Overview of Data Security, Classification and Control Measure: A Study

Mitali Sharma*, Harsh Jindal**, Santosh Kumar***, Rakesh Kumar****
*,** Department of Computer Engineering, Chandigarh Group of Colleges Landran, Mohali, Punjab, India.
*** Department of Mechanical Engineering, Chandigarh Group of Colleges Landran, Mohali, Punjab, India.
**** Department of Mechanical Engineering, Chandigarh University, Mohali, Punjab, India.
Periodicity:December - February'2022
DOI : https://doi.org/10.26634/jit.11.1.18557

Abstract

Data is a more basic resource for all associations than at any other time in recent memory. Recent advances and models such as sensor platforms, IoT, distributed computing, and information exploration make it possible for the inevitable, skilled, and real collection of information. Information security and protection are essential for information to be used to its full potential. Despite the fact that information security and protection have been mostly considered during the last few years, today it is faced with new and unpleasant problems in information security and protection. Part of these difficulties arises from security concerns about the use of information and from the need to combine security with the use of information for security in applications such as national insurance, counter-terrorism and well-being, food, and water security. Various difficulties arise due to the fact that the organization of a new set of data and processing devices, for example, used in the IoT, increases the information attack surface. This paper reviews the significant ideas and approaches to information security, protection and identifies the research challenges that should be addressed with comprehensive solutions to information security and privacy questions.

Keywords

Data, Security, Protection, Cyberattacks, Data Integrity, Access Control, World Wide Web, Data Encryption.

How to Cite this Article?

Sharma, M., Jindal, H., Kumar, S., and Kumar, R. (2022). Overview of Data Security, Classification and Control Measure: A Study. i-manager’s Journal on Information Technology, 11(1), 17-34. https://doi.org/10.26634/jit.11.1.18557

