Challenges and Security Vulnerabilities to Impact on Database Systems

Hashim, Hassan B.

doi:10.23851/mjs.v29i2.332

Cited by 10 publications

(8 citation statements)

References 5 publications

(13 reference statements)

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…Table 4 shows the encryption test results of the 6 columns of the "agent" table deploying the model (1). Likewise, in the model (2) implementation, one encryption key of the table "agent" has protected with a single Km generated using this model. Then, this protection was tested using the model (B).…”

Section: Resultsmentioning

confidence: 99%

“…Database (DB) level encryption is a way to encrypt and decrypt data within the Database Management System (DBMS) using keys held by the DB server [1]. In fact, this encryption model offers major advantages, in particular, those related to the security of the encryption keys against external attacks performed outside the information system [2,3]. Though the probability of the administrator attack is not negligible, he owns large privileges on DB.…”

Section: Introductionmentioning

confidence: 99%

“…The DB encryption using model(2) and (B).Algo4CREATE OR REPLACE TRIGGER Insert_Model_2 BEFORE INSERT ON agent FOR EACH ROW DECLARE KT varchar2(100); BEGIN /* Generating Km and seeking KT for each column from MYTABLE_ENCRYPT_OBJET*/ KT :=Search_Ecrypt_Key( 'agent'); /* Inserting in table "agent"*/ INSERT INTO agent VALUES (Encrypt_AES256 (KT,:new.idf_agent), Encrypt_AES256 (KT,:new.name_agt), Encrypt_AES256 (KT,:new.Dose_interne_agt), Encrypt_AES256 (KT,:new.Dose_superficielle_agt), Encrypt_AES256 (KT,:new.Dose_profonde_agt), Encrypt_AES256 (KT,:new.Catégorie_agt)); End ; END ;…”

mentioning

confidence: 99%

“…table "agent" by deploying the model(2).• The results presented in tables 2 and 3 shows the keys generation when the "agent" table is created by the administrator. In table 2, the columns C3_KEY and C4_MASTERKEY represents, respectively, the encryption key generated of each column and its associated Km.…”

mentioning

confidence: 99%

See 3 more Smart Citations

New Solution Implementation to Protect Encryption Keys Inside the Database Management System

Bouchti¹,

Ziti²,

Omary³

et al. 2020

Adv. sci. technol. eng. syst. j.

View full text Add to dashboard Cite

Due to the attacks' growth on sensitive databases by deploying advanced tools, beyond access control and authentication mechanisms, the database encryption remains a useful and effective way to ensure robust security of data stored within it. Any database encryption solution is based on a specific encryption model that determines how data is encrypted inside it. A relevant database encryption model must necessarily adopt a strong security policy of data encryption keys. It determines how these keys are generated, stored, and protected. In this work, we will implement an original solution that protects the encryption keys when encrypting data occurred at the Database Management System level. Our solution suggests protecting the keys by their encryption with other ones named Master Keys, which are generated according to the encryption granularity defined by the database encryption model. The proposed solution protects the keys of two database encryption models: at the level of the columns and the level of tables.

show abstract

Section: Resultsmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

mentioning

confidence: 99%

mentioning

confidence: 99%

See 2 more Smart Citations

New Solution Implementation to Protect Encryption Keys Inside the Database Management System

Bouchti¹,

Ziti²,

Omary³

et al. 2020

Adv. sci. technol. eng. syst. j.

View full text Add to dashboard Cite

show abstract

“…Recently, it has been the subject of several debates and studies by experts and researchers in the data security field. The main purpose is to protect sensitive data against unavailability, leakage, and modification face to attackers' threats [9], [21], [22].…”

Section: Introductionmentioning

confidence: 99%

A New Solution to Protect Encryption Keys when Encrypting Database at the Application Level

Bouchti¹,

Ziti²,

Omary³

et al. 2020

IJACSA

View full text Add to dashboard Cite

Encrypting databases at the application level (client level) is one of the most effective ways to secure data. This strategy of data security has the advantage of resisting attacks performed by the database administrators. Although the data and encryption keys will be necessarily stored in the clear on the client level, which implies a problem of trust viz-a-viz the client since it is not always a trusted site. The client can attack encryption keys at any time. In this work, we will propose an original solution that protects encryption keys against internal attacks when implementing database encryption at the application level. The principle of our solution is to transform the encryption keys defined in the application files into other keys considered as the real keys, for encryption and decryption of the database, by using the protection functions stored within the database server. Our proposed solution is considered as an effective way to secure keys, especially if the server is a trusted site. The solution implementation results displayed better protection of encryption keys and an efficient process of data encryption /decryption. In fact, any malicious attempt performed by the client to hold encryption keys from the application level cannot be succeeded since the real values of keys are not defined on it.

show abstract

Blockchain-Based Secured Estate Property Registration System: Baghdad Estate Registration as a Case Study

Al-dulaimy,

Alsaad

2024

Lecture Notes in Networks and Systems

View full text Add to dashboard Cite

Challenges and Security Vulnerabilities to Impact on Database Systems

Cited by 10 publications

References 5 publications

New Solution Implementation to Protect Encryption Keys Inside the Database Management System

New Solution Implementation to Protect Encryption Keys Inside the Database Management System

A New Solution to Protect Encryption Keys when Encrypting Database at the Application Level

Blockchain-Based Secured Estate Property Registration System: Baghdad Estate Registration as a Case Study

Contact Info

Product

Resources

About