May 24, 2009 to May 28, 2009
DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/ICIW.2009.31
Database security has become a vital issue in modern Web applications. Critical business data in databases is an evident target for attack. Therefore, ensuring the confidentiality, privacy and integrity of data is a major issue for the security of database systems. Recent high profile data thefts have shown that perimeter defenses are insufficient to secure sensitive data. This paper studies security of the databases shared between many parties from a cryptographic perspective. We propose Mixed Cryptography Database (MCDB), a novel framework to encrypt databases over untrusted networks in a mixed form using many keys owned by different parties. The encryption process is based on a new data classification according to the data owner. The proposed framework is very useful in strengthening the protection of sensitive data even if the database server is attacked at multiple points from the inside or outside.
Hasan Kadhem, Toshiyuki Amagasa, Hiroyuki Kitagawa, "A Novel Framework for Database Security Based on Mixed Cryptography", ICIW, 2009, Internet and Web Applications and Services, International Conference on, Internet and Web Applications and Services, International Conference on 2009, pp. 163-170, doi:10.1109/ICIW.2009.31