• International Journal of Computer Science & Network Security
• /
• v.24 no.1
• /
• pp.140-150
• /
• 2024

Database-as-a-Service is one of the prime services provided by Cloud Computing. It provides data storage and management services to individuals, enterprises and organizations on pay and uses basis. In which any enterprise or organization can outsource its databases to the Cloud Service Provider (CSP) and query the data whenever and wherever required through any devices connected to the internet. The advantage of this service is that enterprises or organizations can reduce the cost of establishing and maintaining infrastructure locally. However, there exist some database security, privacychallenges and query performance issues to access data, to overcome these issues, in our recent research, developed a database security model using a deterministic encryption scheme, which improved query execution performance and database security level.As this model is implemented using a deterministic encryption scheme, it may suffer from chosen plain text attack, to overcome this issue. In this paper, we proposed a new model for cloud database security using nondeterministic encryption, order preserving encryption, homomorphic encryptionand database distribution schemes, andour proposed model supports execution of queries with equality check, range condition and aggregate operations on encrypted cloud database without decryption. This model is more secure with optimal query execution performance.

• Proceedings of the KAIS Fall Conference
• /
• 2003.11a
• /
• pp.211-215
• /
• 2003

Network security should be first considered in a distributed computing environment with frequent information interchange through internet. Clear classification is needed for information users should protect and for information open outside. Basically proper encrypted database system should be constructed for information security, and security policy should be planned for each site. This paper describes access control, user authentication, and User Security and Encryption technology for the construction of database security system from network users. We propose model of network encrypted database security system for combining these elements through the analysis of operational and technological elements. Systematic combination of operational and technological elements with proposed model can construct encrypted database security system secured from unauthorized users in distributed computing environment.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.17 no.1
• /
• pp.109-113
• /
• 2007

With increasing the mont of processed information over the network, the importance of database system increases rapidly. There are two types of security system for database, access control and data encryption. However, it is hard to evaluate security of database systems using the Common Criteria(CC) as there is no protection profile(PP) for these systems. In this paper, we propose a protection profile for secure database systems which can be used in formal evaluation using the Common Criteria. The proposed protection profile can be used by both developer and consumer to evaluate security of database systems.

• Journal of Digital Convergence
• /
• v.10 no.3
• /
• pp.113-119
• /
• 2012

Even though the rapid development of IT technique accelerates informationization for quality improvement of university, security measures are needed for security problems because the major information related to academic affairs is centered on academic database. In this paper, we research and analyze the actual condition of database security of domestic university to develop process model that can consistently keep and improve the security of academic database which is the most important data in university. Also, considering the situation that a lot of universities can't use database security product, we propose details that implement the most important key part like confidentiality with the function that DBMS provides only.

• Journal of Information Technology Services
• /
• v.21 no.4
• /
• pp.63-74
• /
• 2022

Globally researchers at medical institutions are actively sharing COHORT data of patients to develop vaccines and treatments to overcome the COVID-19 crisis. OMOP-CDM, a common data model that efficiently shares medical data research independently operated by individual medical institutions has patient personal information (e.g. PII, PHI). Although PII and PHI are managed and shared indistinguishably through de-identification or anonymization in medical institutions they could not be guaranteed at 100% by complete de-identification and anonymization. For this reason the security of the OMOP-CDM database is important but there is no detailed and specific OMOP-CDM security inspection tool so risk mitigation measures are being taken with a general security inspection tool. This study intends to study and present a model for implementing a tool to check the security vulnerability of OMOP-CDM by analyzing the security guidelines for the US database and security controls of the personal information protection of the NIST. Additionally it intends to verify the implementation feasibility by real field demonstration in an actual 3 hospitals environment. As a result of checking the security status of the test server and the CDM database of the three hospitals in operation, most of the database audit and encryption functions were found to be insufficient. Based on these inspection results it was applied to the optimization study of the complex and time-consuming CDM CSF developed in the "Development of Security Framework Required for CDM-based Distributed Research" task of the Korea Health Industry Promotion Agency. According to several recent newspaper articles, Ramsomware attacks on financially large hospitals are intensifying. Organizations that are currently operating or will operate CDM databases need to install database audits(proofing) and encryption (data protection) that are not provided by the OMOP-CDM database template to prevent attackers from compromising.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.25 no.5
• /
• pp.1143-1151
• /
• 2015

Extensible Storage Engine (ESE) database is a database developed by Microsoft. This database is used in web browser like Internet Explorer, Spartan and in Windows system with Windows Search, System Resource Usage Monitor. Previous ESE database viewer can display an incorrect result and can't read the file depending on collected environment and status of files. And the deleted record recovery tool is limited to some program and cannot recover all tables. This paper suggests the universal recovery method for deleted records and presents the experimental results through development of tool.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.23 no.5
• /
• pp.947-955
• /
• 2013

Most of the enterprise information is stored in the database. Therefore, in order to investigate the company's criminal behavior, forensic analysis is important for the database and delete record is a need to develop recovery techniques. This paper is explained structure of the oracle database tablespace file and analyzed system tables that stored table information. Further, we suggests a method of recovery for deleted record in oracle tablespace.

• Convergence Security Journal
• /
• v.3 no.3
• /
• pp.7-18
• /
• 2003

Under database system environment, to accomplish database security is to ascertain the security threats and to choose the policy and mechanism of treating them. This study suggests the type and character of security threat and general method of prevention and cutting off the threats. Also, this study suggests the method of realization of Oracle security and additionally shows the method of Oracle security framework implemention. As an example, the verification method of Oracle security implementions are shown.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.26 no.1
• /
• pp.125-134
• /
• 2016

MySQL database is currently used by many users and It has gained a big market share in the database market. Even though MyISAM storage engine was used as a default storage engine before, but records recovery method does not existed. Deleted records have a high possibility for important evidence and it is almost impossible to determine that investigators manually examine large amounts of database directly. This paper suggests the universal recovery method for deleted records and presents the experimental results.

• The Journal of Society for e-Business Studies
• /
• v.4 no.2
• /
• pp.197-208
• /
• 1999

With developing computer and communication technologies, the concept of CALS system has been popular not only to military but also to commercial industries. The security problem is one of the most critical issues to construct CALS infrastructure. The CALS system needs some security functions such that data confidentiality, integrity, authenticity, availability, and non-repudiation. This paper proposes a security architecture model in CALS. The security architecture model is composed of 5 submodels such that network security model, authentication and key management model, operation and audit model, integrated database security model, and risk analysis model.