DLPFS: The Data Leakage Prevention FileSystem

• URL: http://arxiv.org/abs/2108.13785v1
• Date: Tue, 31 Aug 2021 12:27:16 GMT
• Title: DLPFS: The Data Leakage Prevention FileSystem
• Authors: Stefano Braghin and Marco Simioni and Mathieu Sinn
• Abstract summary: Data leaks caused by human error are regrettable common news. We present Data Leakage Prevention FileSystem (DLPFS), a first attempt to systematically protect against data leakage caused by application or human error. This interface provides a privacy protection layer on top of the POSIX interface, allowing for seamless integration with existing infrastructures and applications.
• Score: 1.1454761108688085
• License: http://arxiv.org/licenses/nonexclusive-distrib/1.0/
• Abstract: Shared folders are still a common practice for granting third parties access to data files, regardless of the advances in data sharing technologies. Services like Google Drive, Dropbox, Box, and others, provide infrastructures and interfaces to manage file sharing. The human factor is the weakest link and data leaks caused by human error are regrettable common news. This takes place as both mishandled data, for example stored to the wrong directory, or via misconfigured or failing applications dumping data incorrectly. We present Data Leakage Prevention FileSystem (DLPFS), a first attempt to systematically protect against data leakage caused by misconfigured application or human error. This filesystem interface provides a privacy protection layer on top of the POSIX filesystem interface, allowing for seamless integration with existing infrastructures and applications, simply augmenting existing security controls. At the same time, DLPFS allows data administrators to protect files shared within an organisation by preventing unauthorised parties to access potentially sensitive content. DLPFS achieves this by transparently integrating with existing access control mechanisms. We empirically evaluate the impact of DLPFS on system's performances to demonstrate the feasibility of the proposed solution.

