Abstract
The national information security mainly depends on the security of database. Current database management system provides some security control mechanisms to ensure the data security such as access control and password protection. However, these mechanisms are not sufficient to ensure database security. This research paper presents a pinion-rack encryption/decryption model (P-R model) and its implementation issues using the field of a record from a database as the basic encryption granularity. Based on the P-R model, this paper also presents a technique of hiding concomitant information in the information system, which can be used to detect the intrusion from illegal users. The P-R model can enhance the ability to identify attacks, accelerate encryption/decryption speed, reduce response time and improve real-time efficiency by cutting the length of keys and minimizing the number of necessary encryption operations. This research paper also proposes a “keeping separately and triggering simultaneously” key management strategy to reduce the possibility of modifying sensitive data purposely by legal users.
This research has been supported by NSFC(70450001).
This is a preview of subscription content, log in via an institution to check access.
Preview
Unable to display preview. Download preview PDF.
Similar content being viewed by others
References
Biskup, J., Bleumer, G.: Cryptographic protection of health information: cost and benefit (July 2005), http://www.scholar.google.com/url?sa=U&q=http://www.semper.org/sirene/people/gerrit/papers/protofhealthinfo.pdf
Freier, A., Karlton, P., Kocher, P.: The SSL Protocol Version 3.0., Internet-Draft (November 1996)
IBM Data Encryption for IMS and DB2 Databases, Version 1.1(2005), http://www-306.ibm.com/software/data/db2imstools/html/ibmdataencryp.html
Iyer, B., Mehrotra, S., Mykletun, E., Tsudik, G., Wu, Y.H.: A framework for efficient storage security in RDBMS. In: Bertino, E., Christodoulakis, S., Plexousakis, D., Christophides, V., Koubarakis, M., Böhm, K., Ferrari, E. (eds.) EDBT 2004. LNCS, vol. 2992, pp. 147–164. Springer, Heidelberg (2004)
Jeong, M.A., Kim, J.J., Won, Y.W.: A flexible database security system using multiple access control policies. In: Mařík, V., Štěpánková, O., Retschitzegger, W. (eds.) DEXA 2003. LNCS, vol. 2736, pp. 876–885. Springer, Heidelberg (2003)
Oracle Corporation: Database Encryption in Oracle9i. oracle.com/deploy/security/oracle9i
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2006 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Shen, H., Zhao, J., Wang, H. (2006). Illegal Intrusion Detection Based on Hidden Information Database. In: Chen, H., Wang, FY., Yang, C.C., Zeng, D., Chau, M., Chang, K. (eds) Intelligence and Security Informatics. WISI 2006. Lecture Notes in Computer Science, vol 3917. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11734628_10
Download citation
DOI: https://doi.org/10.1007/11734628_10
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-33361-6
Online ISBN: 978-3-540-33362-3
eBook Packages: Computer ScienceComputer Science (R0)