RESEARCH OF POTENTIAL DATA LEAKS IN INFORMATION AND COMMUNICATION SYSTEMS ДОСЛІДЖЕННЯ ПОТЕНЦІЙНИХ ВИТОКІВ ДАНИХ В ІНФОРМАЦІЙНИХ І КОМУНІКАЦІЙНИХ СИСТЕМАХ

Result code in IS VaVaI

<a href="https://www.isvavai.cz/riv?ss=detail&h=RIV%2F68407700%3A21230%2F22%3A00362719" target="_blank" >RIV/68407700:21230/22:00362719 - isvavai.cz</a>

Result on the web

<a href="https://doi.org/10.32620/reks.2022.4.05" target="_blank" >https://doi.org/10.32620/reks.2022.4.05</a>

DOI - Digital Object Identifier

<a href="http://dx.doi.org/10.32620/reks.2022.4.05" target="_blank" >10.32620/reks.2022.4.05</a>

Result language

angličtina

Original language name

RESEARCH OF POTENTIAL DATA LEAKS IN INFORMATION AND COMMUNICATION SYSTEMS ДОСЛІДЖЕННЯ ПОТЕНЦІЙНИХ ВИТОКІВ ДАНИХ В ІНФОРМАЦІЙНИХ І КОМУНІКАЦІЙНИХ СИСТЕМАХ

Original language description

This article discusses the problem of ensuring the protection of user data in information systems. It is shown that classic information systems are represented by stationary and mobile communication devices focused on data exchange with digital space. The fundamental principles of user data exchange in the digital space are considered. It has been established that leading technology IT corporations collect data from user communication devices. It is shown that the organization of data collection is carried out by redirecting the DNS traffic of the communication device to the DNS servers of IT corporations, followed by its encryption using the DoH protocol. This makes it impossible for authorized services and departments of national states to control the users’ DNS traffic and ensures the monopoly position of IT corporations in the global digital market for collecting and analyzing user data. It is shown that the collection of user data is carried out with the aim of further monetization and influencing decisions made by users. DNS traffic of devices for communication with the digital space of the Internet is fixed. An audit of the recorded DNS traffic was performed, and as a result, specialized Internet resources were identified to be responsible for collecting and processing user data. It has been proved that the identified specialized Internet resources belong to IT corporations. Methods of identification of communication devices in digital space were considered. It is shown that the identification of communication devices is based on the collection of a unique set of data from each communication device. Based on each unique data set, a digital fingerprint of the communication device is formed, which is used for its further identification in the digital space. These approaches allow organizing protection against user data collection in information systems. Software and hardware implementations for protection against data collection from communication devices are proposed. It has been experimentally established that the combined use of the proposed software and hardware models provides the most effective protection against data collection from communication devices and does not affect the functionality of information systems.

Czech name

—

Czech description

—

Type

J_SC - Article in a specialist periodical, which is included in the SCOPUS database

CEP classification

—

OECD FORD branch

10201 - Computer sciences, information science, bioinformathics (hardware development to be 2.2, social aspect to be 5.8)

Project

—

Continuities

I - Institucionalni podpora na dlouhodoby koncepcni rozvoj vyzkumne organizace

Publication year

2022

Confidentiality

S - Úplné a pravdivé údaje o projektu nepodléhají ochraně podle zvláštních právních předpisů

Name of the periodical

Radioelectronic and Computer Systems

ISSN

1814-4225

e-ISSN

—

Volume of the periodical

2022

Issue of the periodical within the volume

4

Country of publishing house

UA - UKRAINE

Number of pages

21

Pages from-to

64-84

UT code for WoS article

—

EID of the result in the Scopus database

2-s2.0-85146916282