End-to-End Database Software Security-Reference-Cited by-同舟云学术

End-to-End Database Software Security

Published:2023-03-29 Issue:2 Volume:2 Page:163-176
ISSN:2674-113X
Container-title:Software
language:en
Short-container-title:Software

Author:

Ulybyshev Denis¹,Rogers Michael¹,Kholodilo Vadim¹,Northern Bradley¹

Affiliation:

1. Department of Computer Science, Tennessee Technological University, Cookeville, TN 38505, USA

Abstract

End-to-end security is essential for relational database software. Most database management software provide data protection at the server side and in transit, but data are no longer protected once they arrive at the client software. In this paper, we present a methodology that, in addition to server-side security, protects data in transit and at rest on the application client side. Our solution enables flexible attribute-based and role-based access control, such that, for a given role or user with a given set of attributes, access can be granted to a relation, a column, or even to a particular data cell of the relation, depending on the data content. Our attribute-based access control model considers the client’s attributes, such as versions of the operating system and the web browser, as well as type of the client’s device. The solution supports decentralized data access and peer-to-peer data sharing in the form of an encrypted and digitally signed spreadsheet container that stores data retrieved by SQL queries from a database, along with data privileges. For extra security, keys for data encryption and decryption are generated on the fly. We show that our solution is successfully integrated with the PostgreSQL® database management system and enables more flexible access control for added security.

Funder

Tennessee Technological University

Publisher

MDPI AG

Link

https://www.mdpi.com/2674-113X/2/2/7/pdf

Reference27 articles.

1. BigQuery (2023, March 07). Introduction to Column-Level Access Control. Available online: https://cloud.google.com/bigquery/docs/column-level-security-intro.

2. Microsoft Corporation (2023, March 07). Publications, Seminars, & Conferences Guidelines. Available online: https://www.microsoft.com/en-us/legal/intellectualproperty/trademarks/publications.

3. Popa, R.A., Redfield, C.M., Zeldovich, N., and Balakrishnan, H. (2011, January 23–26). CryptDB: Protecting confidentiality with encrypted query processing. Proceedings of the Twenty-Third ACM Symposium on Operating Systems Principles, Cascais, Portugal.

4. PostgreSQL (2023, March 07). Encryption Options. Available online: https://www.postgresql.org/docs/current/encryption-options.html.

5. Privacy-Preserving Crowd-Sensed Trust Aggregation in the User-Centeric Internet of People Networks;Azad;ACM Trans. Cyber-Phys. Syst.,2021

Cited by 1 articles. 订阅此论文施引文献订阅此论文施引文献，注册后可以免费订阅5篇论文的施引文献，订阅后可以查看论文全部施引文献

1. Enhancing reservoir computing for secure digital image encryption using finance model forecasting;Natural and Applied Sciences International Journal (NASIJ);2023-12-13