Executing SQL over encrypted data in the database-service-provider model
Proceedings of the 2002 ACM SIGMOD international conference on Management of data
Description of a New Variable-Length Key, 64-bit Block Cipher (Blowfish)
Fast Software Encryption, Cambridge Security Workshop
Privacy preserving association rule mining in vertically partitioned data
Proceedings of the eighth ACM SIGKDD international conference on Knowledge discovery and data mining
Order preserving encryption for numeric data
SIGMOD '04 Proceedings of the 2004 ACM SIGMOD international conference on Management of data
Proceedings of the 2005 ACM SIGMOD international conference on Management of data
Towards a Security Benchmark for Database Management Systems
DSN '05 Proceedings of the 2005 International Conference on Dependable Systems and Networks
VLDB '02 Proceedings of the 28th international conference on Very Large Data Bases
Over-encryption: management of access control evolution on outsourced data
VLDB '07 Proceedings of the 33rd international conference on Very large data bases
The Data Warehouse Lifecycle Toolkit
The Data Warehouse Lifecycle Toolkit
Randomness reuse: extensions and improvements
Cryptography and Coding'07 Proceedings of the 11th IMA international conference on Cryptography and coding
DES with any reduced masked rounds is not secure against side-channel attacks
Computers & Mathematics with Applications
EISA – an enterprise application security solution for databases
ICISS'05 Proceedings of the First international conference on Information Systems Security
| Hi-index | 0.00 |
Data Warehouses (DWs) are the enterprise's most valuable asset in what concerns critical business information, making them an appealing target for attackers. Packaged database encryption solutions are considered the best solution to protect sensitive data. However, given the volume of data typically processed by DW queries, the existing encryption solutions heavily increase storage space and introduce very large overheads in query response time, due to decryption costs. In many cases, this performance degradation makes encryption unfeasible for use in DWs. In this paper we propose a transparent data masking solution for numerical values in DWs based on the mathematical modulus operator, which can be used without changing user application and DBMS source code. Our solution provides strong data security while introducing small overheads in both storage space and database performance. Several experimental evaluations using the TPC-H decision support benchmark and a real-world DW are included. The results show the overall efficiency of our proposal, demonstrating that it is a valid alternative to existing standard encryption routines for enforcing data confidentiality in DWs.