Databases Reference
In-Depth Information
4.1 Open Issues & Future Trends
While much progress in research has been made over the past few years on
DAS, we believe that many further challenges remain before the vision out-
lined in [26] of a secure data management service that simultaneously meets
the data confidentiality and eciency requirements. A few of the many prac-
tical challenges that still remain open are the following: (1) techniques to sup-
port dynamic updates - some initial approaches to this problem have been
studied in [25], (2) mechanisms to support stored procedures and function ex-
ecution as part of SQL processing, and (3) support for a more complete SQL -
e.g., pattern matching queries. Furthermore, given multiple competing models
for DAS (e.g., the basic model, the model with secure coprocessor, model with
two servers) there is a need for a detailed comparative study that evaluates
these approaches from different perspectives: feasibility, applicability under
diverse conditions, eciency, and achievable confidentiality. Furthermore, a
detailed security analysis including the nature of attacks as well as privacy
guarantees supported by different schemes needs to be carried out. Various
other security issues need deeper analysis, like parameter selection for security
(e.g., how much entropy, how much variance) and structural information hid-
ing for XML data. Furthermore, wherever cryptographic primitives are used,
special most of the works do not address issues related algorithm selection,
choice of key-length, key-generation, distribution and revocation. These issues
definitely require greater attention than they have received till this point.
A large number of security breaches in databases happen due to insider
attacks, a fruitful avenue of research in secure data management would be to
enable
secure database administration
. The goal is to determine what infor-
mation needs to be revealed to administrators that allow them to carry out
their tasks while hiding away as much excess information as possible that may
potentially disclose some sensitive information.
5 Acknowledgements
This work has been possible due to the following NSF grants: 0331707 and
IIS-0220069.
References
1. N.R. Adam, J.C. Worthmann Security-control methods for statistical databases:
a comparative study In
ACM Computing Surveys, Vol 21, No. 4
, 1989.
2. Advanced Encryption Standard, NIST. FIPS PUB 197. (2001)
3. G. Aggarwal, M. Bawa, P. Ganesan, H. Garcia-Molina, K. Kenthapadi, U. Sri-
vastava, D. Thomas, Y. Xu. Two Can Keep a Secret: A Distributed Architecture
for Secure Database Services In
Proc. of CIDR
2005.
