A Security Novel for a Networked Database

The security of databases is an important characteristic for database systems. It is intended to protect data from unauthorized access, damage or loss. With the advance of the methods of penetration and piracy, and with the increased reliance on databases that are connected with the Internet, the protection of databases has become one of the challenges faced by various emerging institutions, especially with the increasing of electronic crimes and thefts. In light of this, the focus is on analyzing and reviewing the cryptosystem architecture for networked databases. In this paper, we will discuss the process of encryption and decryption at the application and storage levels. Moreover, strategies of encryption inside the database by using the property of Transparent Data Encryption will be addressed. These methods will give a clear analysis of how data stored in databases can be protected and secured over the network. Additionally, these methods will help to overcome problems that are usually faced by administrative beginners, who work in the enterprises and manage their databases. Finally, we will discuss SQL injection, as a database attack and present the techniques of defense that prevent the adversaries from attacking the database.

[1]  Luc Bouganim,et al.  Database Encryption , 2011, Encyclopedia of Cryptography and Security.

[2]  Wei Wang,et al.  Fast Query Over Encrypted Character Data in Database , 2004, International Conference on Computational Intelligence and Security.

[3]  Wei Wang,et al.  Fast Query Over Encrypted Character Data in Database , 2004, CIS.

[4]  Angelos D. Keromytis,et al.  SQLrand: Preventing SQL Injection Attacks , 2004, ACNS.

[5]  Chad Dougherty Practical Identification of SQL Injection Vulnerabilities , 2012 .

[6]  Elisa Bertino,et al.  Database security - concepts, approaches, and challenges , 2005, IEEE Transactions on Dependable and Secure Computing.

[7]  Ulf T. Mattsson Database Encryption - How to Balance Security with Performance , 2005 .

[8]  Sohail Imran,et al.  Security Issues in Databases , 2009, 2009 Second International Conference on Future Information Technology and Management Engineering.

[9]  Rodney Landrum,et al.  Transparent Data Encryption , 2009 .

[10]  Suraj C. Kothari,et al.  Preventing SQL injection attacks in stored procedures , 2006, Australian Software Engineering Conference (ASWEC'06).

[11]  Azlinah Mohamed,et al.  The Design and Implementation of Database Encryption , 2007 .

[12]  Ed DeHart Data encryption , 2008, ACM Crossroads.