CloudDLP: Transparent and scalable data sanitization for browser-based cloud storage

Abstract

Browser-based cloud storage services are still broadly used in enterprises for online sharing and collaboration. However, sensitive information in images or documents may be easily leaked outside trusted enterprise on-premises due to such cloud services. Existing solutions to prevent data leakage in cloud storage services either limit many functionalities of cloud applications or are difficult to be scaled to various cloud applications. In this paper, we propose CloudDLP, a transparent and scalable approach for enterprises to automatically sanitize sensitive data in images and documents with various browser-based cloud applications. CloudDLP is deployed as an internet gateway within the premises of an enterprise using JavaScript injecting techniques and deep learning methods to sanitize sensitive premise data. It neither compromises the user experience nor significantly affects application functionalities in browser-based cloud storage services. We have evaluated CloudDLP with a number of real-world cloud applications. Our experimental results show that it can achieve automatic data sanitization with cloud storage services while preserving most functionalities of cloud applications.