et al., "Hierarchical anonymization Algo against background knowledge attack in data releasing," Knowl-bsd Sys, Volume.101, pp. 71-89, 2016.
[13]Nayahi J.J.V., Kavitha V. "Privacy and utility preserving data clustering for data anonymization and distribution on Hadoop", Fut Gen Comp Sys, Int J. of Sc., Volume.74, pp393-408, 2017.
[14]Sarkar, M. et al., “Configuring a trusted cloud service model for smart city exploration using hybrid intelligence," Int. J. of Amb Comp and Intell., Vol. 8, No. 3, 1-21, 2019.
[15]Palanisamy B., Liu L., "Privacy-preserving Data Publishing in the Cloud: A Multi-level Utility Controlled Approach," Proc. of 8th Int Conf on Cloud Comp., pp. 130-137, 2015.
[16]Wang J. et al., "RPRep: A Robust andPrivacy-Preserving Reputation Management Scheme for pseudonym-Enabled VANETs," Int. J. of Distr. Sens Net., Volume12, No. 3, pp. 1-15, 2016.
[17]Terrovitis M. et al., “Local Suppression and Splitting Techniques for Privacy-Preserving Publication of Trajectories," IEEE Transactions on Knowledge and data Engineering, Vol. 29, No. 7, pp. 1466-1479, 2017.
[18]Hossain M.M. et al., "Towards an analysis of security issues, challenges, and open problems in the internet of things", IEEE World Cong., pp. 21–28, 2015.
[19]Dey, N. et al., (Eds.) “Internet of things and big data analytics toward next-generation intelligence," pp. 3-549, 2018.
[20]Mohan A., "Cyber security for personal medical devices internet of things,", Distri. Comp. in Sens Sys., Int Conf. of IEEE, pp. 372–374, 2014.
[21]Yoon S. Et al., “Security issues on smart-home in IoT environment," in Computer Science and its Applications. Springer, pp. 691–696, 2015.
[22]Abdur M.R. et al., "Digital image security: Fusion of encryption, steganography and watermarking", Int. J. of Adv. Comp. Sc. & Apps, Volume 8, No. 5, 2017.
[23]Jain, al., “Big data privacy: a technological perspective and review”, J. of Big Data, Volume 3, (2016).
[24]Meng, D. “Data security in cloud computing”, Int Conf on Comp Sc & Educat, pp. 810–813, 2013.
[25]Shaikh, R., and Sasikumar, M. “Data classification for achieving security in cloud computing," Proc. Comp. Scien., Volume. 45, 493–498, 2015.
[26]Shuijing, H. “Data security: the challenges of cloud computing,", Int Conf on Measur Tech and Mech. Automat, pp. 203–206. 2014.
[27]Singh, V.K. and Singh, T. “Present data security issues and their resolving technique in cloud computing," International journal of Science & Technology., Volume. 1, pp. 1–6 (2016)
[28]Chen, D and Zhao, H. “Data security and privacy protection issues in cloud computing," In Int. Conf. on Computer Science and Electronics Engineering, pp. 647–651, 2012.
[29]Cao N et al., “Privacy-preserving multi-keyword ranked search over encrypted cloud data," IEEE Transactions on Parallel and Distributed Systems, Volume 25, No. 1, pp. 222–233, 2014.
[30]Lauter K et al., "Private computation on encrypted genomic data," Technical Reports. MSR-TR-2014-93, June 2014.
[31]Gholami A. and Laure E., “Advanced cloud privacy threat Modelling," International Conference on Software Engineering and Applications, pp. 1-11, 2015.
[32]A. Gholami et al., "Privacy-preservation for publishing sample availability data with personal identifiers," Journal of Medical and Bioengineering, Volume 4, pp. 117–125, April 2014.
[33]Tari Z, et al., “Secur and priv in cloud comp: Vision, trends, and challngs”, Cloud Comp., 2(2), pp. 30-38, 2015.
[34]Singh A., Chatterjee K., “Cloud security issues and challenges: A survey”, J of Net and Comp Apps., Volume. 79, pp. 88-115, 2017.
[35]Leng C, Yu H, Wang J, Huang J., “Securing personal health records in the cloud by enforcing sticky policies," Indonesian J. of Elect Engg and Comp Sc., Volume 11, No. 4, pp. 2200-2208, 2013.
