A Novel Framework for Database Security Based on Mixed Cryptography

Author

Kadhem, Hasan ; Amagasa, Toshiyuki ; Kitagawa, Hiroyuki

Author_Institution

Grad. Sch. of Syst. & Inf. Eng., Dept. of Comput. Sci., Univ. of Tsukuba, Tsukuba

fYear

2009

fDate

24-28 May 2009

Firstpage

163

Lastpage

170

Abstract

Database security has become a vital issue in modern Web applications. Critical business data in databases is an evident target for attack. Therefore, ensuring the confidentiality, privacy and integrity of data is a major issue for the security of database systems. Recent high profile data thefts have shown that perimeter defenses are insufficient to secure sensitive data. This paper studies security of the databases shared between many parties from a cryptographic perspective. We propose mixed cryptography database (MCDB), a novel framework to encrypt databases over untrusted networks in a mixed form using many keys owned by different parties. The encryption process is based on a new data classification according to the data owner. The proposed framework is very useful in strengthening the protection of sensitive data even if the database server is attacked at multiple points from the inside or outside.

Keywords

cryptography; data integrity; data privacy; database management systems; pattern classification; Internet; data classification; data confidentiality; data integrity; data privacy; database security; encryption; mixed cryptography; sensitive data protection; untrusted network; Application software; Computer science; Computer security; Cryptography; Data privacy; Data security; Database systems; Information security; Protection; Web and internet services;

fLanguage

English

Publisher

ieee

Conference_Titel

Internet and Web Applications and Services, 2009. ICIW '09. Fourth International Conference on

Conference_Location

Venice/Mestre

Print_ISBN

978-1-4244-3851-8

Electronic_ISBN

978-0-7695-3613-2

Type

conf

DOI

10.1109/ICIW.2009.31

Filename

5072514