Đang tải... (xem toàn văn)
Bài giảng Bảo mật cơ sở dữ liệu - Chương 9 trình bày các nội dung: Introduction to SQL encryption, can we offer better performance, service provider architecture, searching over encrypted data, building the index,... Mời các bạn tham khảo.
Phần I Pag ReView Database Security and Auditing Introduction to SQL Encryption • Encryption hierarchy is marked by three-level security • These three levels provide different mechanisms for securing data across networks and local servers • Different levels of hierarchies allow multiple instances of services (e.g., SQL Server Services) to run on one physical server – Windows Level – Highest Level – Uses Windows DP API for encryption – SQL Server Level – Moderate Level – Uses Services Master Key for encryption – Database Level – Lower Level – Uses Database Master Key for encryption Pag Introduction to SQL Encryption There are two kinds of keys used in encryption: • Symmetric Key – In Symmetric cryptography system, the sender and the receiver of a message share a single, common key that is used to encrypt and decrypt the message This is relatively easy to implement, and both the sender and the receiver can encrypt or decrypt the messages • Asymmetric Key – Asymmetric cryptography, also known as Public-key cryptography, is a system in which the sender and the receiver of a message have a pair of cryptographic keys – a public key and a private key – to encrypt and decrypt the message This is a relatively complex system where the sender can use his key to encrypt the message but he cannot decrypt it The receiver, on the other hand, can use his key to decrypt the message but he cannot encrypt it Pag Introduction to SQL Encryption Pag Introduction to SQL Encryption There are two different kinds of encryptions available in SQL Server: • Database Level – This level secures all the data in a database However, every time data is written or read from database, the whole database needs to be decrypted This is a very resource-intensive process and not a practical solution • Column (or Row) Level – This level of encryption is the most preferred method Here, only columns containing important data should be encrypted; this will result in lower CPU load compared with the whole database level encryption If a column is used as a primary key or used in comparison clauses (WHERE clauses, JOIN conditions) the database will have to decrypt the whole column to perform operations involving those Pag.columns Can we offer better performance? • We DO NOT fully trust the service provider with sensitive information – Encrypt client’s data and store at server – Client: • runs queries over encrypted remote data • verifies integrity/authenticity of results • Most of the processing work to be done by the server • Consider passive adversary – A malicious individual who has access to data but only tries to learn sensitive information about the data without actively modifying it or disrupting any kind of services Pag Service Provider Architecture Pag Query Processing 101… • At its core, query processing consists of: – Logical comparisons (> , 55 • Fundamental observations – Basic operations not need to be fully implemented over encrypted data – To test (AGE > 55), it might suffice to devise a strategy that allows the test to succeed in most cases (might not work in all cases) – If test does not result in a clear positive or negative over encrypted representation, resolve later at client-side, after decryption Pag 10 Why? • It allows a uniform protection of XML documents and their security-related information • It facilitates the export and exchange of security information Pag 107 Goals • Definition of an XML-based language for specifying security-related information for web documents: – Subject credentials – Access control policies for web documents satisfying the previously stated requirements An example: X-Sec the XML-based language developed in the framework of Author-X Pag 108 X-Sec Credentials • Credentials with similar structure are grouped into credential types • A credential is a set of simple and composite properties • Credential types DTDs • Credentials XML documents Pag 109 X-Sec credential type ]> X-Sec credential Bob Watson 24 Baker Street 8005769840 bwatson@ups.com UPS X-Sec Policy Specification • XML template for specifying credentialbased access control policies • The template is as general as possible to be able to model access control policies for a variety of web documents (e.g., HTML, XML) Pag 114 X-Sec Policy Base Template policySpec (subject, object, priv, type, prop)> subject (userID*|credential)> object EMPTY> priv EMPTY> type EMPTY> prop EMPTY> userID EMPTY> credential EMPTY> userID id CDATA #REQUIRED> credential targetCredType CDATA #REQUIRED credExpr CDAT object target CDATA #REQUIRED path CDATA #REQUIRED> userID id CDATA #REQUIRED> priv value CDATA #REQUIRED> type value CDATA #REQUIRED> prop value CDATA #REQUIRED> ]> Pag 115 Instantiation for XML Sources < target="SigmodRecord.xml" path="/issues"/> < target="SigmodRecord.xml" path="/issues"/> < target="SigmodRecord.xml" path ="/issues/issuesTuple/articles/ articlesTuple/abstract"/> Pag 116 Outline • Security requirements for web data • Basic concepts of XML • Security policies for XML data protection and release • Access control mechanisms for XML data • XML-based specification of security information • XML security: future trends Pag 117 Research Trends • Secure publishing of XML documents: – A new class of information-centered applications based on Data dissemination – Possible scenarios: • Information commerce: digital libraries, electronic news • Intra-company information systems • Security requirements: – – – – Confidentiality Integrity Authenticity Completeness Pag 118 Secure Publishing Traditional Architecture Information Owner •The Owner is the producer of information • It specifies access control policies • It answers to subject queries Subject Pag 119 Third-Party Architecture Docs Publisher View Query Owner •The Publisher is responsible for managing (a portion of) the Owner information and for answering subject queries •Benefits: •Scalability Subscription •No Bottleneck Subject Pag 120 Main References • B Dournee, XML Security, RSA Press, 2002 • E Bertino, B Carminati, E Ferrari, and B Thuraisingham, XML Security, Addison-Wesley, in preparation Pag 121 Main References • E Bertino and E Ferrari Secure and Selective Dissemination of XML Documents, ACM Trans on Information System and Security, to appear • E Bertino, S Castano, e E Ferrari Author- X: a Comprehensive System for Securing XML Documents, IEEE Internet Computing, May 2001 • E Bertino, S Castano, e E Ferrari Securing XML Documents: the Author-X Project Demonstration, Proc of the ACM SIGMOD Conference 2001 • E Bertino, S Castano, E Ferrari, M Mesiti Specifying and Enforcing Access Control Policies for XML Document Sources World Wide Web Journal, 3(3), 2000 Pag 122 Main References • Web sites: – The XML Security Page: http://www.nue.et-inf.unisiegen.de/~geuer-pollmann/ xml/security.html – OASIS Consortium: http://www.oasis-open.org – World Wide Web Consortium: http://www.w3.org Pag 123 ... EMP WHERE age > 55 • Suppose the partitions on age are as follows: P1 - [20,30); P2 -[ 30,40); P3 - [40,50); P4 - [50,60); P5 - [60,100] • To test (AGE > 55), it suffices to retrieve all data that... clear positive or negative over encrypted representation, resolve later at client-side, after decryption Pag 10 Searching over Encrypted Data • Store an encrypted string – etuple – for each tuple... has impact on performance as well as privacy – very much domain/attribute dependent – equi-width vs equi-depth partitioning • Identification function assigns a partition id to each partition of