References

[1]. Anderson, L. M., Shinn, C., Fullilove, M. T., Scrimshaw, S. C., Fielding, J. E., Normand, J., ... & Task Force on Community Preventive Services. (2003). The effectiveness of early childhood development programs: A systematic review. American Journal of Preventive Medicine, 24(3), 32-46. https://doi.org/10.1016/S0749-3797(02)00655-4
[2]. Babiker, M. H. (2005). Climate change policy, market structure, and carbon leakage. Journal of International Economics, 65(2), 421-445. https://doi.org/10.1016/j.jinteco.2004.01.003
[3]. Benjelloun, F. Z., & Lahcen, A. A. (2019). Big data security: challenges, recommendations and solutions. In Web Services: Concepts, Methodologies, Tools, and Applications (pp. 25-38). IGI Global. https://doi.org/10.4018/978-1-5225-7501-6.ch003
[4]. Borgesius, F. J. Z., Möller, J., Kruikemeier, S., Fathaigh, R. Ó., Irion, K., Dobber, T., ... & De Vreese, C. (2018). Online political microtargeting: Promises and threats for democracy. Utrecht Law Review, 14(1), 82-96. http://doi.org/10.18352/ulr.420
[5]. Bouchard Jr, T. J., & Hare, M. (1970). Size, performance, and potential in brainstorming groups. Journal of Applied Psychology, 54(1p1), 51-55. https://doi.org/10.1037/h0028621
[6]. Budak, C., Agrawal, D., & El Abbadi, A. (2011). Structural trend analysis for online social networks. Proceedings of the VLDB Endowment, 4(10), 646-656. https://doi.org/10.14778/2021017.2021022
[7]. Cadwalladr, C., & Graham-Harrison, E. (2018). Revealed: 50 million Facebook profiles harvested for Cambridge Analytica in major data breach. The Guardian, 17, 1-6.
[8]. Cant, M. A. (2011). The role of threats in animal cooperation. Proceedings of the Royal Society B: Biological Sciences, 278(1703), 170-178. https://doi.org/10.1098/rspb.2010.1241
[9]. Carson, J. V., & Politte, H. (2021). Implicit bias within public reporting: A virtual reality experiment examining “suspicious” activity. Crime & Delinquency, 67(12), 2135-2162. https://doi.org/10.1177/0011128720981897
[10]. Cerutti, D. T. (1989). Discrimination theory of rule governed behavior. Journal of the Experimental Analysis of Behavior, 51(2), 259-276. https://doi.org/10.1 901/jeab. 1989.51-259
[11]. Chae, H., Shahzad, A., Irfan, M., Lee, H., & Lee, M. (2015). Industrial control systems vulnerabilities and security issues and future enhancements. Advanced Science and Technology Letters, 95, 144-148. https://doi.org/10.14257/astl.2015.95.27
[12]. Chauhan, P. S., & Kshetri, N. (2021). 2021 state of the practice in data privacy and security. Computer, 54(8), 125-132. https://doi.org/10.1109/MC.2021.3083916
[13]. Chen, D., & Zhao, H. (2012, March). Data security and privacy protection issues in cloud computing. In 2012, International Conference on Computer Science and Electronics Engineering (Vol. 1, pp. 647-651). IEEE. https://doi.org/10.1109/ICCSEE.2012.193
[14]. Cho, H., Ippolito, D., & Yu, Y. W. (2020). Contact tracing mobile apps for COVID-19: Privacy considerations and related trade-offs. arXiv preprint arXiv:2003.11511. https://doi.org/10.48550/arXiv.2003.11511
[15]. Chou, D. C., & Chou, A. Y. (2009). Integrating change management and change auditing into information technology consulting practice. International Journal of Information Systems and Change Management, 4(1), 15-41.
[16]. Colwill, C. J., Todd, M. C., Fielder, G. P., & Natanson, C. (2001). Information assurance. BT Technology Journal, 19(3), 107-114.
[17]. De Marco, A., Rafele, C., & Thaheem, M. J. (2016). Dynamic management of risk contingency in complex design-build projects. Journal of Construction Engineering and Management, 142(2), 1-10. https://doi.org/10.1061/(ASCE)CO.1943-7862.0001052
[18]. Doelitzscher, F., Reich, C., Knahl, M., & Clarke, N. (2013). Understanding cloud audits. In Privacy and Security for Cloud Computing (pp. 125-163). Springer, London. https://doi.org/10.1007/978-1-4471-4189-1_4
[19]. Drevin, L., Kruger, H. A., & Steyn, T. (2007). Valuefocused assessment of ICT security awareness in an academic environment. Computers & Security, 26(1), 36-43. https://doi.org/10.1016/j.cose.2006.10.006
[20]. Dunn Cavelty, M. (2014). Breaking the cyber-security dilemma: Aligning security needs and removing vulnerabilities. Science and Engineering Ethics, 20(3), 701-715. https://doi.org/10.1007/s11948-014-9551-y
[21]. Eames, K. T., & Keeling, M. J. (2003). Contact tracing and disease control. Proceedings of the Royal Society of London. Series B: Biological Sciences, 270(1533), 2565-2571. https://doi.org/10.1098/rspb.2003.2554
