METHOD OF DATA DEPERSONALIZATION IN PROTECTED AUTOMATED INFORMATION SYSTEMS

Authors

  • A. G. Spevakov Southwest State University, Kursk, Russian Federation
  • S. V. Spevakova Southwest State University, Kursk, Russian Federation
  • D. V. Primenko Southwest State University, Russian Federation

DOI:

https://doi.org/10.15588/1607-3274-2020-1-16

Keywords:

Depersonalization, personal data, hash identifier, hash algorithm, private key, information system.

Abstract

Context. The problem of data depersonalization in information systems is considered. The analysis of modern approaches to depersonalization of data is carried out, it is revealed and proved by need of creation of the new method allowing to increase security of the processed data and their reliability. The object of the study was a model of data depersonalization, allowing to reduce the cost of protecting information systems. 

Objective. The goal of the work is the analysis of modern methods of depersonalization and the creation of a method that eliminates the identified shortcomings, with an increased level of confidentiality and use of hashing of critical data and a private key.

Method. A method of personal data depersonalization is proposed, based on the method of entering identifiers using hashing of critical data and a private key, which allows to increase the confidentiality of information processed in information systems. Methods are proposed for selecting key critical attributes from primary documents that uniquely identify the subject of personal data, the method of generating initial sets, which divides the source data into two disjoint subsets, the method of generating a hash identifier from a unique sequence and a private key that depersonalizes information and enhances its confidentiality.

Results. The developed method is implemented in software and researched while solving the problems of depersonalization.

Conclusions. The carried out experiments confirmed the efficiency of the proposed method and allow to recommend it for implementation in automated information systems for processing personal data for solving problems of depersonalization. Prospects for further research may be in the creation of hardware streamlined data depersonalization allowing to increase the speed of processing and confidentiality of data in the information systems. 

Author Biographies

A. G. Spevakov, Southwest State University, Kursk

PhD, Associate Professor of the Information Security Department

S. V. Spevakova, Southwest State University, Kursk

Post-graduate student of the Computer Science Department

D. V. Primenko, Southwest State University

Post-graduate student of the Computer Science Department

References

Rodichev Yu. A. Normativnaya baza i standarty v oblasti informacionnoj bezopasnosti. Sankt-Peterburg, Izdatel’skij dom «Piter», 2018, 255 p.

Sychev Yu. V. Standarty informacionnoj bez-opasnosti. Zashchita i obrabotka konfidencial’nyh dokumentov. Saratov, Vuzovskoe obrazovanie, 2019, 223 p.

The Convention for the protection of individuals with regard to automatic processing of personal data is a 1981 Council of Europe [Electronic resource]. Access mode: https://www.coe.int/en/web/conventions/full-list//conventions/rms/0900001680078b37.

Regulation (EU) 2016/679 of the European parliament and of the council GDPR(General Data Protection Regulations) [Electronic resource]. Access mode: https://ogdpr.eu/en/gdpr-2016679.

Prikaz Roskomnadzora ot 05.09.2013 № 996 «Ob utverzhdenii trebovanij i metodov po obezlichi-vaniyu personal’nyh dannyh». [Elektronnyj resurs]. Rezhim dostupa: http://www.consultant.ru/document/cons_doc_LAW_151882/

Kalutskiy I. V., Shumailova V. A. , Nikulin D. A. et all. Depersonalization of personal data during processing of information in automated systems, Telecommunications, 2016, No. 10, pp. 16–20.

Spevakova S. V., Primenko D. V. A method of personal data depersonalization in automated systems, Conference: Optoelectronic devices in pattern recognition systems, image processing and symbol information. Recognition – 2017, Kursk, 16–17 May 2017, proceeding. Kursk, UZGY, 2017, pp. 330–333.

Dobritsa V. P., Gubarev A. A. Algorithm of exclusive transformation of data, News of the Kursk State Technical University, 2010, No. 1 (30), pp. 49–54.

Vishnyakova O. A., Lavrov D. N. Format obmena dannymi v sisteme sbora i obrabotki biometricheskih obrazcov, Informacionnye resursy v obrazovanii: mater. mezhdunar. nauch.-prakt. konf. Nizhnevartovsk, Izdatel’stvo Nizhnevart. gos. un-ta, 2013, pp. 146–149.

Volokitina E. S. Metod i algoritmy garantiro-vannogo obezlichivaniya i reidentifikacii sub’ekta personal’nyh dannyh v avtomatizirovannyh informacionnyh sistemah: dis. kand. tekhn. nauk. Sankt-Peterburg, Izdatel’stvo Sankt-Peterburgskogo nac. issled. un-ta informacionnyh tekhnologij, mekhaniki i optiki, 2013, 183 p.

Kuchin I. Yu. Obrabotka baz dannyh s personifi-cirovannoj informaciej dlya zadach obezlichivaniya i poiska zakonomernostej: dis. … kand. tekhn. nauk. Astrahan’, Izdatel’stvo Astrah. gos. tekhn. un-ta, 2012, 132 p.

