GHANA JOURNAL OF TECHNOLOGY

Modern market practices encourage organizations to outsource data management responsibilities of key data-driven processes to third-party service providers. A major challenge that confronts organizations that embrace this philosophy is how to detect leakage of outsourced data. This study proposes a robust approach for establishing the provenance of organizational data leakage. Specifically, a three-stage approach is developed. Firstly, dataset to be outsourced is transformed to make it unique. The uniqueness of the dataset is achieved by subjecting it to a composite of three techniques namely smart distribution, addition of fake objects and application of transposition encoding. Secondly, when leakage occurs, an effective how and where data lineage technique is used by a detection model to establish the occurrence of leakage. Finally, the leakage source is traced using the guilt assessment model which consists of the probabilistic, transposition key and fake object tests. The proposed approach is evaluated using real-world credit card datasets. The results obtained from the leakage scenarios showed 100% confidence in detecting leakages and identifying the culpable agent of leakage.

Data leakage · Data allocation · Agent Guilt Assessment · Relational Database

Agrawal, R. and Kiernan, J. [2002], Watermarking relational databases, in ‘Proceedings of the

th International Conference on Very Large Data Bases’, VLDB ’02, VLDB Endowment, pp.

–166.

Buneman, P., Khanna, S. and Wang-Chiew, T. [2001], Why and where: A characterization of

data provenance, in J. Van den Bussche and V. Vianu, eds, ‘Database Theory — ICDT

’, Springer Berlin Heidelberg, Berlin, Heidelberg, pp. 316–330