[36]Zhou L. et al., "Integrat trust with cryptograph role-based acces contrl for sec cloud data storge," in Trust, Sec. and Priv in Comp and Comm., 12th Int Conf on, pp. 560–569, 2013.
[37]Sendor J. et al., "Platform level support for authorization in cloud services with oauth 2," Proc of Int Conf on Cloud Engg, pp. 458–465, 2014.
[38]Leandro M. A. et al., “Multitenancy authorization system with federated identity for cloud-based environments using shibboleth,”, Proc. of Int Conf on Netwks, pp. 88–93, 2012.
[39]Coppolino L. et al., “Cloud security: Emerging threats and current solutions," Comp. & Elect. Engg., Volume 59, pp. 126-140, 2017.
[40]Chen W. et al., “Outsourced privacy-preserving decision tree classification service over encrypted data," J. of Info Sec & Apps, Volume 53, August 2020.
[41]Hu Xiong, Yan Wu, ChunhuaSu, Kuo-hui Yeh, "A Secure and efficient certificates batch verification scheme with invalid signature identification for the internet of things," J. of Info Secur and Apps, Vol. 53, No. 8, pp. 1-12, August 2020.
[42]Du M. et al., “Towards an automatic detection of sensitive information in a database,” 2nd Int. Conf. on Adv in DBs, Knowldg, and Data Apps, pp. 247–252, 2010.
[43]Lodha S. and Thomas D., “Probabilistic anonymity,” in Priv, Secy, and Trust in KDD, Intl Wkshop, pp. 56–79, 2007.
[44]Wang F., Han S.. "Probabilistic Graphical Models: theory and technology," Tsinghua Univ. Press, pp. 1-1270, 2015.
[45]Shirudkar K., & Motwani D., “Big-Data Security,” Intl J of Advncd res in Comp Sc and S/w Engg Res., Volume 5, No. 3, pp. 1100–1109, 2015.
[46]Omer A. M. et al., "Simple and effective method for selecting quasi-identifier," J. of Theor and Appld Info Tech., Volume 89, No. 2, pp. 512–517, 2016.
[47]Mohammed N. et al., “Centralized and Distributed Anonymization for High-Dimensional Healthcare Data,” ACM Trans on Knowldg Discov from Data, Volume. 4, No. 4, pp. 1–33, 2010.
[48]Liu F. et al., “Privacy-Preserving Scanning of Big Content for Sensitive Data Exposure with MapReduce,”, Proc. of 5th ACM Conf on Data and Appl Sec and Priv., pp. 195–206, 2015.
[49]Baek J. et al., "A secure cloud computing-based framework for big data information management of the smart grid," Cloud Comp., IEEE Trans. on, Volume. 3, Issue. 2, pp. 233-244, 2014.
[50]Brakerski Z., Gentry C., andVaikuntanathan V., “Fully Homomorphic Encryption without Bootstrapping,” In Proc. Innov. in Theoretical CS, pp. 309–325, 2012.
[51]Brakerski Z., “Fully homomorphic encryption without modulus switching from classical GapSVP,” Lect. Notes in Computer Science Volume 7417, pp. 868–886, 2012.
[52] Kamta N. M., "A Proficient Mechanism for Cloud Security Supervision in Distributed Environment," International Journal of Computer Network and Information Security, Volume 12, No. 6, pp. 57-77, 2020.
[53] Kamta N. M. et al., "Veins Based Personal Identification Systems: A Review," International Journal of Intelligent Systems and Applications, Volume 8, No. 10, pp. 68-85, 2016.
[54] Kamta N.M., and Anupam A., "A Soft Computing Technique for Improving the Fidelity of Thumbprint based Identification Systems,", International Journal of Intelligent Systems and Applications, Volume 8, Number 7, pp.14-27, 2016.
[55] Kamta N.M. et al., "Palatal Patterns Based RGB Technique for Personal Identification,", International Journal of Image, Graphics and Signal Processing, Volume 7, Issue 10, pp. 60-77, 2015.
[56] Kamta N.M., and Kanderp N. M., "Face Veins based MCMT Technique for Personal Identification", International Journal of Intelligent Systems and Applications, Volume 7, Issue 9, pp. 57-72, 2015.
[57] Ray S, Mishra K N. and Dutta S, "Susceptible data classification and security reassurance in cloud-IoT based computing environment", Sadhna-Journal of Engineering Sciences Vol. 46, pp.1-24, 2021.