File-system development with stackable layers
ACM Transactions on Computer Systems (TOCS) - Special issue on operating systems principles
Informed prefetching and caching
SOSP '95 Proceedings of the fifteenth ACM symposium on Operating systems principles
Software protection and simulation on oblivious RAMs
Journal of the ACM (JACM)
Computationally private information retrieval (extended abstract)
STOC '97 Proceedings of the twenty-ninth annual ACM symposium on Theory of computing
Journal of the ACM (JACM)
A database encryption system with subkeys
ACM Transactions on Database Systems (TODS)
Sequentiality and prefetching in database systems
ACM Transactions on Database Systems (TODS)
Secure dynamic adaptive traffic masking
Proceedings of the 1999 workshop on New security paradigms
Untraceable electronic mail, return addresses, and digital pseudonyms
Communications of the ACM
OceanStore: an architecture for global-scale persistent storage
ASPLOS IX Proceedings of the ninth international conference on Architectural support for programming languages and operating systems
Cryptography and data security
Cryptography and data security
Executing SQL over encrypted data in the database-service-provider model
Proceedings of the 2002 ACM SIGMOD international conference on Management of data
The Art of Deception: Controlling the Human Element of Security
The Art of Deception: Controlling the Human Element of Security
Providing Database as a Service
ICDE '02 Proceedings of the 18th International Conference on Data Engineering
Anonymous Connections and Onion Routing
SP '97 Proceedings of the 1997 IEEE Symposium on Security and Privacy
Hiding Data Accesses in Steganographic File System
ICDE '04 Proceedings of the 20th International Conference on Data Engineering
Finding Constrained Frequent Episodes Using Minimal Occurrences
ICDM '04 Proceedings of the Fourth IEEE International Conference on Data Mining
Querying the internet with PIER
VLDB '03 Proceedings of the 29th international conference on Very large data bases - Volume 29
Hi-index | 0.00 |
To support ubiquitous computing, the underlying data have to be persistent and available anywhere-anytime. The data thus have to migrate from devices that are local to individual computers, to shared storage volumes that are accessible over open network. This potentially exposes the data to heightened security risks. In particular, the activity on a database exhibits regular page reference patterns that could help attackers learn logical links among physical pages and then launch additional attacks. We propose two countermeasures to mitigate the risk of attacks initiated through analyzing the shared storage server's activity for those page patterns. The first countermeasure relocates data pages according to which page sequences they are in. The second countermeasure enhances the first by randomly prefetching pages from predicted page sequences. We have implemented the two countermeasures in MySQL, and experiment results demonstrate their effectiveness and practicality.