Secure SPARCOM: A new approach for database cryptography. Tackling the privileged insider access problem.

摘要

It is widely recognized that the use of existing cryptographic methods to provide improved database security drastically reduces database performance. Standard methods of encryption employing ciphers alter the structure of the data in a database so that many types of query operations are severely impacted because data must first be decrypted in order to be processed. Furthermore, and most importantly, decrypting the data for processing as required by existing methods also introduces a security risk.;This research presents a new database architecture called Secure SPARCOM which enhances confidentiality through the use of a readily available, yet hitherto unexploited, form of q-code cryptography that does not suffer from these drawbacks. Ashany's SPARCOM, which stands for "Sparse Associated Relational Connection Matrix", is a method that utilizes binary sparse matrices as internal level database structures to facilitate the highly efficient processing of data. Secure SPARCOM is a distributed database architecture that takes advantage of the inherent cryptographic aspect of the SPARCOM method.;The Secure SPARCOM architecture is distributed in a manner that is unique, yet natural. The architecture locates external-level (user-level) and/or conceptual-level (community-level) schema information on remote workstations, while the internal-level data in the form of compressed binary sparse matrices is held centrally. The external-level or conceptual-level information held remotely on each workstation functions as a codebook for an appropriate subset of the centrally-held data. The centrally-held data is in effect a positional q-code. The cryptographic security of the centrally-held data can be easily augmented by a number of methods.;The unique and beneficial aspect of this form of encryption is that it does not introduce the usual performance and security weaknesses typical of other database encryption schemes. The encrypted data of Secure SPARCOM is well suited for direct processing in a database system, and as such, constitutes a general purpose privacy homomorphism.