CloudDLP: Transparent and Scalable Data Sanitization for Browser-Based Cloud Storage

Peiyi Han; Chuanyi Liu; Jiahao Cao; Shaoming Duan; Hezhong Pan; Zekun Cao; Binxing Fang

doi:10.1109/ACCESS.2020.2985870

IEEE Access (Jan 2020)

CloudDLP: Transparent and Scalable Data Sanitization for Browser-Based Cloud Storage

Peiyi Han,
Chuanyi Liu,
Jiahao Cao,
Shaoming Duan,
Hezhong Pan,
Zekun Cao,
Binxing Fang

Affiliations

Peiyi Han: ORCiD; School of Cyberspace Security, Beijing University of Posts and Telecommunications, Beijing, China
Chuanyi Liu: School of Computer Science and Technology, Harbin Institute of Technology (Shenzhen), Shenzhen, China
Jiahao Cao: Department of Computer Science and Technology, Tsinghua University, Beijing, China
Shaoming Duan: School of Computer Science and Technology, Harbin Institute of Technology (Shenzhen), Shenzhen, China
Hezhong Pan: ORCiD; School of Cyberspace Security, Beijing University of Posts and Telecommunications, Beijing, China
Zekun Cao: CAS Key Laboratory of Network Data Science and Technology, Institute of Computing Technology, Chinese Academy of Sciences, Beijing, China
Binxing Fang: School of Computer Science and Technology, Harbin Institute of Technology (Shenzhen), Shenzhen, China

DOI: https://doi.org/10.1109/ACCESS.2020.2985870
Journal volume & issue: Vol. 8
pp. 68449 – 68459

Abstract

Read online

Browser-based cloud storage services are still broadly used in enterprises for online sharing and collaboration. However, sensitive information in images or documents may be easily leaked outside trusted enterprise on-premises due to such cloud services. Existing solutions to prevent data leakage in cloud storage services either limit many functionalities of cloud applications or are difficult to be scaled to various cloud applications. In this paper, we propose CloudDLP, a transparent and scalable approach for enterprises to automatically sanitize sensitive data in images and documents with various browser-based cloud applications. CloudDLP is deployed as an internet gateway within the premises of an enterprise using JavaScript injecting techniques and deep learning methods to sanitize sensitive premise data. It neither compromises the user experience nor significantly affects application functionalities in browser-based cloud storage services. We have evaluated CloudDLP with a number of real-world cloud applications. Our experimental results show that it can achieve automatic data sanitization with cloud storage services while preserving most functionalities of cloud applications.

Published in IEEE Access

ISSN: 2169-3536 (Online)
Publisher: IEEE
Country of publisher: United States
LCC subjects: Technology: Electrical engineering. Electronics. Nuclear engineering
Website: https://ieeexplore.ieee.org/xpl/RecentIssue.jsp?punumber=6287639

About the journal

Abstract

Keywords