Databases Reference
In-Depth Information
The main challenge is to introduce security functionality without incurring
too much of overhead in terms of both performance and storage.
Encryption algorithms:
Symmetric key encryption schemes like
AES
[2],
DES
[15] and
Blowfish
[40] are some of the popular algorithms for encrypting
relational data. Encrypting the same amount of data using fewer large blocks
is more ecient than using several smaller blocks. This is mainly due to the
start-up cost associated with the initialization of the encryption algorithm.
While Blowfish and DES work with 8-byte data blocks, AES works with 16-
bytes blocks. Authors in [32] compare the performance of the above three
algorithms and report that Blowfish is the fastest, but has a large startup
cost. AES has the best average-case performance out of all the 3. We will
discuss the key-management issues later.
Some other schemes in literature propose using public-key encryption al-
gorithms (e.g., RSA) which avoids the problem of secure key distribution that
is faced by symmetric key encryption schemes. Nonetheless symmetric key
schemes are orders of magnitude faster in practice [32], and therefore are
more preferable.
Encryption granularity:
In general, finer encryption granularity affords
more flexibility in allowing the server to choose what data to encrypt. The
obvious encryption granularity choices are: (i)
Field-level
, which is the small-
est achievable granularity; each attribute value of a tuple is encrypted sep-
arately. (ii)
Record/row level
where each row is encrypted separately. This
allows one to retrieve individual rows without decrypting the whole table.
(iii)
Attribute/column level
encryption where one chooses to encrypt only cer-
tain sensitive attributes in a table. (iv)
Page/block level
encryption could also
be used. This is geared towards automating the encryption process. Whenever
a page/block of sensitive data is stored on disk, the entire block is encrypted.
Ecient storage for encrypted data:
Authors in [32] investigate the per-
formance issues associated with storage of encrypted data on the disk. They
propose the “Partitioned Plaintext and Ciphertext” (PPC) model for support-
ing storage of encrypted data. The basic idea is to cluster the non-sensitive
and sensitive data separately in order to minimize the number of encryption
operations. The PPC scheme logically breaks each page into two minipages,
based on plaintext and ciphertext attributes. PPC takes advantage of the n-
ary storage model (NSM) while enabling ecient encryption. Therefore imple-
menting PPC on existing DBMS's that use NSM requires only modifications
to the page layout. Within a page, each record is broken down into two parts,
the plaintext attributes which do not require encryption and the ciphertext
part that requires encryption. Both minipages are organized as NSM pages.
Small changes need to be made to the buffer manager and catalog files in
order to accommodate this change.