Related papers

• Privacy-Preserving Federated Embedding Learning for Localized Retrieval-Augmented Generation [60.81109086640437]
  We propose a novel framework called Federated Retrieval-Augmented Generation (FedE4RAG) FedE4RAG facilitates collaborative training of client-side RAG retrieval models. We apply homomorphic encryption within federated learning to safeguard model parameters.
  arXiv  Detail & Related papers  (2025-04-27T04:26:02Z)
• Evaluating Fault Tolerance and Scalability in Distributed File Systems: A Case Study of GFS, HDFS, and MinIO [0.9307293959047378]
  Distributed File Systems (DFS) are essential for managing vast datasets across multiple servers, offering benefits in scalability, fault tolerance, and data accessibility. This paper presents a comprehensive evaluation of three prominent DFSs - Google File System (GFS), Hadoop Distributed File System (HDFS), and MinIO. Through detailed analysis, how these systems handle data redundancy, server failures, and client access protocols, ensuring reliability in dynamic, large-scale environments is assessed.
  arXiv  Detail & Related papers  (2025-02-04T03:52:45Z)
• Reverse Engineered MiniFS File System [1.2891210250935148]
  This paper addresses the vulnerabilities inherent in Wi-Fi APs using proprietary file systems like MiniFS found in TP-Link's AC1900 WiFi router. Through reverse engineering, we unravel the structure and operation of MiniFS, marking a significant advancement in our understanding of this previously opaque file system.
  arXiv  Detail & Related papers  (2024-07-06T12:49:37Z)
• FACOS: Enabling Privacy Protection Through Fine-Grained Access Control with On-chain and Off-chain System [11.901770945295391]
  We propose a permissioned blockchain-based privacy-preserving fine-grained access control on-chain and off-chain system, namely FACOS. Compared to similar work that only stores encrypted data in centralized or non-fault-tolerant IPFS systems, we enhanced off-chain data storage security and robustness.
  arXiv  Detail & Related papers  (2024-06-06T02:23:12Z)
• EmInspector: Combating Backdoor Attacks in Federated Self-Supervised Learning Through Embedding Inspection [53.25863925815954]
  Federated self-supervised learning (FSSL) has emerged as a promising paradigm that enables the exploitation of clients' vast amounts of unlabeled data. While FSSL offers advantages, its susceptibility to backdoor attacks has not been investigated. We propose the Embedding Inspector (EmInspector) that detects malicious clients by inspecting the embedding space of local models.
  arXiv  Detail & Related papers  (2024-05-21T06:14:49Z)
• HasTEE+ : Confidential Cloud Computing and Analytics with Haskell [50.994023665559496]
  Confidential computing enables the protection of confidential code and data in a co-tenanted cloud deployment using specialized hardware isolation units called Trusted Execution Environments (TEEs) TEEs offer low-level C/C++-based toolchains that are susceptible to inherent memory safety vulnerabilities and lack language constructs to monitor explicit and implicit information-flow leaks. We address the above with HasTEE+, a domain-specific language (cla) embedded in Haskell that enables programming TEEs in a high-level language with strong type-safety.
  arXiv  Detail & Related papers  (2024-01-17T00:56:23Z)
• A Forecasting-Based DLP Approach for Data Security [0.0]
  This paper uses data statistical analysis to forecast the data access possibilities of any user in future. The proposed approach makes use of renowned simple piecewise linear function for learning/training to model.
  arXiv  Detail & Related papers  (2023-12-21T10:14:27Z)
• Blockchain-enabled Data Governance for Privacy-Preserved Sharing of Confidential Data [1.6006586061577806]
  We propose a blockchain-based data governance system that employs attribute-based encryption to prevent privacy leakage and credential misuse. First, our ABE encryption system can handle multi-authority use cases while protecting identity privacy and hiding access policy. Second, applying the Advanced Encryption Standard (AES) for data encryption makes the whole system efficient and responsive to real-world conditions.
  arXiv  Detail & Related papers  (2023-09-08T05:01:59Z)
• PS-FedGAN: An Efficient Federated Learning Framework Based on Partially Shared Generative Adversarial Networks For Data Privacy [56.347786940414935]
  Federated Learning (FL) has emerged as an effective learning paradigm for distributed computation. This work proposes a novel FL framework that requires only partial GAN model sharing. Named as PS-FedGAN, this new framework enhances the GAN releasing and training mechanism to address heterogeneous data distributions.
  arXiv  Detail & Related papers  (2023-05-19T05:39:40Z)
• TOHAN: A One-step Approach towards Few-shot Hypothesis Adaptation [73.75784418508033]
  In few-shot domain adaptation (FDA), classifiers for the target domain are trained with labeled data in the source domain (SD) and few labeled data in the target domain (TD) Data usually contain private information in the current era, e.g., data distributed on personal phones. We propose a target orientated hypothesis adaptation network (TOHAN) to solve the problem.
  arXiv  Detail & Related papers  (2021-06-11T11:46:20Z)
• Trustworthy Transparency by Design [57.67333075002697]
  We propose a transparency framework for software design, incorporating research on user trust and experience. Our framework enables developing software that incorporates transparency in its design.
  arXiv  Detail & Related papers  (2021-03-19T12:34:01Z)
• Towards Software-Defined Data Protection: GDPR Compliance at the Storage Layer is Within Reach [0.07388859384645262]
  "Software-Defined Data Protection" (SDP) is an adoption of the "Software-Defined Storage" approach to non-performance aspects. SDP translates a trusted controller company and application-specific policies to a set of rules deployed on the storage nodes. These, in turn, apply the rules at line-rate but do not take any decisions on their own.
  arXiv  Detail & Related papers  (2020-08-11T18:06:46Z)
• BeeTrace: A Unified Platform for Secure Contact Tracing that Breaks Data Silos [73.84437456144994]
  Contact tracing is an important method to control the spread of an infectious disease such as COVID-19. Current solutions do not utilize the huge volume of data stored in business databases and individual digital devices. We propose BeeTrace, a unified platform that breaks data silos and deploys state-of-the-art cryptographic protocols to guarantee privacy goals.
  arXiv  Detail & Related papers  (2020-07-05T10:33:45Z)

This list is automatically generated from the titles and abstracts of the papers in this site.

This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.