Skip to main content
SpringerLink
Log in

A Framework for Efficient Storage Security in RDBMS

  • Conference paper
Book cover Advances in Database Technology - EDBT 2004 (EDBT 2004)

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 2992))

Included in the following conference series:

Abstract

With the widespread use of e-business coupled with the public’s awareness of data privacy issues and recent database security related legislations, incorporating security features into modern database products has become an increasingly important topic. Several database vendors already offer integrated solutions that provide data privacy within existing products. However, treating security and privacy issues as an afterthought often results in inefficient implementations. Some notable RDBMS storage models (such as the N-ary Storage Model) suffer from this problem. In this work, we analyze issues in storage security and discuss a number of trade-offs between security and efficiency. We then propose a new secure storage model and a key management architecture which enable efficient cryptographic operations while maintaining a very high level of security. We also assess the performance of our proposed model by experimenting with a prototype implementation based on the well-known TPC-H data set.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 84.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 109.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Copeland, G.P., Khoshafian, S.F.: A Decomposition Storage Model. In: ACM SIGMOD International Conference on Management of Data, pp. 268–269 (1985)

    Google Scholar 

  2. Oracle Corporation: Database Encryption in Oracle9i (2001), http://otn.oracle.com/deploy/security/oracle9i

  3. Department of Health and Human Services (U.S.). Gramm-Leach-Bliley (GLB) Act. FIPS PUB 81 (1999), http://www.ftc.gov/bcp/conline/pubs/buspubs/glbshort.htm

  4. Federal Trade Commission (U.S.): Health Insurance Portability and Accountability Act (HIPAA) (1996), http://www.hhs.gov/ocr/hipaa/privacy.html

  5. IBM Data Encryption for IMS and DB2 Databases, Version 1.1 (2003), http://www-306.ibm.com/software/data/db2imstools/html/ibmdataencryp.html

  6. He, J., Wang, M.: Cryptography and Relational Database Management Systems. In: Proceedings of the 5th International Database Engineering and Applications Symposium, pp. 273–284 (2001)

    Google Scholar 

  7. Hacigümüş, H., Iyer, B., Li, C., Mehrotra, S.: Executing SQL over Encrypted Data in the Database Service Provider Model. In: ACM SIGMOD Conference on Management of Data (2002)

    Google Scholar 

  8. Bouganim, L., Pucheral, P.: Chip-Secured Data Access: Confidential Data on Untrusted Servers. In: VLDB Conference, Hong Kong, China (2002)

    Google Scholar 

  9. Hacigümüş, H., Iyer, B., Mehrotra, S.: Providing Database as a Service. In: ICDE (2002)

    Google Scholar 

  10. Karlsson, J.S.: Using Encryption for Secure Data Storage in Mobile Database Systems. Friedrich-Schiller-Universitat Jena (2002)

    Google Scholar 

  11. Rivest, R.L., Shamir, A., Adleman, L.M.: A Method for Obtaining Digital Signatures and Public-Key Cryptosystems. Communications of the ACM 21 (1978)

    Google Scholar 

  12. NIST. Advanced Encryption Standard. FIPS PUB 197 (2001)

    Google Scholar 

  13. TPC Transaction Processing Performance Council, http://www.tpc.org

  14. OpenSSL Project, http://www.openssl.org

  15. NIST. Data Encryption Standard (DES). FIPS 46-3 (1993)

    Google Scholar 

  16. Schneier, B.: Description of a New Variable-Length Key, 64-Bit Block Cipher (Blowfish). In: Fast software Encryption, Cambridge Security Workshop Proceedings, pp. 191–204 (1993)

    Google Scholar 

  17. Ramakrishnan, R., Gehrke, J.: Database Management Systems, 2nd edn. WCB/McGraw-Hill (2000)

    Google Scholar 

  18. Ailamaki, A., DeWitt, D.J., Hill, M.D., Skounakis, M.: Weaving Relations for Cache Performance. The VLDB Journal, 169–180 (2001)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. IBM Silicon Valley Lab,  

    Bala Iyer

  2. University of California, Irvine, Irvine, CA, 92697, USA

    Sharad Mehrotra, Einar Mykletun, Gene Tsudik & Yonghua Wu

Authors
  1. Bala Iyer
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Sharad Mehrotra
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Einar Mykletun
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Gene Tsudik
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Yonghua Wu
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Purdue University,  

    Elisa Bertino

  2. Laboratory of Distributed Multimedia Information Systems and Applications, Technical University of Crete (MUSIC/TUC) Chania, 73100, Crete, Greece

    Stavros Christodoulakis

  3. Institute of Computer Science, FO.R.T.H., Vassilika Vouton, P.O. Box 1385, GR 71110, Heraklion, Greece

    Dimitris Plexousakis

  4. Department of Computer Science, University of Crete, P.O.Box 2208, GR 71409, Heraklion, Greece

    Vassilis Christophides

  5. National and Kapodistrian University of Athens, Greece

    Manolis Koubarakis

  6. IPD, Universität Karlsruhe, Am Fasanengarten 5, 76131, Karlsruhe,  

    Klemens Böhm

  7. Department of Computer Science and Communication, University of Insubria, 22100, Varese, Italy

    Elena Ferrari

Rights and permissions

Reprints and permissions

Copyright information

© 2004 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Iyer, B., Mehrotra, S., Mykletun, E., Tsudik, G., Wu, Y. (2004). A Framework for Efficient Storage Security in RDBMS. In: Bertino, E., et al. Advances in Database Technology - EDBT 2004. EDBT 2004. Lecture Notes in Computer Science, vol 2992. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-24741-8_10

Download citation

  • DOI: https://doi.org/10.1007/978-3-540-24741-8_10

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-21200-3

  • Online ISBN: 978-3-540-24741-8

  • eBook Packages: Springer Book Archive

Publish with us

Policies and ethics

Search

Navigation