Skip to main content
SpringerLink
Log in

Mechanism for securing cloud based data warehouse schema

  • Original Research
  • Published:
International Journal of Information Technology Aims and scope Submit manuscript

Abstract

Several studies have recommended encryption of data for securing Data Warehouse (DW) stored in hostile cloud networks. Most of the published work on encrypted DWs encrypts the DW data while DW Schema, i.e., Fact and Dimension table’s name and their attributes, remain unprotected. Unencrypted DW schema attributes may reveal critical information about the data contents to the cloud administrators or attackers. In this paper, we propose a novel mechanism for encrypting column names of DW’s fact and dimension tables, which in turn protect the revelation of details of interesting columns to the cloud network. For this, we have proposed a customized method for encryption of column names of facts and dimension tables and implemented it in MySQL’s column name restrictions to test its validity. This paper also introduces an Enhanced Encryption Model for Data Warehouse, which provides a complete solution for securing data warehouse. Here, the column name gets encrypted with the help of keys from a secure host without the revelation of security details to the cloud network. It reduces the attacker’s ability to target strategically important columns such as sales figures, cost, etc. As a result, it increases attacker effort by (n – k − W)/(n − k) in case of a weighted column scenario. Here, ‘n’ is the total number of columns, ‘k’, and ‘W’ is the number of unencrypted and encrypted columns, respectively. We have also conducted a performance analysis of the proposed mechanism on the standard TPC-H database for both encryption and decryption cycles.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6
Fig. 7
Fig. 8

Similar content being viewed by others

References

  1. Inmon WH (1991) Building the data warehouse. Wiley, New York

    Google Scholar 

  2. Sakr S, Liu A, Batista D, Mohammad A (2011) A survey of large scale data management approaches in cloud environments. IEEE CommunSurv Tutor 13:311–336

    Article  Google Scholar 

  3. Caserta J, Kimball R (1998) The data warehouse ETL toolkit practical techniques for extracting, cleaning, conforming, and delivering data. Wiley, New York

    Google Scholar 

  4. Gosain A, Arora A (2015) Security issues in data warehouse: a systematic review. ProcedComputSci. https://doi.org/10.1016/j.procs.2015.04.164

    Article  Google Scholar 

  5. Oracle (2012) Oracle advanced security transparent data encryption best practices. https://www.oracle.com/technetwork/database/security/twp-transparent-data-encryption-bes-130696.pdf. Accessed 09 Oct 2018

  6. Santos RJ, Bernardino J, Vieira M (2012) Evaluating the feasibility issues of data confidentiality solutions from a data warehousing perspective. Lect Notes ComputSci. https://doi.org/10.1007/978-3-642-32584-7_33

    Article  Google Scholar 

  7. Santos RJ, Rasteiro D, Bernardino J, Vieira M (2013) A specific encryption solution for data warehouses. Lect Notes ComputSci. https://doi.org/10.1007/978-3-642-37450-0_6

    Article  Google Scholar 

  8. Lopes CC, Cesário-Times MS et al (2018) An encryption methodology for enabling the use of data warehouses on the cloud. Int J Data Wareh Min 14:38–66

    Article  Google Scholar 

  9. Attasena V, Harbi N, Darmont J (2015) A novel multi-secret sharing approach for secure data warehousing and on-line analysis processing in the cloud. Int J Data Wareh Min 11:22–43

    Article  Google Scholar 

  10. FIPS (2011) Advanced encryption standard (AES), Federal information processing standards 197. https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.197.pdf. Accessed 09 Oct 2018

  11. Josefsson (2006) RFC4648—The Base16, Base32, and Base64 data encodings. https://www.ietf.org/rfc/rfc4648.txt. Accessed 25 Apr 2018

