• Title, Summary, Keyword: Database Encryption

Search Result 75, Processing Time 0.047 seconds

Implementation and Performance Evaluation of Database Encryption for Academic Affairs System (교무업무시스템을 위한 데이터베이스 암호화 구현 및 성능 평가)

  • Kim, Bo-Seon;Hong, Eui-Kyeong
    • Journal of Korea Multimedia Society
    • /
    • v.11 no.1
    • /
    • pp.1-12
    • /
    • 2008
  • Database encryption is one of the important mechanisms for prohibiting internal malicious users and outside hackers from utilizing data. Frequent occurrences of encryption and decryption cause degradation of database performance so that many factors should be considered in implementing encryption system. In this paper, we propose an architecture of database encryption system and data encryption module. In addition we suggest extended SQL in order to manage data encryption and decryption. In implementing database encryption system, we adopt ARIA encryption algorithm which is proved to be the most fast one among Korea standardized encryption algorithm. We use an single key for each database in encrypting data rather than using several keys in order to improve performance. Research over performance evaluation of database encryption system is rare up to now. Based on our implemented system, we provide performance evaluation results over various H/W platforms and compare performance differences between plain text and encrypted data.

  • PDF

A Study on the Dynamic Encryption Manager for Improved Timeliness in Secure Real-Time Database Systems (보안 실시간 데이터베이스 시스템에서 시간성 향상을 위한 동적 암호화 관리자에 관한 연구)

  • Lee, Soon-Jo
    • Journal of the Korea Institute of Information and Communication Engineering
    • /
    • v.9 no.1
    • /
    • pp.210-216
    • /
    • 2005
  • In many real-time applications, security is another important requirement, since the secure real time database system maintains sensitive information to be shared by multiple users with different levels of security clearance or to be attacked by hackers with ill will. Encryption policies are necessary for the security of secure real-time database systems in addition to the existing security methods, too. However, there has not been much work for the encryption policies in secure real-time database systems, although sensitive information must be safeguarded in real-time systems as well. In this paper, we propose a encryption manager for the purpose of solving the encryption policies of the secure real-time database systems. What is important in the encryption policies of secure real-time database systems is security and timeliness. A significant feature of the proposed encryption manager is the ability to dynamically adapt a encryption algorithm that consider transaction deadline and security level.

A Study on the Encryption Model for Numerical Data

  • Kim, Ji-Hong;Sahama, Tony
    • Journal of information and communication convergence engineering
    • /
    • v.7 no.1
    • /
    • pp.30-34
    • /
    • 2009
  • The encryption method is a well established technology for protecting sensitive data. However, once encrypted, the data can no longer be easily queried. The performance of the database depends on how to encrypt the sensitive data. In this paper we review the conventional encryption method which can be partially queried and propose the encryption method for numerical data which can be effectively queried. The proposed system includes the design of the service scenario, and metadata.

The performance analysis of the selective element encryption method (선택적 요소 암호화 방식에 대한 성능 분석)

  • Yang, Xue;Kim, Ji-Hong
    • Journal of the Korea Institute of Information and Communication Engineering
    • /
    • v.19 no.4
    • /
    • pp.848-854
    • /
    • 2015
  • There are a lot of encryption methods to secure database proposed recently. Those encryption methods can protect the sensitive data of users effectively, but it deteriorates the search performance of database query. In this paper, we proposed the selective element encryption method in order to complement those drawbacks. In addition, we compared the performance of the proposed method with that of tuple level encryption method using the various queries. As a result, we found that the proposed method, which use the selective element encryption with bloom filter as a index, has better performance than the other encryption method.

Analysis of Encryption and Decryption Processes of Realm Database and Its Application (Realm 데이터베이스 암·복호화 프로세스 및 기반 애플리케이션 분석)

  • Youn, Byungchul;Park, Myungseo;Kim, Jongsung
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.30 no.3
    • /
    • pp.369-378
    • /
    • 2020
  • Due to the widespread use of mobile devices, smartphone penetration and usage rate continue to increase and there is also an increasing amount of data that need to be stored and managed in applications. Therefore, recent applications use mobile databases to store and manage user data. Realm database, developed in 2014, is attracting more attention from developers because of advantages of continuous updating, high speed, low memory usage, simplicity and readability of the code. It also supports an encryption to provide confidentiality and integrity of personal information stored in the database. However, since the encryption can be used as an anti-forensic technique, it is necessary to analyze the encryption and decryption processes provided by Realm Database. In this paper, we analyze the structure of Realm Database and its encryption and decryption process in detail, and analyze an application that supports an encryption to propose the use cases of the Realm Database.

