Towards an Efficient Log Data Protection in Software Systems through Data Minimization and Anonymization

DC FieldValueLanguage
dc.contributor.authorPortillo Dominguez, Andres Omar-
dc.contributor.authorAyala-Rivera, Vanessa-
dc.date.accessioned2021-07-23T15:47:20Z-
dc.date.available2021-07-23T15:47:20Z-
dc.date.copyright2019 IEEEen_US
dc.date.issued2019-10-25-
dc.identifier.isbn978-1-7281-2524-4-
dc.identifier.urihttp://hdl.handle.net/10197/12346-
dc.descriptionThe 2019 7th International Conference in Software Engineering Research and Innovation (CONISOFT), Mexico City, Mexico, 23 -25 October 2019en_US
dc.description.abstractIT infrastructures of companies generate large amounts of log data every day. These logs are typically analyzed by software engineers to gain insights about activities occurring within a company (e.g., to debug issues exhibited by the production systems). To facilitate this process, log data management is often outsourced to cloud providers. However, logs may contain information that is sensitive by nature and considered personal identifiable under most of the new privacy protection laws, such as the European General Data Protection Regulation (GDPR). To ensure that companies do not violate regulatory compliance, they must adopt, in their software systems, appropriate data protection measures. Such privacy protection laws also promote the use of anonymization techniques as possible mechanisms to operationalize data protection. However, companies struggle to put anonymization in practice due to the lack of integrated, intuitive, and easy-to-use tools that accommodate effectively with their log management systems. In this paper, we propose an automatic approach (SafeLog) to filter out information and anonymize log streams to safeguard the confidentiality of sensitive data and prevent its exposure and misuse from third parties. Our results show that atomic anonymization operations can be effectively applied to log streams to preserve the confidentiality of information, while still allowing to conduct different types of analysis tasks such as users behavior, and anomaly detection. Our approach also reduces the amount of data sent to cloud vendors, hence decreasing the financial costs and the risk of overexposing information.en_US
dc.language.isoenen_US
dc.publisherIEEEen_US
dc.relation.ispartofJuárez-Ramírez, R., Fernández y Fernández, C., Jiménez, S., Ramírez-Noriega, A., Pérez González, H., Licea Sandoval, G., Guerra-García, C. (eds.). 2019 7th International Conference in Software Engineering Research and Innovation (CONISOFT), Mexico City, Mexico, 23-25 October 2019: Proceedingsen_US
dc.rights© 2019 IEEE. Personal use of this material is permitted. Permission from IEEE must be obtained for all other uses, in any current or future media, including reprinting/republishing this material for advertising or promotional purposes, creating new collective works, for resale or redistribution to servers or lists, or reuse of any copyrighted component of this work in other works.en_US
dc.subjectData privacyen_US
dc.subjectData protectionen_US
dc.subjectSoftware engineeringen_US
dc.titleTowards an Efficient Log Data Protection in Software Systems through Data Minimization and Anonymizationen_US
dc.typeConference Publicationen_US
dc.internal.authorcontactotherandres.portillodominguez@ucd.ieen_US
dc.internal.webversionshttp://conisoft.org/2019/-
dc.statusPeer revieweden_US
dc.identifier.doi10.1109/conisoft.2019.00024-
dc.neeo.contributorPortillo Dominguez|Andres Omar|aut|-
dc.neeo.contributorAyala-Rivera|Vanessa|aut|-
dc.date.updated2020-07-08T17:55:24Z-
dc.rights.licensehttps://creativecommons.org/licenses/by-nc-nd/3.0/ie/en_US
item.fulltextWith Fulltext-
item.grantfulltextopen-
Appears in Collections:Computer Science Research Collection
Files in This Item:
 File SizeFormat
Downloadaportillod_CONISOFT_2019.pdf623.89 kBAdobe PDF
Show simple item record

Page view(s)

202
Last Week
4
Last month
17
checked on Oct 22, 2021

Download(s)

21
checked on Oct 22, 2021

Google ScholarTM

Check

Altmetric


If you are a publisher or author and have copyright concerns for any item, please email research.repository@ucd.ie and the item will be withdrawn immediately. The author or person responsible for depositing the article will be contacted within one business day.