Operational-Based Obfuscation for Securing Data Definition and Manipulation in Database Query Execution for Smart Data Management

Operational-Based Obfuscation for Securing Data Definition and Manipulation in Database Query Execution for Smart Data Management

연구 분야: Analysis

학회: 2024 International Conference on ICT for Smart Society (ICISS)

Indonesia has experienced several cases of data leaks that have caused the illegal spread of users' personal information in cyberspace. This has caused significant losses both to users who are victims of the data leak and to platforms attacked by hackers. The government has passed the Consumer Data Protection Act to ensure that every platform that stores sensitive user information implements clear security standards in protecting the data. Data leaks occur because hackers have successfully stolen stored data, both in databases and digital documents in local storage. Data that is successfully stolen by hackers can be easily distributed because there is no protection applied to the data. One method of protecting data is obfuscation. Obfuscation is changing the form of data into another form that can only be translated by authorized parties. By implementing obfuscation, it is hoped that the stored data will be safe even if it is successfully stolen because hackers will find it difficult to translate the data. In this paper, the author will develop an operational based text obfuscation method using a hashed secret as key so obfuscation can perform data masking in two ways: obfuscating and deobfuscating. It can be occupied by changing the value but not the structure of string by replacing every character in the value. This method allows database application, such as SQL, to perform full query such as data definition and manipulation.