Symmetric Searchable Encryption with Efficient Conjunctive Keyword Search

  • Jho, Nam-Su;Hong, Dowon
    • KSII Transactions on Internet and Information Systems (TIIS)
    • /
    • v.7 no.5
    • /
    • pp.1328-1342
    • /
    • 2013
  • Searchable encryption is a cryptographic protocol for searching a document in encrypted databases. A simple searchable encryption protocol, which is capable of using only one keyword at one time, is very limited and cannot satisfy demands of various applications. Thus, designing a searchable encryption with useful additional functions, for example, conjunctive keyword search, is one of the most important goals. There have been many attempts to construct a searchable encryption with conjunctive keyword search. However, most of the previously proposed protocols are based on public-key cryptosystems which require a large amount of computational cost. Moreover, the amount of computation in search procedure depends on the number of documents stored in the database. These previously proposed protocols are not suitable for extremely large data sets. In this paper, we propose a new searchable encryption protocol with a conjunctive keyword search based on a linked tree structure instead of public-key based techniques. The protocol requires a remarkably small computational cost, particularly when applied to extremely large databases. Actually, the amount of computation in search procedure depends on the number of documents matched to the query, instead of the size of the entire database.

Designing Database Encryption Models to interwork with Intranet (인트라넷과 연동되는 데이터베이스의 암호화 모델 설계)

  • 임재흥
    • Convergence Security Journal
    • /
    • v.2 no.2
    • /
    • pp.209-216
    • /
    • 2002
  • This treatise deals with designing a database encryption model that interworks with Intranet within a system. Today attempts are being made to substitute legacy client/server computing environment with what interworks with web and database, and thus the question how the security for the database that interworks with Intranet can be secured is emerging as a matter of great importance. This treatise, therefore, offers an encryption model which offers how to create an encryption key using an ID and a password most widely used in Intranet access and by using this key, how to encipher information ill a DB table, providing a maintenance scheme for the Key as well.

  • PDF

A Study on the Secure Database Controlled Under Cloud Environment (클라우드 환경하에서의 안전한 데이터베이스 구축에 관한 연구)

  • Kim, SungYong;Kim, Ji-Hong
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.23 no.6
    • /
    • pp.1259-1266
    • /
    • 2013
  • Nowadays, the databases are getting larger and larger. As the company has difficulty in managing the database, they want to outsource the database to the cloud system. In this case the database security is more important because their database is managed by the cloud service provider. Among database security techniques, the encryption method is a well-certified and established technology for protecting sensitive data. However, once encrypted, the data can no longer be easily queried. The performance of the database depends on how to encrypt the sensitive data, and on the approach for searching, and the retrieval efficiency that is implemented. In this paper we propose the new suitable mechanism to encrypt the database and lookup process on the encrypted database under control of the cloud service provider. This database encryption algorithm uses the bloom filter with the variable keyword based index. Finally, we demonstrate that the proposed algorithm should be useful for database encryption related research and application activities.

New Construction of Order-Preserving Encryption Based on Order-Revealing Encryption

  • Kim, Kee Sung
    • Journal of Information Processing Systems
    • /
    • v.15 no.5
    • /
    • pp.1211-1217
    • /
    • 2019
  • Developing methods to search over an encrypted database (EDB) have received a lot of attention in the last few years. Among them, order-revealing encryption (OREnc) and order-preserving encryption (OPEnc) are the core parts in the case of range queries. Recently, some ideally-secure OPEnc schemes whose ciphertexts reveal no additional information beyond the order of the underlying plaintexts have been proposed. However, these schemes either require a large round complexity or a large persistent client-side storage of size O(n) where n denotes the number of encrypted items stored in EDB. In this work, we propose a new construction of an efficient OPEnc scheme based on an OREnc scheme. Security of our construction inherits the security of the underlying OREnc scheme. Moreover, we also show that the construction of a non-interactive ideally-secure OPEnc scheme with a constant client-side storage is theoretically possible from our construction.

Address Permutation for Privacy-Preserving Searchable Symmetric Encryption

  • Choi, Dae-Seon;Kim, Seung-Hyun;Lee, Youn-Ho
    • ETRI Journal
    • /
    • v.34 no.1
    • /
    • pp.66-75
    • /
    • 2012
  • This paper proposes a privacy-preserving database encryption scheme that provides access pattern hiding against a service provider. The proposed scheme uses a session key to permute indices of database records each time they are accessed. The proposed scheme can achieve access pattern hiding in situations in which an adversary cannot access the inside of the database directly, by separating the entity with an index table and data table and permuting both the index and position where the data are stored. Moreover, it is very efficient since only O(1) server computation and communication cost are required in terms of the number of the data stored. It can be applied to cloud computing, where the intermediate entities such as cloud computing service provider can violate the privacy of users or patients.