Privacy Preservation of Sensitive Data using Polymorphic Encryption and Cryptographic Techniques

The compilation and analysis of health records on a big data scale is becoming an essential approach to understand problematical diseases. In order to gain new insights it is important that researchers can cooperate: they will have to access each other's data and contribute to the data sets. In many cases, such health records involves privacy sensitive data about patients. Patients should be cautious to count on preservation of their privacy and on secure storage of their data. Polymorphic encryption and Pseudonymisation, form a narrative approach for the management of sensitive information, especially in health care. The conventional encryptionsystem is rather inflexible: once scrambled, just one key can be utilized to unscramble the information. This inflexibility is turning into an each more noteworthy issue with regards to huge information examination, where various gatherings who wish to research some portion of an encoded informational index all need the one key for decoding. Polymorphic encryption is another cryptographic strategy that tackles these issues. Together with the related procedure of polymorphic pseudonymisation new security and protection assurances can be given which are fundamental in zones, for example, (customized) wellbeing area, medicinal information accumulation by means of self-estimation applications, and all the more by and large in protection inviting character the board and information examination.Encryption, pseudonymization and anonymization are some of the importanttechniques that facilitate the usders on security of sensitive data, and ensure compliance both from an Data Regulation act and any other information security act like Health Insurance Portability and Accountability Act - (HIPAA) regulations.

Download Full-text

Data Privacy Preservation and Security Approaches for Sensitive Data in Big Data

10.3233/apc210221 ◽

2021 ◽

Author(s):

Rohit Ravindra Nikam ◽

Rekha Shahapurkar

Keyword(s):

Data Mining ◽

Data Analytics ◽

Data Privacy ◽

Privacy Preservation ◽

Large Data ◽

Research Area ◽

Data Sets ◽

Sensitive Information ◽

Sensitive Data ◽

Data Mining Techniques

Data mining is a technique that explores the necessary data is extracted from large data sets. Privacy protection of data mining is about hiding the sensitive information or identity of breach security or without losing data usability. Sensitive data contains confidential information about individuals, businesses, and governments who must not agree upon before sharing or publishing his privacy data. Conserving data mining privacy has become a critical research area. Various evaluation metrics such as performance in terms of time efficiency, data utility, and degree of complexity or resistance to data mining techniques are used to estimate the privacy preservation of data mining techniques. Social media and smart phones produce tons of data every minute. To decision making, the voluminous data produced from the different sources can be processed and analyzed. But data analytics are vulnerable to breaches of privacy. One of the data analytics frameworks is recommendation systems commonly used by e-commerce sites such as Amazon, Flip Kart to recommend items to customers based on their purchasing habits that lead to characterized. This paper presents various techniques of privacy conservation, such as data anonymization, data randomization, generalization, data permutation, etc. such techniques which existing researchers use. We also analyze the gap between various processes and privacy preservation methods and illustrate how to overcome such issues with new innovative methods. Finally, our research describes the outcome summary of the entire literature.

Download Full-text

Use of Purpose and Role Based Access Control Mechanisms to Protect Data Within RDBMS

International Journal of Software Innovation ◽

10.4018/ijsi.2020010105 ◽

2020 ◽

Vol 8 (1) ◽

pp. 82-91

Author(s):

Suraj Krishna Patil ◽

Sandipkumar Chandrakant Sagare ◽

Alankar Shantaram Shelar

Keyword(s):

Access Control ◽

Privacy Preservation ◽

Original Data ◽

Sensitive Information ◽

Role Based Access Control ◽

Control Mechanisms ◽

Sensitive Data ◽

Access To Resources ◽

Key Factor ◽

Role Based

Privacy is the key factor to handle personal and sensitive data, which in large chunks, is stored by database management systems (DBMS). It provides tools and mechanisms to access and analyze data within it. Privacy preservation converts original data into some unknown form, thus protecting personal and sensitive information. Different access control mechanisms such as discretionary access control, mandatory access control is used in DBMS. However, they hardly consider purpose and role-based access control in DBMS, which incorporates policy specification and enforcement. The role based access control (RBAC) regulates the access to resources based on the roles of individual users. Purpose based access control (PuBAC) regulates the access to resources based on purpose for which data can be accessed. It regulates execution of queries based on purpose. The PuRBAC system uses the policies of both, i.e. PuBAC and RBAC, to enforce within RDBMS.

