Showing papers on "Database encryption published in 2016"

What Else is Revealed by Order-Revealing Encryption?

Abstract: The security of order-revealing encryption (ORE) has been unclear since its invention. Dataset characteristics for which ORE is especially insecure have been identified, such as small message spaces and low-entropy distributions. On the other hand, properties like one-wayness on uniformly-distributed datasets have been proved for ORE constructions. This work shows that more plaintext information can be extracted from ORE ciphertexts than was previously thought. We identify two issues: First, we show that when multiple columns of correlated data are encrypted with ORE, attacks can use the encrypted columns together to reveal more information than prior attacks could extract from the columns individually. Second, we apply known attacks, and develop new attacks, to show that the leakage of concrete ORE schemes on non-uniform data leads to more accurate plaintext recovery than is suggested by the security theorems which only dealt with uniform inputs.

Database encryption method and encryption database query method

Abstract: The invention relates to a database encryption method. The equivalent encryption algorithm, the preserving encryption algorithm and the homomorphic encryption are specifically designed and introduced to classify and encrypt data in a database, the data is saved in a server database, the hidden hazard that untrusted servers search for and leak confidential data is eliminated, and data privacy is protected. The invention further relates to an encryption database query method based on the database encryption method. On the basis that the equivalent encryption algorithm, the preserving encryption algorithm and the homomorphic encryption are specifically designed and introduced to classify and encrypt data in the database, a processing method for directly executing query operation on ciphertext is provided, execution efficiency is improved, and communication and calculation cost is reduced for users.

A Privacy-Preserving Top-k Query Processing Algorithm in the Cloud Computing

Abstract: Cloud computing has emerged as a new platform for storing and managing databases. As a result, a database outsourcing paradigm has gained much interests. To prevent the contents of outsourced databases from being revealed to cloud computing, databases must be encrypted before being outsourced to the cloud. Therefore, various Top-k query processing techniques have been proposed for encrypted databases. However, there is no existing work that can not only hide data access patterns, but also preserve the privacy of user query. To solve the problems, in this paper, we propose a new privacy-preserving Top-k query processing algorithm. Our algorithm protects the user query from the cloud and conceals data access patterns during query processing. A performance analysis shows that the proposed scheme provide good scalability without any information leakage.

A Range Query Processing Algorithm Hiding Data Access Patterns in Outsourced Database Environment

Abstract: Research on secure range query processing techniques in outsourced databases has been spotlighted with the development of cloud computing. The existing range query processing schemes can preserve the data privacy and the query privacy of a user. However, they fail to hide the data access patterns while processing a range query. So, in this paper we propose a secure range query processing algorithm which hides data access patterns. Our method filters unnecessary data using the encrypted index. We show from our performance analysis that the proposed range query processing algorithm can efficiently process a query while hiding the data access patterns.

A Confidentiality-Preserving Search Technique for Encrypted Relational Cloud Databases

Abstract: Database-as-a-Service is offered by many cloud service providers and could significantly reduce the IT infrastructure maintenance bills for enterprises. However, many hesitate migrating their data storage and processing to the cloud, and one of the reasons are data security issues. Encryption could provide sound security guarantees, but existing approaches often gravitate to one of the extremes: either high security and very limited functionality, or vice versa. This paper proposes a flexible database encryption scheme allowing multiple users to perform complex search-based queries, including cross-table joins, capable of utilizing database's indexing capabilities. Several proxy servers in between the user and the database server help to achieve this and make it all transparent for the user. The proposed solution demonstrates a practical performance level in most of our experiments.

Improvement of ETSFS algorithm for secure database

Abstract: In the present era, one of the major encounters is data security. Most organizations store their data in huge databases that enables uncomplicated retrieval, manipulations, and also helps in an efficient way of sharing. Database security has now become a more dynamic issue as data is the greatest asset to any organization. Due to the rapid increase in the database usage, it is vulnerable to many threats like unauthorized access etc. To overcome these issues, numerous security techniques have emerged to protect the data in databases. Database encryption — a security technique involves various encryption algorithms such as, Data Encryption Standard (DES), Triple DES and Enhanced-Transposition-Substitution-Folding-Shifting (ETSFS). Each of them has its specific merits and demerits. Unlike ETSFS, has constraint on data size and number of special characters, the proposed method improvement focuses on the encryption of large data considering all types of special characters and a random generator is used for generating keys in substitution phase. The proposed methodology of the paper focused on the future work of the ETSFS algorithm and successfully implemented for securing database with the comparison of the insert and select queries of the four encryption algorithms (AES, DES, ETSFS, and Enhanced ETSFS).

Multiple integer packing for optimizing partial homomorphic encrypted databases

Abstract: Database compromises are increasing nowadays, and database encryption is gaining its importance. Database encryption increases the size of the data, and time for processing the data. Optimizing the underlying encryption schemes helps to improve the performance of the encrypted databases. Processing queries over encrypted data, without decrypting it remained a holy grail until CryptDB. CryptDB is the first practical system which supports almost all queries over encrypted database. It leverages partial homomorphic encryption and SQL-Aware encryption scheme for encrypted query processing. CryptDB also suffers from storage and time issues. We propose packing of integers into a single field as a solution to reduce space issue of CryptDB. Any system which uses additive homomorphic schemes for encryption can adopt this method for storage optimization.

