A new tv-based database encryption scheme using ts block cipher
Current database security research classify four types of controls for the protection of data in databases: access controls, information flow controls, inference controls, and cryptographic controls. This paper covers the fourth type of controls, cryptographic controls in database security that prov...
| Main Authors: | , , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
Penerbit UTM Press
2004
|
| Subjects: | |
| Online Access: | http://eprints.utm.my/197/ http://eprints.utm.my/197/1/ZailaniMohamedSidek2004_ANewtvBasedDatabaseEncryption.pdf |
| _version_ | 1848889867205869568 |
|---|---|
| author | Mohamed Sidek, Zailani Idris, Norbik Bashah Selamat, Harihodin |
| author_facet | Mohamed Sidek, Zailani Idris, Norbik Bashah Selamat, Harihodin |
| author_sort | Mohamed Sidek, Zailani |
| building | UTeM Institutional Repository |
| collection | Online Access |
| description | Current database security research classify four types of controls for the protection of data in databases: access controls, information flow controls, inference controls, and cryptographic controls. This paper covers the fourth type of controls, cryptographic controls in database security that provides security of data stored in commercial RDBMS like Oracle. The proposed database encryption scheme is based on TS Block and Stream Ciphers, and is capable of protecting data at the data element, row, and column levels using both block and stream encryptions. The design of the scheme's key generation and management
system allows the controls of users' access to encrypted data in a multilevel fashion thus provide multilevel security. The scheme solves the problem of mandatory and discretionary access controls in a given organization. The security of the scheme is based on the fact that no cryptographic keys are stored in the database system. All encryption and decryption keys are stored securely in smartcards thus providing minimum cryptographic information to users. The design of the encryption scheme is based on the provably strong ciphers with 128-bit keys which is currently infeasible to be broken even by exhaustive key search. Implementation of the scheme has been conducted successfully in Oracle RDBMS and complements the Oracle encryption security available.
ABSTRAK: Penyelidikan masa kini dalam bidang keselamatan pangkalan data mengelaskan empat jenis kawalan bagi mengawal keselamatan data iaitu kawalan capaian, kawalan aliran maklumat, kawalan inferens dan kawalan kriptografi. Kertas ini menerangkan kawalan jenis keempat iaitu kawalan kriptografi yang dapat menyediakan keselamatan data bagi suatu sistem pengurusan pangkalan data hubungan komersial seperti sistem Oracle. Skema pengenkriptan pangkalan data yang di cadangkan ini adalah berdasarkan sistem-sistem sipher "TS Block" dan "TS Stream ". Skema ini dapat memberi keselamatan data pada aras unsur data, baris dan lajur data menggunakan kaedah pengenkriptan blok dan "stream". Reka bentuk sistem penjana dan pengurusan kunci kriptografi dapat mengawal pengguna mencapai data yang telah di enkripkan secara berbilang aras. Ini dapat memberi ciri keselamatan data berbilang aras (multilevel security). Skema ini mendapat ciri keselamatannya berdasarkan atas fakta bahawa tiada kunci kriptografi di simpan dalam sistem pangkalan data tersebut. Oleh itu maklumat kriptografi yang minimum diberi kepada pengguna iaitu hanya kunci kriptografi mereka disimpan secara selamat dalam kad-kad pintar. Reka bentuk skema pengenkriptan ini dibuat menggunakan sistem sipher yang terbukti kuatnya dan menggunakan kunci sepanjang 128 bit. Pada masa ini, kunci sepanjang ini tidak mungkin dapat di cari penyelesaiannya walaupun menggunakan kaedah pencarian kunci secara menyeluruh. Pelaksanaan skema ini dalam sistem pangkalan data hubungan Oracle telah dibuat dengan berjaya dan ia dapat melengkapkan lagi sistem keselamatan pengenkriptan Oracle yang tersedia ada. |
| first_indexed | 2025-11-15T20:33:00Z |
| format | Article |
| id | utm-197 |
| institution | Universiti Teknologi Malaysia |
| institution_category | Local University |
| language | English |
| last_indexed | 2025-11-15T20:33:00Z |
| publishDate | 2004 |
| publisher | Penerbit UTM Press |
| recordtype | eprints |
| repository_type | Digital Repository |