Download Full-text

Social Engineering Attacks: A Survey

Future Internet ◽

10.3390/fi11040089 ◽

2019 ◽

Vol 11 (4) ◽

pp. 89 ◽

Cited By ~ 25

Author(s):

Fatima Salahdine ◽

Naima Kaabouch

Keyword(s):

Communication Systems ◽

Social Engineering ◽

Sensitive Information ◽

Security Measures ◽

Information Communication ◽

Sensitive Data ◽

Health Records ◽

The Social ◽

Human Tendency ◽

Detection Strategies

The advancements in digital communication technology have made communication between humans more accessible and instant. However, personal and sensitive information may be available online through social networks and online services that lack the security measures to protect this information. Communication systems are vulnerable and can easily be penetrated by malicious users through social engineering attacks. These attacks aim at tricking individuals or enterprises into accomplishing actions that benefit attackers or providing them with sensitive data such as social security number, health records, and passwords. Social engineering is one of the biggest challenges facing network security because it exploits the natural human tendency to trust. This paper provides an in-depth survey about the social engineering attacks, their classifications, detection strategies, and prevention procedures.

Download Full-text

Facilitating the ethical use of health data for the benefit of society: electronic health records, consent and the duty of easy rescue

Philosophical Transactions of The Royal Society A Mathematical Physical and Engineering Sciences ◽

10.1098/rsta.2016.0130 ◽

2016 ◽

Vol 374 (2083) ◽

pp. 20160130 ◽

Cited By ~ 29

Author(s):

Sebastian Porsdam Mann ◽

Julian Savulescu ◽

Barbara J. Sahakian

Keyword(s):

Informed Consent ◽

Electronic Health Records ◽

Data Science ◽

Real Life ◽

Health Data ◽

Sensitive Information ◽

Minimal Risk ◽

Sensitive Data ◽

Health Records ◽

Electronic Health

Advances in data science allow for sophisticated analysis of increasingly large datasets. In the medical context, large volumes of data collected for healthcare purposes are contained in electronic health records (EHRs). The real-life character and sheer amount of data contained in them make EHRs an attractive resource for public health and biomedical research. However, medical records contain sensitive information that could be misused by third parties. Medical confidentiality and respect for patients' privacy and autonomy protect patient data, barring access to health records unless consent is given by the data subject. This creates a situation in which much of the beneficial records-based research is prevented from being used or is seriously undermined, because the refusal of consent by some patients introduces a systematic deviation, known as selection bias, from a representative sample of the general population, thus distorting research findings. Although research exemptions for the requirement of informed consent exist, they are rarely used in practice due to concerns over liability and a general culture of caution. In this paper, we argue that the problem of research access to sensitive data can be understood as a tension between the medical duties of confidentiality and beneficence. We attempt to show that the requirement of informed consent is not appropriate for all kinds of records-based research by distinguishing studies involving minimal risk from those that feature moderate or greater risks. We argue that the duty of easy rescue—the principle that persons should benefit others when this can be done at no or minimal risk to themselves—grounds the removal of consent requirements for minimally risky records-based research. Drawing on this discussion, we propose a risk-adapted framework for the facilitation of ethical uses of health data for the benefit of society. This article is part of the themed issue ‘The ethical impact of data science’.

Download Full-text

Disbursal of Text Steganography in the Space of Double-Secure Algorithm

Mathematical Problems in Engineering ◽

10.1155/2021/7336474 ◽

2021 ◽

Vol 2021 ◽

pp. 1-9

Author(s):

Yahya Khan ◽

Ali Algarni ◽

Aisha Fayomi ◽

Abdullah M. Almarashi

Keyword(s):

