Relational database security enhancements

Dissertant

al-Jabr, Hani Hilal Saadah

Thesis advisor

al-Ajluni, Naim M. M.

Comitee Members

al-Shalabi, Riyad
Abu al-Suud, Salih Mustafa
al-Shaykh, Asim A. R.

University

Arab Academy for Financial and Banking Sciences

Faculty

The Faculty of Information Systems and Technology

Department

Computer information systems

University Country

Jordan

Degree

Ph.D.

Degree Date

2008

English Abstract

Database encryption system is considered to be secure when the cipher key is secure and as long as the ciphered data is protected from illegal change.

Most encryption systems depend on exchanging cipher / schedule keys between users via a secure channel of communication.

It is difficult, and often expensive, to provide a secure channel of communication between users.

Therefore; this research has developed a number of approaches that overcome the problem of data integrity and securing key exchanges. First, the work undertaken has involved a checksum algorithm and other techniques for database encryption used with conventional database systems, which also includes Cipher / schedule key generation / management.

In our approach, database security problem has been sub-divided into the following sub-problems : (i) Data integrity through the use of a Checksum Algorithm : Checksum values are calculated as the modulus value of critical data items using a divisor chosen by the system administrator.

Checksum values Pi and Ri are maintained separately, e.

g.

in the database, and used later to validate the integrity of the ith data item stored in the original database. (ii) Data integrity and security through the use of Checksum and an Encryption Algorithm : A cryptographic checksum is computed for critical data in order to protect it against any changes, either direct, i.

e.

intended but illegal changes, or indirect, i.

e.

unintentional illegal changes.

Checksum is created in the filter using an encryption algorithm and a secret key K known only to the filter.

It would also be computed and validated at the filter with each request for database access. (iii) Key Generation / Management: Here, the aim was to design a high performance encryption system, using randomly generated keys.

The design methods employ two different techniques to generate the keys.

The results shows that all approaches proposed are simple and highly effective for the generation of keys for any encryption system.

This was applied in both conventional (i.e.

external to main memory) and also main memory databases. The research undertaken provides an insight into different methodologies involved in implementing encryption / decryption techniques in database systems.

Furthermore, it clearly shows that all approaches developed for both cipher key generation and the mixing of both cipher key / schedule key with a ciphered data block are powerful and flexible enough to be applied to the design of encryption systems for a broad spectrum of problems.

Main Subjects

Information Technology and Computer Science

Topics

• Data protection
• Databases
• Relational databases
• Security measures

No. of Pages

230

Table of Contents

• APA
• MLA
• AMA

Language

English

Data Type

Arab Theses

Record ID

BIM-306350