Title :
Sharing Session Keys in Encrypted Databases
Author_Institution :
Dept. of Inf. Sci., Guangzhou Univ.
Abstract :
Outsourcing database to database service providers demonstrates an emerging computation paradigm in many organizations. To meet the requirement of protecting sensitive data from outside providers, a bucket-based storage method is proposed to store the data encrypted. However, this storage method does not address the access control from the inside users, and an inside user may have enough rights to access the query results. In this paper, we propose a simple method to protect sensitive data both from insiders and outsiders on the bucket-based method. The session keys, used to encrypt sensitive data, are stored encrypted with corresponding tuples on remote databases. By constructing the user abilities to decrypt these encrypted keys on hierarchies, only the users in higher hierarchies are allowed to decrypt the encrypted session keys issued in some lower hierarchies. This method combines key distribution with access control and can be applied in the small enterprises where the users are structured in hierarchies
Keywords :
authorisation; business data processing; database management systems; public key cryptography; storage management; access control; bucket-based storage method; data encryption; databases encryption; encrypted keys decryption; session key sharing; Access control; Costs; Cryptography; Databases; Distributed computing; Information science; Outsourcing; Protection; Public key; Web server;
Conference_Titel :
e-Business Engineering, 2006. ICEBE '06. IEEE International Conference on
Conference_Location :
Shanghai
Print_ISBN :
0-7695-2645-4
DOI :
10.1109/ICEBE.2006.93
