On Data Leakage from Non-production Systems

Cope, Jacqueline; Siewe, Francois; Chen, Feng; Maglaras, Leandros; Janicke, Helge

View/Open

Article02_ForSubmission4.docx (196.9Kb)

Date

2017-02

Author

Chen, Feng;

Metadata

Show attachments and full item record

Abstract

This study is an exploration of areas pertaining to the use of production data in non-production environments. During the software development lifecycle, non-production environments are used to serve various purposes to include unit, component, integration, system, user acceptance, performance and configuration testing. Organisations and third parties have been and are continuing to use copies of production data in non-production environments. This can lead to personal and sensitive data being accidentally leaked if appropriate and rigorous security guidelines are not implemented. This paper proposes a comprehensive framework for minimising data leakage from non-production environments. The framework was evaluated using guided interviews and was proven effective in helping organisation managing sensitive data in non-production environments.

Description

The file attached to this record is the author's final peer reviewed version. The Publisher's final version can be found by following the DOI link.

Citation : Cope, J. et al. (2017) On Data Leakage from Non-production Systems. Information and Computer Security, 25 (4), pp. 454-474

URI

http://hdl.handle.net/2086/13921

DOI

https://doi.org/10.1108/ICS-02-2017-0004

Research Group : Software Technology Research Laboratory (STRL)

Research Institute : Cyber Technology Institute (CTI)

Peer Reviewed : Yes

Collections

School of Computer Science and Informatics [3008]