NCI WEBSITE
NORMA eResearch @NCI Library

Designing the Architecture of an Efficient Cloud-based Data Security Posture Management System

Tools

Srivastava, Amiket Kumar (2023) Designing the Architecture of an Efficient Cloud-based Data Security Posture Management System. Masters thesis, Dublin, National College of Ireland.

[thumbnail of Master of Science]
Preview
 PDF (Master of Science)
Download (1MB) | Preview
[thumbnail of Configuration Manual]
Preview
 PDF (Configuration Manual)
Download (1MB) | Preview

Abstract

The rise in data processing and subsequent cloud adoption within the industry has raised fresh concerns about data security. Sensitive data exposure in leaks and breaches has become a regular occurrence nowadays leading to heavy monetary and reputational damages. We need to identify this sensitive data and apply strict security controls to protect it. Existing solutions like Cloud Security Posture Management system (CSPM) are cloud-centric which focus on perimeter security. Data security is usually a limited submodule which is costly to implement in these solutions. This leaves our systems vulnerable to data leaks and breaches. This paper proposes to design an efficient cloud-based Data Security Posture Management (DSPM) system which can identify sensitive Personal Identifiable Information (PII), calculate its risk of disclosure, assign sensitivity labels, and deliver cost-effective security controls. Using this vision, we implemented and evaluated the different components of our DSPM system through seven experiments where we, classified and ingested non-standard data-sources (improvement from its predecessor AURUM that required high expertise to ingest non-standard sources and external classification mechanism), implemented the principle of least privilege and geo-fencing, created dynamic data-masking rules and dynamic data-backups for tables, published residency compliance report and installed a self-hosted agent to automate workloads. Throughout our experiments, we observed high cost-effectiveness, efficiency, and potency for tackling data security problems. Our contribution involves deepening the understanding of data-related challenges and their effective resolution through the development of an efficient, data-centric cloud-based DSPM system. We believe that our research promotes data security within the open-source community.

Item Type: Thesis (Masters)
Supervisors:
Name
Email
Ayala-Rivera, Vanessa
UNSPECIFIED
Subjects: Q Science > QA Mathematics > Electronic computers. Computer science
T Technology > T Technology (General) > Information Technology > Electronic computers. Computer science
T Technology > T Technology (General) > Information Technology > Cloud computing
Q Science > QA Mathematics > Computer software > Computer Security
T Technology > T Technology (General) > Information Technology > Computer software > Computer Security
Divisions: School of Computing > Master of Science in Cyber Security
Depositing User: Ciara O'Brien
Date Deposited: 25 Apr 2025 09:50
Last Modified: 25 Apr 2025 09:50
URI: https://norma.ncirl.ie/id/eprint/7470

Actions (login required)

View Item View Item