Cryptography and relational database management systems

He, Jingsha; Wang, M.

doi:10.1109/ideas.2001.938095

Cited by 30 publications

(14 citation statements)

References 7 publications

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…It is complementary to access control and both of them should be used to guide the storage and access of confidential data in a database system. In [1,2,3,4], database encryption mechanism could provide the following security.…”

Section: Introductionmentioning

confidence: 99%

Fast query over encrypted character data in database

Dai

Shi

Wang

et al. 2004

Communications in Information and Systems

View full text Add to dashboard Cite

Abstract. There are a lot of very important data in database, which need to be protected from attacking. Cryptographic support is an important mechanism of securing them. People, however, must tradeoff performance to ensure the security because the operation of encryption and decryption greatly degrades query performance. To solve such a problem, an approach is proposed that can implement SQL query on the encrypted character data. When the character data are stored in the form of cipher, we not only store the encrypted character data, but also turn the character data into the characteristic values via a characteristic function, and store them in an additional field. When querying the encrypted character data, we apply the principle of two-phase query. Firstly, we implement a coarse query over the encrypted data in order to filter the records not related to the querying conditions. Secondly, we decrypt the rest records and implement a refined query over them again. Results of a set of experiments validate the functionality and usability of our approach.

show abstract

Section: Introductionmentioning

confidence: 99%

Fast query over encrypted character data in database

Dai

Shi

Wang

et al. 2004

Communications in Information and Systems

View full text Add to dashboard Cite

show abstract

“…The data are kept encrypted at the server and a client is granted access to subparts of them according to the decryption keys in its possession. Sophisticated variations of this basic model have been designed in different context, such as DSP [HIL02], database server security [HeW01], nonprofit and for-profit publishing [MiS03,BCF01,Med] and multilevel databases [AkT82,BZN01,RRN02]. These models differ in several ways: data access model (pulled vs. pushed), access right model (DAC, RBAC, MAC), encryption scheme, key delivery mechanism and granularity of sharing.…”

Section: Introductionmentioning

confidence: 99%

Client-Based Access Control Management for XML documents

Bouganim

Ngoc

Pelletier

2004

Proceedings 2004 VLDB Conference

View full text Add to dashboard Cite

The erosion of trust put in traditional database servers and in Database Service Providers, the growing interest for different forms of data dissemination and the concern for protecting children from suspicious Internet content are different factors that lead to move the access control from servers to clients. Several encryption schemes can be used to serve this purpose but all suffer from a static way of sharing data. With the emergence of hardware and software security elements on client devices, more dynamic client-based access control schemes can be devised. This paper proposes an efficient client-based evaluator of access control rules for regulating access to XML documents. This evaluator takes benefit from a dedicated index to quickly converge towards the authorized parts of apotentially streaming -document. Additional security mecanisms guarantee that prohibited data can never be disclosed during the processing and that the input document is protected from any form of tampering. Experiments on synthetic and real datasets demonstrate the effectiveness of the approach.

show abstract

“…Database security is a wide research area [26,23] and includes topics such as statistical database security [21], intrusion detection [34], and most recently privacy preserving data mining [22], and related papers in designing information systems that protect the privacy and ownership of individual information while not impeding the flow of information, include [22,23,24,25]. Prior work [7] [2] does not address the critical issue of performance. But in this work, we have addressed and evaluated the most critical issue for the success of encryption in databases, performance.…”

Section: Introductionmentioning

confidence: 99%

Database Encryption - How to Balance Security with Performance

Mattsson¹

2005

SSRN Journal

View full text Add to dashboard Cite

Encryption can provide strong security for data at rest, but developing a database encryption strategy must take many factors into consideration. Organizations must balance between the requirement for security and the desire for excellent performance. Encryption at the database level, versus application level and file level has proved to be the ideal method to protect sensitive data and deliver performance. There are a multitude of architectures and techniques to improve performance: the alternatives fall into two broad categories -alternative topologies to decrease encryption overhead and techniques to limit the number of encryption operations. In addition, performance and security, in real-world scenarios, are complex issues and experts should be used who understand all available options and the impact for each particular customer environment. Every organization must protect sensitive data or suffer potential legislative, regulatory, legal and brand consequences. Relying on perimeter security and database access control does not provide adequate security. Packaged database encryption solutions have proven to be the best alternative to protect sensitive data. This is a specialized and complex solution area and if internal resources don't have the cryptography expertise in relation to IT environment, outside expertise should be used to ensure superior performance. This paper reviews the performance aspects of three dominant topologies for database encryption.

show abstract

Cryptography and relational database management systems

Cited by 30 publications

References 7 publications

Fast query over encrypted character data in database

Fast query over encrypted character data in database

Client-Based Access Control Management for XML documents

Database Encryption - How to Balance Security with Performance

Contact Info

Product

Resources

About