Bondarenko K. O., Kozlov V. A. Universal’nyj bystrodejstvuyushchij algoritm procedur obezlichivaniya dannyh, Izv. YuFU. Tekhnicheskie nauki. Rostov/n/D, Izdatel’stvo YuFU, 2015, No. 11 (172), pp. 130–142.

Trifonova Yu. V., Zharinov R. F. Vozmozhnosti obezlichivaniya personal’nyh dannyh v sistemah, ispol’zuyushchih relyacionnye bazy dannyh, Doklady TUSUR, 2014, No. 2 (32), pp. 188–194.

Azhmuhamedov I. M., Demina R. Yu., Safarov I. V. Sistemnyj podhod k obespecheniyu konfidencial’nosti obezlichennyh personal’nyh dannyh v uchrezhdeniyah zdravoohraneniya, Sovremennye problemy nauki i obrazovaniya, 2015, No. 1–1 [Elektronnyj recurs]. Rezhim dostupa: http://www.scienceeducation.ru/ru/article/view?id=18610.

Bertoni G., Daemen J., Peeters M., Van G. Keccak code package [Electronic resource]. Access mode: https://github.com/gvanas/KeccakCodePackage

/[ Huang S., Xu G., Wang M., et all Conditional cube attack on reduced-round Keccak sponge function Annual International Conference on the Theory and Applications of Cryptographic Techniques, Paris, France, April 30–May 4, 2017, proceedings. Part II, 2017, P. 259–288.

Guo J., Liu M., Song L. Linear structures: Applications to cryptanalysis of round-reduced Keccak, International Conference on the Theory and Application of Cryptology and Information Security. Hanoi, Vietnam, December 4–8, 2016, proceedings. Part I, pp. 249– 274.

Jeethu J., Karthikab R., Nandakumarb R. Design and characterization of SHA 3–256 Bit IP core, International conference on emerging trends in engineering, science and technology, ICETEST, 2015, Vol. 24, pp. 918–924.

Dinur I., Morawiecki P., Pieprzyk J. et all. Cube attacks and cube-attack-like cryptanalysis on the round-reduced Keccak sponge function, Eurocrypt: Annual International Conference on the Theory and Applications of Cryptographic Techniques Sofia. Bulgaria, April 26–30, 2015, proceedings, Part I, pp. 733–761.

Nozdrina A. A., Spevakov A. G., Primenko D. V.; Patent RF 2636106, MPK G06F 12/14, G06F 12/14. Sposob depersonalizacii personal’nyh dannyh/ zayavitel’ Yugo-Zapadnyj gosudarstvennyj universitet. № 2016126867; zayavl. 04.07.2016; opubl. 04.07.2016; Byul. № 32, 4 p.

Dobraunig C. Analysis of SHA-512/224 and SHA512/256 / C. Dobraunig, M. Eichlseder, F. Mende // International Conference on the Theory and Application of Cryptology and Information Security, Auckland, New Zealand, November 29 – December 3, 2015: proceedings. Part I, pp. 612–630.

Song L., Liao G., Guo J. Non-full sbox linearization: Applications to collision attacks on round-reduced Keccak, Annual International Cryptology Conference. Santa Barbara, CA, USA, August 20–24, 2017, proceedings. Part II, pp. 428–451.

Nabeel S., Munqath H. Anti-continuous collisions user based unpredictable iterative password salted hash encryption, International Journal of Internet Technology and Secured Transactions, 2018, Vol. 8, No. 4, pp. 619–634.

Barakat M., Eder Ch., Hanke T. An Introduction to Cryptography, [Electronic resource]. Access mode: https://www.mathematik.unikl.de/~ederc/download/Cryptography.pdf

Downloads

How to Cite

Spevakov, A. G., Spevakova, S. V., & Primenko, D. V. (2020). METHOD OF DATA DEPERSONALIZATION IN PROTECTED AUTOMATED INFORMATION SYSTEMS. Radio Electronics, Computer Science, Control, (1), 162–168. https://doi.org/10.15588/1607-3274-2020-1-16

Issue

No. 1 (2020): Radio Electronics, Computer Science, Control

Section

Progressive information technologies

License

Copyright (c) 2020 A. G. Spevakov, S. V. Spevakova, D. V. Primenko

Creative Commons License

This work is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.

Creative Commons Licensing Notifications in the Copyright Notices

The journal allows the authors to hold the copyright without restrictions and to retain publishing rights without restrictions.

The journal allows readers to read, download, copy, distribute, print, search, or link to the full texts of its articles.

The journal allows to reuse and remixing of its content, in accordance with a Creative Commons license СС BY -SA.

Authors who publish with this journal agree to the following terms:

  • Authors retain copyright and grant the journal right of first publication with the work simultaneously licensed under a Creative Commons Attribution License CC BY-SA that allows others to share the work with an acknowledgement of the work's authorship and initial publication in this journal.

  • Authors are able to enter into separate, additional contractual arrangements for the non-exclusive distribution of the journal's published version of the work (e.g., post it to an institutional repository or publish it in a book), with an acknowledgement of its initial publication in this journal.

  • Authors are permitted and encouraged to post their work online (e.g., in institutional repositories or on their website) prior to and during the submission process, as it can lead to productive exchanges, as well as earlier and greater citation of published work.