23Ağu
Security measures with JSONs watermarking and such
I have an interesting problem to tackle, let's say we have different clients for an app that we serve some JSON documents. If, perchance, some leak happens I'd like to know from which client the leak happened, knowing that we have like a client ID for each client, what we can add to a JSON, such that we would not vary the data so much and it will also not be extra visibile to the attacker that it is actually a identity mechanism. Ideas I've come up with are:
- Using different spaces in JSONs for each client, but that would fall because if you do something during the processing of that JSON and forget to keep the spacing then the whole mechanism breaks, or even if you're the attacker and do a strip on the spaces.
- We can add new fields, we can and we might try but they're probably going to be the first ones that will be deleted by the attacker if a leak happens.
- We can variate the data slightly but it's not really feasible in this case because you would know, they are some text documents.
- We have some publish date on the documents that we could vary, but again, not so much maybe 1min +/- we can play around with that.
What other ways do you think I could use?
EDIT: Found this [1] paper that looks oddly specific of what I would need.
[1] https://jivp-eurasipjournals.springeropen.com/articles/10.1186/s13640-020-00500-y