[22]. Eduljee, G. H. (2000). Trends in risk assessment and risk management. Science of the Total Environment, 249(1-3), 13-23. https://doi.org/10.1016/S0048-9697(99)00507-0
[23]. Eling, K., & Herstatt, C. (2017). Managing the front end of innovation—Less fuzzy, yet still not fully understood. Journal of Product Innovation Management, 34(6), 864-874. https://doi.org/10.1111/jpim.12415
[24]. Elsawah, H. K., Elsokary, M. A., Abdallah, M. S., & ElShafie, A. H. (2021). Efficacy and safety of remdesivir in hospitalized Covid 19 patients: systematic review and meta analysis including network meta analysis. Reviews in Medical Virology, 31(4), e2187. https://doi.org/10.1002/rmv.2187
[25]. Elsinger, H., Lehar, A., & Summer, M. (2006). Risk assessment for banking systems. Management Science, 52(9), 1301-1314. https://doi.org/10.1287/mnsc.1060.0531
[26]. Erickson, G. M., & Brochu, C. A. (1999). How the 'terror crocodile'grew so big. Nature, 398(6724), 205-206. https://doi.org/10.1038/18343
[27]. Fan, X., Fan, K., Wang, Y., & Zhou, R. (2015, August). Overview of cyber-security of industrial control system. In 2015, International Conference on Cyber Security of Smart Cities, Industrial Control System and Communications (SSIC) (pp. 1-7). IEEE. https://doi.org/10.1109/SSIC.2015. 7245324
[28]. Forte, D. (2004). MyDoom & Co. is there really a problem?. Network Security, 2004(3), 14. https://doi.org/10.1016/S1353-4858(04)00052-2
[29]. Grobauer, B., Walloschek, T., & Stocker, E. (2010). Understanding cloud computing vulnerabilities. IEEE Security & Privacy, 9(2), 50-57. https://doi.org/10.1109/MSP.2010.115
[30]. Guan, Y., Shao, J., Wei, G., & Xie, M. (2018). Data security and privacy in fog computing. IEEE Network, 32(5), 106-111. https://doi.org/10.1109/MNET.2018.1700250
[31]. Hammad, M., Bagheri, H., & Malek, S. (2017, April). Determination and enforcement of least-privilege architecture in android. In 2017, IEEE International Conference on Software Architecture (ICSA) (pp. 59-68). IEEE. https://doi.org/10.1109/ICSA.2017.18
[32]. Hammad, M., Bagheri, H., & Malek, S. (2019). DelDroid: an automated approach for determination and enforcement of least-privilege architecture in android. Journal of Systems and Software, 149, 83-100. https://doi.org/10.1016/j.jss.2018.11.049
[33]. Harrell, M. N. (2017). Synergistic security: A work system case study of the target breach. Journal of Cybersecurity Education, Research and Practice, 2017(2), 4.
[34]. Hassija, V., Chamola, V., Saxena, V., Jain, D., Goyal, P., & Sikdar, B. (2019). A survey on IoT security: Application areas, security threats, and solution architectures. IEEE Access, 7, 82721-82743. https://doi.org/10.1109/ACCESS.2019.2924045
[35]. Hosseinian-Far, A., Ramachandran, M., & Slack, C. L. (2018). Emerging trends in cloud computing, big data, fog computing, IoT and smart living. Technology for Smart Futures, 29-40. https://doi.org/10.1007/978-3-319-60137-3_2
[36]. Hyams, J., Markowitz, J., Otley, A., Rosh, J., Mack, D., Bousvaros, A., ... & Pediatric Inflammatory Bowel Disease Collaborative Research Group. (2005). Evaluation of the pediatric crohn disease activity index: a prospective multicentre experience. Journal of Pediatric Gastroenterology and Nutrition, 41(4), 416-421. https://doi.org/10.1097/01.mpg.0000183350.46795.42
[37]. Jalali, M. S., Landman, A., & Gordon, W. J. (2021). Telemedicine, privacy, and information security in the age of COVID-19. Journal of the American Medical Informatics Association, 28(3), 671-672. https://doi.org/10.1093/jamia/ocaa310
[38]. Josephson, C. B., & Wiebe, S. (2021). Precision Medicine: Academic dreaming or clinical reality?. Epilepsia, 62, 78-89. https://doi.org/10.1111/epi.16739
[39]. Kaaniche, N., & Laurent, M. (2017). Data security and privacy preservation in cloud storage environments based on cryptographic mechanisms. Computer Communications, 111, 120-141. https://doi.org/10.1016/j.comcom.2017.07.006
[40]. Kim, S. H., Kim, N. U., & Chung, T. M. (2013, December). Attribute relationship evaluation methodology for big data security. In 2013, International Conference on IT Convergence and Security (ICITCS) (pp. 1-4). IEEE. https://doi.org/10.1109/ICITCS.2013.6717808
[41]. Korff, D., & Brown, I. (2013). The use of the Internet & related services, private life & data protection: trends & technologies, threats & implications. Council of Europe, TPD (2013), 7, (pp. 42).