| spelling | utm-1972017-11-01T04:17:38Z http://eprints.utm.my/197/ A new tv-based database encryption scheme using ts block cipher Mohamed Sidek, Zailani Idris, Norbik Bashah Selamat, Harihodin QA75 Electronic computers. Computer science Current database security research classify four types of controls for the protection of data in databases: access controls, information flow controls, inference controls, and cryptographic controls. This paper covers the fourth type of controls, cryptographic controls in database security that provides security of data stored in commercial RDBMS like Oracle. The proposed database encryption scheme is based on TS Block and Stream Ciphers, and is capable of protecting data at the data element, row, and column levels using both block and stream encryptions. The design of the scheme's key generation and management system allows the controls of users' access to encrypted data in a multilevel fashion thus provide multilevel security. The scheme solves the problem of mandatory and discretionary access controls in a given organization. The security of the scheme is based on the fact that no cryptographic keys are stored in the database system. All encryption and decryption keys are stored securely in smartcards thus providing minimum cryptographic information to users. The design of the encryption scheme is based on the provably strong ciphers with 128-bit keys which is currently infeasible to be broken even by exhaustive key search. Implementation of the scheme has been conducted successfully in Oracle RDBMS and complements the Oracle encryption security available. ABSTRAK: Penyelidikan masa kini dalam bidang keselamatan pangkalan data mengelaskan empat jenis kawalan bagi mengawal keselamatan data iaitu kawalan capaian, kawalan aliran maklumat, kawalan inferens dan kawalan kriptografi. Kertas ini menerangkan kawalan jenis keempat iaitu kawalan kriptografi yang dapat menyediakan keselamatan data bagi suatu sistem pengurusan pangkalan data hubungan komersial seperti sistem Oracle. Skema pengenkriptan pangkalan data yang di cadangkan ini adalah berdasarkan sistem-sistem sipher "TS Block" dan "TS Stream ". Skema ini dapat memberi keselamatan data pada aras unsur data, baris dan lajur data menggunakan kaedah pengenkriptan blok dan "stream". Reka bentuk sistem penjana dan pengurusan kunci kriptografi dapat mengawal pengguna mencapai data yang telah di enkripkan secara berbilang aras. Ini dapat memberi ciri keselamatan data berbilang aras (multilevel security). Skema ini mendapat ciri keselamatannya berdasarkan atas fakta bahawa tiada kunci kriptografi di simpan dalam sistem pangkalan data tersebut. Oleh itu maklumat kriptografi yang minimum diberi kepada pengguna iaitu hanya kunci kriptografi mereka disimpan secara selamat dalam kad-kad pintar. Reka bentuk skema pengenkriptan ini dibuat menggunakan sistem sipher yang terbukti kuatnya dan menggunakan kunci sepanjang 128 bit. Pada masa ini, kunci sepanjang ini tidak mungkin dapat di cari penyelesaiannya walaupun menggunakan kaedah pencarian kunci secara menyeluruh. Pelaksanaan skema ini dalam sistem pangkalan data hubungan Oracle telah dibuat dengan berjaya dan ia dapat melengkapkan lagi sistem keselamatan pengenkriptan Oracle yang tersedia ada. Penerbit UTM Press 2004 Article PeerReviewed application/pdf en http://eprints.utm.my/197/1/ZailaniMohamedSidek2004_ANewtvBasedDatabaseEncryption.pdf Mohamed Sidek, Zailani and Idris, Norbik Bashah and Selamat, Harihodin (2004) A new tv-based database encryption scheme using ts block cipher. Jurnal Teknologi Maklumat dan Multimedia, 1 . pp. 73-89. ISSN 1823-0113 |
| spellingShingle | QA75 Electronic computers. Computer science Mohamed Sidek, Zailani Idris, Norbik Bashah Selamat, Harihodin A new tv-based database encryption scheme using ts block cipher |
| title | A new tv-based database encryption scheme using ts block cipher |
| title_full | A new tv-based database encryption scheme using ts block cipher |
| title_fullStr | A new tv-based database encryption scheme using ts block cipher |
| title_full_unstemmed | A new tv-based database encryption scheme using ts block cipher |
| title_short | A new tv-based database encryption scheme using ts block cipher |
| title_sort | new tv-based database encryption scheme using ts block cipher |
| topic | QA75 Electronic computers. Computer science |
| url | http://eprints.utm.my/197/ http://eprints.utm.my/197/1/ZailaniMohamedSidek2004_ANewtvBasedDatabaseEncryption.pdf |