Study on database encryption-based protection mechanism under cloud computing environment

Abstract: The combination of database and cloud environment prompted changes in the information industry and information service, while there exits any security issues. The database protection mechanisms proposed in this paper are based on attribute decomposition and encrypted cloud environment, which not only the server to minimize the number of encryption and decryption of the attribute field, but reduce the amount of computation and effectively encrypt the data of database as well.

A Secure Range Query Processing Algorithm for the Encrypted Database on the Cloud

Abstract: Secure range query processing algorithms have been studied as the range query can be used as a baseline technique in various fields. However, when processing a range query, the existing methods fail to hide the data access patterns which can be used to derive the actual data items and the private information of a querying issuer. The problem is that the data access patterns can be exposed even though the data and query are encrypted. So, in this paper we propose a new range query processing algorithm on the encrypted database. Our method conceals the data access patterns while supporting efficient query processing by using our proposed encrypted index search scheme. Through the performance analysis, we show that the proposed range query processing algorithm can efficiently process a query while hiding the data access patterns.

Server and method of storage service provider for supporting database encryption

Abstract: The present invention provides a server of providing a storage service for supporting database encryption, comprising: a communications module for performing communications with a client and a server for providing a database service; a storage module for storing encrypted database; a memory having a program, which supports encryption of database, stored therein; and a processor for performing the program. The processor is configured to partially decode the encrypted database to correspond to a query when the query with respect to the encrypted database transmitted from the client is received as the program is executed, and to transmit the query and the partially decoded database to the server for providing a database service so as to provide a result corresponding to the query for the client. Also, the result corresponding to the query is generated by the server for providing a database service on the basis of the query and partially decoded database, and transmitted to the client.

Efficient Top-k Join Processing over Encrypted Data in a Cloud Environment

Abstract: The benefit of the scalability and flexibility inherent in cloud computing motivates clients to upload data and computation to public cloud servers. Because data is placed on public clouds, which are very likely to reside outside of the trusted domain of clients, this strategy introduces concerns regarding the security of sensitive client data. Thus, to provide sufficient security for the data stored in the cloud, it is essential to encrypt sensitive data before the data are uploaded onto cloud servers. Although data encryption is considered the most effective solution for protecting sensitive data from unauthorized users, it imposes a significant amount of overhead during the query processing phase, due to the limitations of directly executing operations against encrypted data. Recently, substantial research work that addresses the execution of SQL queries against encrypted data has been conducted. However, there has been little research on top-k join query processing over encrypted data within the cloud computing environments. In this paper, we develop an efficient algorithm that processes a top-k join query against encrypted cloud data. The proposed top-k join processing algorithm is, at an early phase, able to prune unpromising data sets which are guaranteed not to produce top-k highest scores. The experiment results show that the proposed approach provides significant performance gains over the naive solution.

Design and Development of School Management System with Database Encryption and Decryption

Abstract: School Management System is an information system primarily developed to computerize, integrate and control all the activities involved in the collation and processing of student data mostly the academic records. The system not only makes student results collation fast but also easy and error free. It also makes the pool of data possible and information readily available and decision making fast. The system provides solution to the problems encountered in school management. There are numerous challenges and difficulties faced by school managers in making sure they come up with vital decisions and quality services to her valued students and customers. These things cannot be achieved through manual operations. Though, the use of paper works in school administration cannot be completely written off, the School Management System is developed to enhance and boast the general school administration. The System is implemented to specifications using NET BEANS IDE 8.1 at the front end and SQLite database at the back end. Symmetric data encryption model is used to ensure maximum security, since the validity and integrity of information depends on who had an access to it. School Management System is able to generate academic results, transcripts, timetable, registration of students, matters regarding welfare of students among other things.

Design and Development of School Management System with Database Encryption and Decryption

Abstract: School Management System is an information system primarily developed to computerize, integrate and control all the activities involved in the collation and processing of student data mostly the academic records. The system not only makes student results collation fast but also easy and error free. It also makes the pool of data possible and information readily available and decision making fast. The system provides solution to the problems encountered in school management. There are numerous challenges and difficulties faced by school managers in making sure they come up with vital decisions and quality services to her valued students and customers. These things cannot be achieved through manual operations. Though, the use of paper works in school administration cannot be completely written off, the School Management System is developed to enhance and boast the general school administration. The System is implemented to specifications using NET BEANS IDE 8.1 at the front end and SQLite database at the back end. Symmetric data encryption model is used to ensure maximum security, since the validity and integrity of information depends on who had an access to it. School Management System is able to generate academic results, transcripts, timetable, registration of students, matters regarding welfare of students among other things. KeywordsSchool Management System, Symmetric

Study on Reinforcement Technology of Application in Android Terminal

Abstract: Android system is the most widely used smart phone operating system at present. As the An- droid system is a Linux based open source operating system, so anyone can operate it on the smart terminal, which brings serious security problems. A security reinforcement scheme for mobile applications based on the Android platform is proposed. Demonstration and implementation of this program is conducted. Rein- forcement algorithm proposed mainly uses the encryption, dynamic loading, code confusion, JNI program- ming, integrity verification and database encryption technology, which from various angles, protects the in- terests of application developers and users. KEYWORD: android; mobile terminal security; application reinforcement