In recent eras, storing and processing data on third-party remote
cloud servers has been widely used, showing explosive growth. The growing
popularity of data outsourcing to third-party cloud servers has a downside,
related to the serious concerns of data owners about their security due to
possible leakage. The desire to reduce the risk of loss of data confidentiality
has become a motivating start to developing mechanisms that provide the ability
to effectively use encryption to protect data. However, the use of traditional
encryption methods faces a problem. Namely, traditional encryption, by making
it impossible for insiders and outsiders to access data without knowing the
keys, excludes the possibility of searching. This paper presents a solution
that provides a strong level of confidentiality when searching, inserting,
modifying, and deleting the required sensitive data in a remote database whose
data are encrypted.
The proposed SQL query
processing technique allows the DBMS server to perform search functions over
encrypted data in the same way as in an unencrypted database. This study also
offers a basis for implementing the solution on the server side of the Oracle
DBMS using unmodified DBMS software using our own developed persistent stored
modules (PSM). This is achieved through the organization of automatic
decryption by specially developed secure software of the corresponding data
required for search, without the possibility of viewing these data itself. We
tested our prototype on a single machine that simulates both a proxy and a
database server. At that, we guarantee the integrity of the stored procedures
used and special tables that store encrypted modules of special software and
decryption keys, the relevance and completeness of the results returned to the
application. The results of the analysis of the feasibility and effectiveness
of the proposed solution show that the proper privacy of the stored data can be
achieved at a reasonable overhead. Future studies may focus on the conduct of
an in-depth performance evaluation of this proposed solution, including a
comparison with existing implementations, to show its practicality in various
real-life situations.
Author(s)
Details
Vitalii Yesin
Department of Security of Information Systems and Technologies, Faculty of
Computer Science, V. Karazin National University of Kharkiv, 61022 Kharkiv,
Ukraine and Department of Information Technology Security, Institute of
Computer Technologies, Automation and Metrology, Lviv Polytechnic National
University, 79000 Lviv, Ukraine.
Mikolaj Karpinski
Institute of Security and Computer Science, University of the National
Education Commission 2 Podchorazych St., Krakow, 30-084, Poland.
Maryna Yesina
Department of Security of Information Systems and Technologies, Faculty of
Computer Science, V. Karazin National University of Kharkiv, 61022 Kharkiv,
Ukraine and Department of Information Technology Security, Institute of
Computer Technologies, Automation and Metrology, Lviv Polytechnic National
University, 79000 Lviv, Ukraine.
Vladyslav Vilihura
Department of Security of Information Systems and
Technologies, Faculty of Computer Science, V. Karazin National University of
Kharkiv, 61022 Kharkiv, Ukraine.
Ruslan Kozak
Department of Cyber Security, Faculty of Computer Information Systems and
Software Engineering, Ternopil Ivan Puluj National Technical University, 46001
Ternopil, Ukraine.
Ruslan Shevchuk
Department of Computer Science and Automatics, Faculty of Mechanical
Engineering and Computer Science, University of Bielsko-Biala, 43-309
Bielsko-Biala, Poland and Department of Computer Science, Faculty of Computer
Information Technologies, West Ukrainian National University, 46009 Ternopil,
Ukraine.
Please see the book here:- https://doi.org/10.9734/bpi/mcscd/v1/8460E
No comments:
Post a Comment