Sensitive Information ◽

Case Method ◽

Algorithm Optimization ◽

Compression Method ◽

Security Issue ◽

Sensitive Data ◽

Hiding Capacity ◽

Text Steganography ◽

Shape Encoding ◽

The One

Hackers reveal sensitive information from encrypted conversations as the globe has become one community. As a result, steganography and cryptography are used together to safeguard sensitive data more effectively than previous approaches and newly developed algorithms. A double-secure algorithm for text steganography (DSTS) is the safest approach compared to the paragraph hiding method (PHM) and capital alphabet shape encoding (CASE) method. In this context, the paragraph hiding method uses ASCII coding, which is not a standard method, and the CASE method has a security issue that if someone understands its applicability, it can be easily attacked. DSTS algorithm overcomes its limitations by using UTF-16 coding and enhances the security of CASE with a one-time pad (OTP). The one-time pad is a theoretically unbreakable cryptographic method. Still, it is not feasible for long messages, however, it is usable for short messages such as a password or intelligence agency’s more secure messages. DSTS degrades the average hiding capacity in a PHM from 2.06% to 1% due to UTF-16 coding. Using the UTF-8 method, the authors have improved MDSTS and the CMPHM by 6.49% and 7.76% hiding capacity, which outperforms in existing procedures; in the CMPHM, there is one reason for the improvement in hiding capacity is using the LZW compression method. CMHPM algorithm optimization standard deviation is less than that of the HPM, DSTS, and MDSTS, ultimately increasing speed.

Download Full-text

Optimal Key Generation for Data Sanitization and Restoration of Cloud Data: Future of Financial Cyber Security

International Journal of Information Technology & Decision Making ◽

10.1142/s0219622020500200 ◽

2020 ◽

Vol 19 (04) ◽

pp. 987-1013

Author(s):

B. Balashunmugaraja ◽

T. R. Ganeshbabu

Keyword(s):

Cyber Security ◽

Privacy Preservation ◽

Service Sector ◽

Scale Up ◽

Cloud Security ◽

Sensitive Information ◽

Key Generation ◽

Sensitive Data ◽

Data Sanitization ◽

Data Restoration

Cloud security in finance is considered as the key importance, taking account of the aspect of critical data stored over cloud spaces within organizations all around the globe. They are chiefly relying on cloud computing to accelerate their business profitability and scale up their business processes with enhanced productivity coming through flexible work environments offered in cloud-run working systems. Hence, there is a prerequisite to contemplate cloud security in the entire financial service sector. Moreover, the main issue challenged by privacy and security is the presence of diverse chances to attack the sensitive data by cloud operators, which leads to double the user’s anxiety on the stored data. For solving this problem, the main intent of this paper is to develop an intelligent privacy preservation approach for data stored in the cloud sector, mainly the financial data. The proposed privacy preservation model involves two main phases: (a) data sanitization and (b) data restoration. In the sanitization process, the sensitive data is hidden, which prevents sensitive information from leaking on the cloud side. Further, the normal as well as the sensitive data is stored in a cloud environment. For the sanitization process, a key should be generated that depends on the new meta-heuristic algorithm called crossover improved-lion algorithm (CI-LA), which is inspired by the lion’s unique social behavior. During data restoration, the same key should be used for effectively restoring the original data. Here, the optimal key generation is done in such a way that the objective model involves the degree of modification, hiding rate, and information preservation rate, which effectively enhance the cyber security performance in the cloud.

Download Full-text

An ensemble random forest algorithm for privacy preserving distributed medical data mining

International Journal of E-Health and Medical Communications ◽

10.4018/ijehmc.20211101oa06 ◽

2021 ◽

Vol 12 (6) ◽

pp. 0-0

Keyword(s):

Data Mining ◽

Random Forest ◽

Imbalanced Data ◽

Distributed Data Mining ◽

Sensitive Information ◽

Distributed Data ◽

Sensitive Data ◽

Health Records ◽

Data Mining Approach ◽

Proposed Model

As the voluminous amount of data is generated because of inexorably widespread proliferation of electronic data maintained using the Electronic Health Records (EHRs). Medical health facilities have great potential to discern the patterns from this data and utilize them in diagnosing a specific disease or predicting outbreak of an epidemic etc. This discern of patterns might reveal sensitive information about individuals and this information is vulnerable to misuse. This is, however, a challenging task to share such sensitive data as it compromises the privacy of patients. In this paper, a random forest-based distributed data mining approach is proposed. Performance of the proposed model is evaluated using accuracy, f-measure and appa statistics analysis. Experimental results reveal that the proposed model is efficient and scalable enough in both performance and accuracy within the imbalanced data and also in maintaining the privacy by sharing only useful healthcare knowledge in the form of local models without revealing and sharing of sensitive data.

