Title :
Simple Dynamic Key Management in SQL Randomization
Author :
Mokhov, Serguei A. ; Li, Jian ; Wang, Lingyu
Author_Institution :
Fac. of Eng. & Comput. Sci., Concordia Univ., Montreal, QC, Canada
Abstract :
This work presents a simple key management scheme for dynamic SQL randomization based on the approach of the SNMPv3 key generation. The original SQL randomization technique based on keyed randomization proxies lacks a mechanism for managing and updating cryptographic keys, which renders the technique vulnerable to the exposure or theft of the keys. Our scheme provides a practical solution to remove such a weakness in the SQL randomization technique. The idea was conceived during the course of implementation of the Java Data Security Framework (JDSF) as a part of a database security and privacy project.
Keywords :
Java; SQL; cryptographic protocols; data privacy; Java Data Security Framework; SNMPv3 key generation; cryptographic key management; cryptographic key updating; database privacy; database security; dynamic SQL randomization; dynamic key management; key exposure; key theft; Application software; Computer science; Cryptography; Data privacy; Data security; Databases; Engineering management; Java; Middleware; Service oriented architecture;
Conference_Titel :
New Technologies, Mobility and Security (NTMS), 2009 3rd International Conference on
Conference_Location :
Cairo
Print_ISBN :
978-1-4244-4765-7
DOI :
10.1109/NTMS.2009.5384673
