当前位置: X-MOL 学术Int. J. Inf. Technol. › 论文详情
Our official English website, www.x-mol.net, welcomes your feedback! (Note: you will need to create a separate account there.)
Mechanism for securing cloud based data warehouse schema
International Journal of Information Technology Pub Date : 2020-10-19 , DOI: 10.1007/s41870-020-00546-1
Amar Arora , Anjana Gosain

Several studies have recommended encryption of data for securing Data Warehouse (DW) stored in hostile cloud networks. Most of the published work on encrypted DWs encrypts the DW data while DW Schema, i.e., Fact and Dimension table’s name and their attributes, remain unprotected. Unencrypted DW schema attributes may reveal critical information about the data contents to the cloud administrators or attackers. In this paper, we propose a novel mechanism for encrypting column names of DW’s fact and dimension tables, which in turn protect the revelation of details of interesting columns to the cloud network. For this, we have proposed a customized method for encryption of column names of facts and dimension tables and implemented it in MySQL’s column name restrictions to test its validity. This paper also introduces an Enhanced Encryption Model for Data Warehouse, which provides a complete solution for securing data warehouse. Here, the column name gets encrypted with the help of keys from a secure host without the revelation of security details to the cloud network. It reduces the attacker’s ability to target strategically important columns such as sales figures, cost, etc. As a result, it increases attacker effort by (n – k − W)/(n − k) in case of a weighted column scenario. Here, ‘n’ is the total number of columns, ‘k’, and ‘W’ is the number of unencrypted and encrypted columns, respectively. We have also conducted a performance analysis of the proposed mechanism on the standard TPC-H database for both encryption and decryption cycles.



中文翻译:

保护基于云的数据仓库架构的机制

多项研究建议对数据进行加密,以保护存储在敌对云网络中的数据仓库(DW)。大多数已发布的有关加密DW的工作都会对DW数据进行加密,而DW架构(即事实和维度表的名称及其属性)则不受保护。未加密的DW架构属性可能会将有关数据内容的关键信息泄露给云管理员或攻击者。在本文中,我们提出了一种用于加密DW事实和维度表的列名的新颖机制,从而保护了有趣的列的详细信息对云网络的启示。为此,我们提出了一种用于事实和维度表的列名加密的自定义方法,并在MySQL的列名限制中实现了该方法以测试其有效性。本文还介绍了用于数据仓库的增强加密模型,该模型提供了用于保护数据仓库的完整解决方案。在这里,列名借助来自安全主机的密钥进行加密,而无需向云网络透露安全详细信息。它降低了攻击者针对具有战略意义的重要列(如销售数字,成本等)的能力。结果,在加权列情况下,攻击者的工作量增加了(n-k-W)/(n-k)。在这里,“ n”是列的总数,“ k”,而“ W”分别是未加密和加密的列数。我们还在标准TPC-H数据库上针对加密和解密周期对建议机制进行了性能分析。列名借助来自安全主机的密钥进行加密,而不会向云网络透露安全详细信息。它降低了攻击者针对具有战略意义的重要列(如销售数字,成本等)的能力。结果,在加权列情况下,攻击者的工作量增加了(n-k-W)/(n-k)。在这里,“ n”是列的总数,“ k”,而“ W”分别是未加密和加密的列数。我们还在标准TPC-H数据库上针对加密和解密周期对建议机制进行了性能分析。列名借助来自安全主机的密钥进行加密,而无需向云网络透露安全详细信息。它降低了攻击者针对具有战略意义的重要列(如销售数字,成本等)的能力。结果,在加权列情况下,攻击者的工作量增加了(n-k-W)/(n-k)。在这里,“ n”是列的总数,“ k”,而“ W”分别是未加密和加密的列数。我们还在标准TPC-H数据库上针对加密和解密周期对建议机制进行了性能分析。结果,在加权列情况下,它使攻击者的工作量增加了(n-k-W)/(n-k)。在这里,“ n”是列的总数,“ k”,而“ W”分别是未加密和加密的列数。我们还在标准TPC-H数据库上针对加密和解密周期对建议机制进行了性能分析。结果,在加权列情况下,它使攻击者的工作量增加了(n-k-W)/(n-k)。在这里,“ n”是列的总数,“ k”,而“ W”分别是未加密和加密的列数。我们还在标准TPC-H数据库上针对加密和解密周期对建议机制进行了性能分析。

更新日期:2020-10-19
down
wechat
bug