Security and Data Privacy in Redux Stores
DOI:
https://doi.org/10.63282/3050-9262.IJAIDSML-V4I4P117Keywords:
Redux, Data Privacy, Security, Web Development, State Management, JavaScript, Encryption, Authentication, Data Leakage, Front-End SecurityAbstract
In large-scale web applications, Redux has essentially become the main tool for managing state in a predictable way, thus, developers can easily handle complex data flows. On the other hand, with front-end applications handling more and more sensitive data, the question of how to ensure the security and privacy of data stored in Redux has, by far, become the most important issue. This research identifies the different risks that come with improperly managing the state, such as, for example, unauthorized data exposure, session hijacking, and tampering with confidential information. The goal is first and foremost to find out the vulnerabilities in Redux-based architectures and then come up with easy-to-implement privacy-preserving techniques to counteract them.Our plan of action is to combine secure coding practices, encryption of state, authentication layers, and controlled access mechanisms so as to upgrade the resistance of client-side state management to attacks. An in-depth case study shows how these measures can be put into practice in a typical web application, thus, proving that they can be efficient in protecting user data without causing a drop in performance or developer productivity. Results show that despite structural advantages given by Redux in managing state, security issues arise due to its openness, i.e. intentional security design is necessary to avoid data leakage and ensure user trust. The main points of this paper are encryption, token-based authentication, and minimum persistence of sensitive information, thus, the work sets the pace for developers to secure Redux stores in line with contemporary data protection standards.
References
[1] Gregorczuk, Helen. "Retail analytics: Smart-stores saving bricks-and-mortar retail or a privacy problem?." Law, Technology and Humans 4.1 (2022): 63-78.
[2] Engberg, Stephan J., Morten Borup Harning, and Christian Damsgaard Jensen. "Zero-knowledge Device Authentication: Privacy & Security Enhanced RFID preserving Business Value and Consumer Convenience." PST. 2004.
[3] Gunawardena, Ruchira Sandaruwan. "Dynamic Access Control Techniques and Their Role in Preserving Data Confidentiality in Multi-Cloud Retail Solutions." Journal of Computational Intelligence for Hybrid Cloud and Edge Computing Networks 6.12 (2022): 12-22.
[4] Parakala, Adityamallikarjunkumar, and Jyothirmay Swain. "AI‑Powered Intelligent Automation Emerges." International Journal of Artificial Intelligence, Data Science, and Machine Learning 3.4 (2022): 96-106.
[5] Chatterjee, Sheshadri, Ranjan Chaudhuri, and Demetris Vrontis. "Examining the global retail apocalypse during the COVID-19 pandemic using strategic omnichannel management: A consumers’ data privacy and data security perspective." Journal of Strategic Marketing 29.7 (2021): 617-632.
[6] Culnan, Mary J., and Cynthia Clark Williams. "How ethics can enhance organizational privacy: lessons from the choicepoint and TJX data breaches." MIS quarterly (2009): 673-687.
[7] Rabin, Robert L. "Perspectives on Privacy, Data Security and Tort Law." DePaul L. Rev. 66 (2016): 313.
[8] Kuner, Christopher, et al. "Systematic Government Access to Private-Sector Data Redux." International Data Privacy Law 4.1 (2014): 1-3.
[9] Espinosa, J. Alberto, et al. "Big data redux: New issues and challenges moving forward." (2019).
[10] Smith, Bryan, William Yurcik, and David Doss. "Ethical hacking: the security justification redux." IEEE 2002 International Symposium on Technology and Society (ISTAS'02). Social Implications of Information and Communication Technology. Proceedings (Cat. No. 02CH37293). IEEE, 2002.
[11] Parakala, Adityamallikarjunkumar, and Srinivas Achanta. "Transforming Government Workflows with AI-Driven RPA." International Journal of AI, BigData, Computational and Management Studies 3.4 (2022): 82-92.
[12] Alsulbi, Khalil, et al. "Big data security and privacy: A taxonomy with some HPC and blockchain perspectives." International Journal of Computer Science & Network Security 21.7 (2021): 43-55.
[13] Florian, Martin, et al. "Erasing data from blockchain nodes." 2019 IEEE European Symposium on Security and Privacy Workshops (EuroS&PW). IEEE, 2019.
[14] Beales III, J. Howard, and Timothy J. Muris. "FTC Consumer Protection at 100: 1970s Redux or Protecting Markets to Protect Consumers." Geo. Wash. L. Rev. 83 (2014): 2157.
[15] Kharel, Utsab. "Evolution of Mobile Wireless Communication Networks to 5G Revolution." (2022).
[16] Dao, Quan. "Data Annotation and Management tool." (2022).
[17] Homescu, Andrei, et al. "Large-scale automated software diversity—program evolution redux." IEEE Transactions on Dependable and Secure Computing 14.2 (2015): 158-171.
[18] Vemula, V. R., & Intalent, L. L. C. (2022). Blockchain Beyond Cryptocurrencies: Securing IoT Networks with Decentralized Protocols.