[42]. Krebs, P., & Duncan, D. T. (2015). Health app use among US mobile phone owners: a national survey. JMIR mHealth and uHealth, 3(4), e4924. https://doi.org/10.2196/mhealth.4924
[43]. Kumar, P. R., Raj, P. H., & Jelciana, P. (2018). Exploring data security issues and solutions in cloud computing. Procedia Computer Science, 125, 691-697. https://doi.org/10.1016/j.procs.2017.12.089
[44]. Kuyoro, S. O., Ibikunle, F., & Awodele, O. (2011). Cloud computing security issues and challenges. International Journal of Computer Networks (IJCN), 3(5), 247-255.
[45]. Kuzmanović, M., Ginebreda, A., Petrović, M., & Barceló, D. (2015). Risk assessment based prioritization of 200 organic micropollutants in 4 Iberian rivers. Science of the Total Environment, 503, 289-299. https://doi.org/10.1016/j.scitotenv.2014.06.056
[46]. Langkafel, P. (2014). 1 Intro Big Data for Healthcare?. Big Data in Medical Science and Healthcare Management, 20, 1-3. https://doi.org/10.1515/9783110445749
[47]. Lee, Y. W., Pipino, L., Strong, D. M., & Wang, R. Y. (2004). Process-embedded data integrity. Journal of Database Management (JDM), 15(1), 87-103. https://doi. org/10.4018/jdm.2004010104
[48]. Leung, Y., Fung, T., Mi, J. S., & Wu, W. Z. (2007). A rough set approach to the discovery of classification rules in spatial data. International Journal of Geographical Information Science, 21(9), 1033-1058. https://doi.org/10.1080/13658810601169915
[49]. Li, M., Lou, W., & Ren, K. (2010). Data security and privacy in wireless body area networks. IEEE Wireless Communications, 17(1), 51-58. https://doi.org/10.1109/MWC.2010.5416350
[50]. Mansfield-Devine, S. (2016). Data protection: prepare now or risk disaster. Computer Fraud & Security, 2016(12), 5-12. https://doi.org/10.1016/S1361-3723(16)30098-7
[51]. Mantelero, A., & Vaciago, G. (2022). Reconciling Data Protection and Cybersecurity: An Operational Approach for Business Sector. In Privacy and Data Protection in Software Services (pp. 97-110). Springer, Singapore. https://doi.org/10.1007/978-981-16-3049-1_9
[52]. Maqousi, A., Balikhina, T., & Mackay, M. (2013). An effective method for information security awareness raising initiatives. International Journal of Computer Science & Information Technology, 5(2), 63.
[53]. Masrom, M., & Rahimly, A. (2015). Overview of data security issues in hospital information systems. Pacific Asia Journal of the Association for Information Systems, 7(4), 5. https://doi.org/10.17705/1pais.07404
[54]. Matturdi, B., Zhou, X., Li, S., & Lin, F. (2014). Big Data security and privacy: A review. China Communications, 11(14), 135-145. https://doi.org/10.1109/CC.2014.7085614
[55]. Matturdi, B., Zhou, X., Li, S., & Lin, F. (2014). Big Data security and privacy: A review. China Communications, 11(14), 135-145. https://doi.org/10.1109/CC.2014.7085614
[56]. Matturdi, B., Zhou, X., Li, S., & Lin, F. (2014). Big Data security and privacy: A review. China Communications, 11(14), 135-145. https://doi.org/10.1109/CC.2014.7085614
[57]. Moreno, J., Serrano, M. A., & Fernández-Medina, E. (2016). Main issues in big data security. Future Internet, 8(3), 44. https://doi.org/10.3390/fi8030044
[58]. Munar, A. M. (2012). Social media strategies and destination management. Scandinavian Journal of Hospitality and Tourism, 12(2), 101-120. https://doi.org/10.1080/15022250.2012.679047
[59]. Omar, H. A., Lu, N., & Zhuang, W. (2016). Wireless access technologies for vehicular network safety applications. IEEE Network, 30(4), 22-26. https://doi.org/10.1109/MNET.2016.7513860
[60]. Opderbeck, D. W. (2015). Cybersecurity, data breaches, and the economic loss doctrine in the payment card industry. Md. L. Rev., 75, 935.
[61]. Pandey, N., & Pal, A. (2020). Impact of digital surge during Covid-19 pandemic: A viewpoint on research and practice. International Journal of Information Management, 55, 102171. https://doi.org/10.1016/j.ijinfomgt.2020.102171
[62]. Parakh, A., & Kak, S. (2011). Space efficient secret sharing for implicit data security. Information Sciences, 181(2), 335-341. https://doi.org/10.1016/j.ins.2010.09.013
[63]. Reddy, G. N., & Reddy, G. J. (2014). A study of cyber security challenges and its emerging trends on latest technologies. arXiv preprint arXiv:1402.1842. https://doi.org/10.48550/arXiv.1402.1842
[64]. Rizomiliotis, P., Rekleitis, E., & Gritzalis, S. (2009). Security analysis of the Song-Mitchell authentication protocol for low-cost RFID tags. IEEE Communications Letters, 13(4), 274-276. https://doi.org/10.1109/LCOMM.2009.082117
