Михайло Олексійович Колпаков, Андрій Борисович Петренко
{"title":"Scaling and enhancing data protection for web application data in accordance with PCI DSS, HIPAA/HITECH, FEDRAMP standards","authors":"Михайло Олексійович Колпаков, Андрій Борисович Петренко","doi":"10.18372/2410-7840.20.13423","DOIUrl":null,"url":null,"abstract":"The increase in the number of information web resources is due to the development of technologies for interaction with information, accessibility and ease of use for the consumer, opportunities for automating business processes, saving resources and time for providing services for entrepreneurs. In this paper, an integrated approach is considered regarding the implementation of the mechanisms for solving the above problems in accordance with the requirements of the standards of PCI DSS, HIPAA / HITECH, FEDRAMP. An effective approach for integrating the Amazon S3 cloud storage into web applications written in the Java programming language is proposed. The step-by-step guide to web services implementation will not only effectively scale and protect product data, but also significantly extend the functionality of the web application, use internal analytical tools to monitor user activity, generate reports based on aggregated statistics. The step-by-step guide for integration of web services will not only allow effectively to scale and protect product data, but also significantly expand the functionality of the web application, to use internal analytical tools for monitoring user activity, to generate reports based on collected statistics. The mathematical model of the AES encryption algorithm, implemented in the Amazon cloud environment, is considered to explain the feasibility and relevance of its use. A graph of comparing the speed of the most current encryption algorithms based on the data obtained by conducting research on measuring the amount of time spent on encryption at different data volumes was constructed. This approach will allow software products to meet the requirements of the EU and FISMA data protection directives, improve data scaling by accessibility zones and regions, and enhance data protection through internal Amazon mechanisms such as access control, auditing, network firewall, server-side encryption and the encryption key management infrastructure.","PeriodicalId":378015,"journal":{"name":"Ukrainian Information Security Research Journal","volume":"162 8-12","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2018-12-21","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Ukrainian Information Security Research Journal","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.18372/2410-7840.20.13423","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 0
Abstract
The increase in the number of information web resources is due to the development of technologies for interaction with information, accessibility and ease of use for the consumer, opportunities for automating business processes, saving resources and time for providing services for entrepreneurs. In this paper, an integrated approach is considered regarding the implementation of the mechanisms for solving the above problems in accordance with the requirements of the standards of PCI DSS, HIPAA / HITECH, FEDRAMP. An effective approach for integrating the Amazon S3 cloud storage into web applications written in the Java programming language is proposed. The step-by-step guide to web services implementation will not only effectively scale and protect product data, but also significantly extend the functionality of the web application, use internal analytical tools to monitor user activity, generate reports based on aggregated statistics. The step-by-step guide for integration of web services will not only allow effectively to scale and protect product data, but also significantly expand the functionality of the web application, to use internal analytical tools for monitoring user activity, to generate reports based on collected statistics. The mathematical model of the AES encryption algorithm, implemented in the Amazon cloud environment, is considered to explain the feasibility and relevance of its use. A graph of comparing the speed of the most current encryption algorithms based on the data obtained by conducting research on measuring the amount of time spent on encryption at different data volumes was constructed. This approach will allow software products to meet the requirements of the EU and FISMA data protection directives, improve data scaling by accessibility zones and regions, and enhance data protection through internal Amazon mechanisms such as access control, auditing, network firewall, server-side encryption and the encryption key management infrastructure.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