Download Full-text

Transfer of Secret Data using Re-encryption Technique with Hyperledger Fabric based on Blockchain Technology

International Journal for Research in Applied Science and Engineering Technology ◽

10.22214/ijraset.2021.35725 ◽

2021 ◽

Vol 9 (VI) ◽

pp. 3582-3588

Author(s):

Bhagyashri H. Adhau

Keyword(s):

Personal Health Record ◽

Security Analysis ◽

Security And Privacy ◽

Sensitive Information ◽

Secret Data ◽

Record System ◽

Blockchain Technology ◽

Proposed Model ◽

The One ◽

Cryptographic Techniques

The Personal health record system (PHR system) which stores health-records patient's information. PHR system allows the one Hospital to manage and share his/her data with selected other individuals. The originality or tamper resistance feature is crucial for PHR system because it contains sensitive information about patients. Blockchain technology with the personal blockchain becomes a potential, great solution due to its immutability properties. Unfortunately. This work aims to propose a blockchain-based PHR model. The proposed model is built using the Hyper-ledger Fabric concept to support a tamper resistance feature. Re-encryption and other cryptographic techniques Such as Advanced Encryption Standard and Hashing algorithms are employed to preserve privacy. The proposed model include flexible access control, security concerns, auditability. A detailed security analysis of our model shows that the it is provably secure for Security and privacy preserving.

Download Full-text

Privacy Preservation and Analytical Utility of E-Learning Data Mashups in the Web of Data

Applied Sciences ◽

10.3390/app11188506 ◽

2021 ◽

Vol 11 (18) ◽

pp. 8506

Author(s):

Mercedes Rodriguez-Garcia ◽

Antonio Balderas ◽

Juan Manuel Dodero

Keyword(s):

Learning Environments ◽

Privacy Preservation ◽

Personal Information ◽

Empirical Evaluation ◽

Published Data ◽

Data Sets ◽

Sensitive Information ◽

Essential Information ◽

Data Mashups ◽

Analytical Utility

Virtual learning environments contain valuable data about students that can be correlated and analyzed to optimize learning. Modern learning environments based on data mashups that collect and integrate data from multiple sources are relevant for learning analytics systems because they provide insights into students’ learning. However, data sets involved in mashups may contain personal information of sensitive nature that raises legitimate privacy concerns. Average privacy preservation methods are based on preemptive approaches that limit the published data in a mashup based on access control and authentication schemes. Such limitations may reduce the analytical utility of the data exposed to gain students’ learning insights. In order to reconcile utility and privacy preservation of published data, this research proposes a new data mashup protocol capable of merging and k-anonymizing data sets in cloud-based learning environments without jeopardizing the analytical utility of the information. The implementation of the protocol is based on linked data so that data sets involved in the mashups are semantically described, thereby enabling their combination with relevant educational data sources. The k-anonymized data sets returned by the protocol still retain essential information for supporting general data exploration and statistical analysis tasks. The analytical and empirical evaluation shows that the proposed protocol prevents individuals’ sensitive information from re-identifying.

Download Full-text

Reinforced Social Ant with Discrete Swarm Optimizer for Sensitive Item and Rule Hiding

International Journal of Innovative Technology and Exploring Engineering - Special Issue ◽

10.35940/ijitee.i7816.078919 ◽

2019 ◽

Vol 8 (9) ◽

pp. 902-908

Keyword(s):

Data Mining ◽

Privacy Preservation ◽

Distributed Databases ◽

Data Publishing ◽

Sensitive Information ◽

Sensitive Data ◽

Swarm Optimization ◽

Privacy Preserving Data Mining ◽

The Past ◽

Research Areas

In data mining Privacy Preserving Data mining (PPDM) of the important research areas concentrated in recent years which ensures ensuring sensitive information and rule not being revealed. Several methods and techniques were proposed to hide sensitive information and rule in databases. In the past, perturbation-based PPDM was developed to preserve privacy before use and secure mining of association rules were performed in horizontally distributed databases. This paper presents an integrated model for solving the multi-objective factors, data and rule hiding through reinforcement and discrete optimization for data publishing. This is denoted as an integrated Reinforced Social Ant and Discrete Swarm Optimization (RSADSO) model. In RSA-DSO model, both Reinforced Social Ant and Discrete Swarm Optimization perform with the same particles. To start with, sensitive data item hiding is performed through Reinforced Social Ant model. Followed by this performance, sensitive rules are identified and further hidden for data publishing using Discrete Swarm Optimization model. In order to evaluate the RSA-DSO model, it was tested on benchmark dataset. The results show that RSA-DSO model is more efficient in improving the privacy preservation accuracy with minimal time for optimal hiding and also optimizing the generation of sensitive rules.

Download Full-text