[65]. Salkovskis, P. M., & Forrester, E. (2002). Responsibility. In Cognitive approaches to obsessions and compulsions (pp. 45-61). Pergamon. https://doi.org/10.1016/B978-008043410-0/50005-2
[66]. Sandhu, R. S., & Samarati, P. (1994). Access control: principle and practice. IEEE Communications Magazine, 32(9), 40-48. https://doi.org/10.1109/35.312842
[67]. Sandhu, R. S., & Samarati, P. (1994). Access control: principle and practice. IEEE Communications Magazine, 32(9), 40-48. https://doi.org/10.1109/35.312842
[68]. Sandling, M., & Chandler, K. L. (2021). Exploring America in the 2000s: New Millennium, New US Grades 6-8. Routledge. https://doi.org/10.4324/9781003235118
[69]. Sapienza, A., Bessi, A., Damodaran, S., Shakarian, P., Lerman, K., & Ferrara, E. (2017, November). Early warnings of cyber threats in online discussions. In 2017, IEEE International Conference on Data Mining Workshops (ICDMW) (pp. 667-674). IEEE. https://doi.org/10.1109/ICDMW.2017.94
[70]. Shen, J., Shen, J., Chen, X., Huang, X., & Susilo, W. (2017). An efficient public auditing protocol with novel dynamic structure for cloud data. IEEE Transactions on Information Forensics and Security, 12(10), 2402-2415. https://doi.org/10.1109/TIFS.2017.2705620
[71]. Shyur, H. J. (2008). A quantitative model for aviation safety risk assessment. Computers & Industrial Engineering, 54(1), 34-44. https://doi.org/10.1016/j.cie.2007.06.032
[72]. Smid, M. E., & Branstad, D. K. (1988). Data encryption standard: Past and future. Proceedings of the IEEE, 76(5), 550-559. https://doi.org/10.1109/5.4441
[73]. Storey, K. (1995). The language of threats. International Journal of Speech, Language and the Law, 2(1), 74-80. https://doi.org/10.1558/ijsll.v2i1.74
[74]. Sun, Y., Zhang, J., Xiong, Y., & Zhu, G. (2014). Data security and privacy in cloud computing. International Journal of Distributed Sensor Networks, 10(7), 190903. https://doi.org/10.1155/2014/190903
[75]. Tavani, H. T., & Moor, J. H. (2001). Privacy protection, control of information, and privacy-enhancing technologies. ACM Sigcas Computers and Society, 31(1), 6-11. https://doi.org/10.1145/572277.572278
[76]. Taylor, J., & Gibson, L. K. (2017). Digitisation, digital interaction and social media: embedded barriers to democratic heritage. International Journal of Heritage Studies, 23(5), 408-420. https://doi.org/10.1080/13527258.2016.1171245
[77]. Trautman, L. J., & Ormerod, P. C. (2016). Corporate directors' and officers' cybersecurity standard of care: The Yahoo data breach. American University Law Review, 66, (pp. 1231).
[78]. Weaver, S. C., & Reisen, W. K. (2010). Present and future arboviral threats. Antiviral Research, 85(2), 328-345. https://doi.org/10.1016/j.antiviral.2009.10.008
[79]. Wen-bin, Y. Y. X. Y., & Zhao, C. H. E. N. (2010). Review of disaster backup and recovery technology of information system. Journal of Beijing University of Posts and Telecommunications, 33(2), 1-6. https://doi.org/10.13190/jbupt.201002.1.yangyx
[80]. Xu, Y., Cui, W., & Peinado, M. (2015, May). Controlled-channel attacks: Deterministic side channels for untrusted operating systems. In 2015, IEEE Symposium on Security and Privacy (pp. 640-656). IEEE. https://doi.org/10.1109/ SP.2015.45
[81]. Yu, S., Wang, C., Ren, K., & Lou, W. (2010, March). Achieving secure, scalable, and fine-grained data access control in cloud computing. In 2010, Proceedings IEEE INFOCOM (pp. 1-9). IEEE. https://doi.org/10.1109/INFCOM.2010.5462174
[82]. Zhang, X., Du, H. T., Chen, J. Q., Lin, Y., & Zeng, L. J. (2011, May). Ensure data security in cloud storage. In 2011, International Conference on Network Computing and Information Security (Vol. 1, pp. 284-287). IEEE. https://doi.org/10.1109/NCIS.2011.64
[83]. Zhang, Y., Li, Z. J., & He, D. Q. (2005). A survey on disaster backup and recovery techniques [j]. Computer Engineering & Science, 2, 37.
If you have access to this article please login to view the article or kindly login to purchase the article

Purchase Instant Access

Single Article

North Americas,UK,
Middle East,Europe
India Rest of world
USD EUR INR USD-ROW
Online 15 15

Options for accessing this content:
  • If you would like institutional access to this content, please recommend the title to your librarian.
    Library Recommendation Form
  • If you already have i-manager's user account: Login above and proceed to purchase the article.
  • New Users: Please register, then proceed to purchase the article.