A Practical Implementation of Transparent Encryption and Separation of Duties in Enterprise Databases: Protection against External and Internal Attacks on Databases

Mattsson, Ulf T.

doi:10.1109/icect.2005.9

Cited by 11 publications

(5 citation statements)

References 10 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Reference [5] considers primarily management of secret keys for database encryption. The solution closest to the ideas from this paper is described in [6]. The author describes use of cryptography at different database levels, use of combined secret key and public key cryptography, and user authentication based on several alternative protocols.…”

Section: Internet Security Problemsmentioning

confidence: 99%

Business Information Exchange System with Security, Privacy, and Anonymity

Muftic¹,

Abdullah²,

Kounelis³

2016

Journal of Electrical and Computer Engineering

View full text Add to dashboard Cite

Business Information Exchange is an Internet Secure Portal for secure management, distribution, sharing, and use of business e-mails, documents, and messages. It has three applications supporting three major types of information exchange systems: secure e-mail, secure instant messaging, and secure sharing of business documents. In addition to standard security services for e-mail letters, which are also applied to instant messages and documents, the system provides innovative features of privacy and full anonymity of users and their locations, actions, transactions, and exchanged resources. In this paper we describe design, implementation, and use of the system.

show abstract

Section: Internet Security Problemsmentioning

confidence: 99%

Business Information Exchange System with Security, Privacy, and Anonymity

Muftic¹,

Abdullah²,

Kounelis³

2016

Journal of Electrical and Computer Engineering

View full text Add to dashboard Cite

show abstract

“…,..., ,..., 1 (1) Columns from A 1 to A m need to be encrypted. The corresponding encrypted relation is as follows:…”

Section: A Storage Modelmentioning

confidence: 99%

“…Thefts maybe steal physical hard disks to get critical data; Hackers may bypass the access control mechanism of database; malicious DBA use super privilege to compromise the database [1].…”

Section: Introductionmentioning

confidence: 99%

A new lightweight database encryption scheme transparent to applications

Liu

Gai

2008

2008 6th IEEE International Conference on Industrial Informatics

View full text Add to dashboard Cite

Database encryption, as a mechanism for active security enhancement, is a crucial technique to protect data confidentiality. Two important objectives of designing an encrypted database are high security and performance. In this paper, a new paradigm for database encryption is proposed in which database encryption can be provided as a service to applications with seamless access to encrypted database. Using such an encrypted data management model, applications can concentrate on their core businesses and protect data privacy against both malicious outsiders and the untrusted database service users without need to know encryption details. We propose a novel database encryption architecture with flexible data granularity and safe key management for high security and performance of database access. Security dictionary is used to keep encryption metadata safe based on the threat model. Then the implementation details are given to show how to transparently store and query encrypted database fields with the proposed scheme.

show abstract

“…Various possibilities of data theft can occur when carrying out a particular project such as database server migration, cloning activities on data le storage, natural disasters that may arise, or when trying to retrieve existing data le storage [4]. Hence, the database's security is essential as data is one of the most valuable assets owned and cannot be disclosed by anyone [5] According to research conducted by Hammouchi [6], from January 2005 to December 2018, the Privacy Rights Clearinghouse (PRC) has recorded more than 9,000 hacking cases containing 12 billion data with many instances. "Each breach can be caused by an insider that intentionally breaches information (INSD), payment card fraud (CARD), physical loss (PHYS), lost or stolen portable device (PORT), being hacked by someone or infected by malware (HACK), stationary equipment loss (STAT), an unknown method (UNKN) or an unintended disclosure like sending an email to the wrong person (DISC)" [6].…”

Section: Introductionmentioning

confidence: 99%

Performance Testing on Transparent Data Encryption for SQL Server's Reliability and Efficiency

Madyatmadja

Hakim

Sembiring

2021

Preprint

View full text Add to dashboard Cite

Data security is being one of the most crucial aspects to be focused on system development. However, using such a feature to enhance the security of data might affect the system's performance. This study aims to observe how substantial Transparent Data Encryption as a solution for data security on Microsoft SQL Server will affect the database management system's performance. Each of the system performance is conducted with stress and load test. This paper concentrates on the upsides of using Transparent Data Encryption over standard database by finding how significant performance degradation has occurred in terms of Reliability and Efficiency.

show abstract

A Practical Implementation of Transparent Encryption and Separation of Duties in Enterprise Databases: Protection against External and Internal Attacks on Databases

Cited by 11 publications

References 10 publications

Business Information Exchange System with Security, Privacy, and Anonymity

Business Information Exchange System with Security, Privacy, and Anonymity

A new lightweight database encryption scheme transparent to applications

Performance Testing on Transparent Data Encryption for SQL Server's Reliability and Efficiency

Contact Info

Product

Resources

About