  12. DuBois P (2008) MySQL. Pearson education, UK

    Google Scholar 

  13. Vieira R (2010) Professional Microsoft SQL server 2008 programming. Wiley, New York

    Google Scholar 

  14. Sandhu R (1995) Issues in RBAC. RBAC’95. https://doi.org/10.1145/270152270157

    Article  Google Scholar 

  15. Thuraisingham B, Iyer S (2007) Extended RBAC—based design and implementation for a secure data warehouse. Int J Bus Intell Data Min. https://doi.org/10.1504/IJBIDM.2007.016379

    Article  Google Scholar 

  16. Emre U, Vijayalakshmi A, Jaideep V et al (2014) Security analysis for temporal role based access control. J ComputSecur 22:961–996

    Google Scholar 

  17. Claffy K, Kenneally E (2010) Dialing privacy and utility: a proposed data-sharing framework to advance internet research. IEEE SecurPriv 8:31–39

    Google Scholar 

  18. Cormode G, Srvastava D (2009) Anonymized data: generation, models, usage. SIGMOD’09. https://doi.org/10.1145/15598451559968

    Article  Google Scholar 

  19. Sweeney L (2002) k-anonymity: a model for protecting privacy. Int J Uncertain Fuzziness Knowl Based Syst 10:557–570

    Article  MathSciNet  Google Scholar 

  20. Bhargava B (2000) Security in data warehousing. Lect Notes ComputSci. https://doi.org/10.1007/3-540-44466-1_28

    Article  Google Scholar 

  21. Brightwell M, Smith HE (1997) Using data type-preserving encryption to enhance data warehouse security. In: 20th national information systems security (NISSC): 141–149

  22. Murat K, Clifton C (2004) Privacy-preserving distributed mining of association rules on horizontally partitioned data. IEEE Trans Knowl Data Eng 16:1026–1037

    Article  Google Scholar 

  23. Popa RA, Redfield CMS, Zeldovich N, Balakrishnan H (2011) CryptDB: protecting confidentiality with encrypted query processing. SOSP’11. https://doi.org/10.1145/2043556.2043566

    Article  Google Scholar 

  24. Kadhem H, Amagasa T, Kitagawa H (2009) A novel framework for database security based on mixed cryptography. 2009 Fourth international conference on internet and web applications and services. Doi: 10.1109/ICIW.2009.31

  25. Liu D (2014) Securing outsourced databases in the cloud. SecurPriv Trust Cloud Syst. https://doi.org/10.1007/978-3-642-38586-5_9

    Article  Google Scholar 

  26. Agrawal R, Kiernan J, Srikant R, Xu Y (2004) Order preserving encryption for numeric data. SIGMOD’04. https://doi.org/10.1145/1007568.1007632

    Article  Google Scholar 

  27. Kimball R, Ross M (2002) The data warehouse toolkit: the complete guide to dimensional modelling, 2nd edn. Wiley, New York

    Google Scholar 

  28. Oracle (2018) MYSQL 5.6 Reference manual. https://dev.mysql.com/doc/refman/5.6/en/. Accessed 25 Apr 2018

  29. Oracle (2018) MYSQL 5.7 Reference manual—UTF-8 for metadata. https://dev.mysql.com/doc/refman/5.7/en/charset-metadata.html. Accessed 25 Apr 2018

  30. Oracle (2018) MySQL 5.7 Reference manual—schema object names. In: MySQL 57 Ref. Man. https://dev.mysql.com/doc/refman/5.7/en/identifiers.html. Accessed 25 Apr 2018

Download references

Author information

Authors and Affiliations

  1. National Informatics Centre, MeitY, Govt. of India, Delhi, India

    Amar Arora

  2. USICT, Guru Gobind Singh Indraprastha University, Delhi, India

    Anjana Gosain

Authors
  1. Amar Arora
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Anjana Gosain
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Amar Arora.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Arora, A., Gosain, A. Mechanism for securing cloud based data warehouse schema. Int. j. inf. tecnol. 13, 171–184 (2021). https://doi.org/10.1007/s41870-020-00546-1

Download citation

  • Received:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s41870-020-00546-1

Keywords

Search

Navigation