文章基本信息

标题：A CLASSIFICATION METHOD FOR IDENTIFYING CONFIDENTIAL DATA TO ENHANCE EFFICIENCY OF QUERY PROCESSING OVER CLOUD
本地全文：下载
作者：HUSSEIN ALBADRI ; ROSSILAWATI SULAIMAN
期刊名称：Journal of Theoretical and Applied Information Technology
印刷版ISSN：1992-8645
电子版ISSN：1817-3195
出版年度：2016
卷号：93
期号：2
出版社：Journal of Theoretical and Applied
摘要：With the increased use of Database-as-a-Service (DAAS), several issues also come in parallel, especially in translating and executing queries to and from the database securely and efficiently. These issues are in response towards potential attacks such as attempting to copy or eavesdrop the database via queries. Existing security mechanisms include securing the queries by using encryption. However, encrypting the queries significantly affects the efficiency of query processing because of the security overhead from the encrypting and decrypting processes. This study aims to address this problem by proposing a divide-and-conquer strategy in which partial encryptions is used on the queries. This is performed by classifying the data into sensitive and non-sensitive categories using a classification approach, so that only the sensitive data will be encrypted. The classification used in this study is based on the data classification policy from the Columbia University. Firstly, a manual annotation is conducted to label the data fields into sensitive and non-sensitive categories. Next, rules are generated in order to classify the queried data. If a query contains sensitive data, the encryption will specifically be applied to the sensitive data, whereas the non-sensitive data will remain unencrypted. Experiments have been conducted using real-time data from Baghdad University that is related to students information consisting 35 tables and 362 fields. The evaluation is based on the comparison of security overhead of the fully encryption (without classification) and partial encryption (with the classification) using Advance Encryption Standard (AES). Results shown that the classification method has significantly reduced the time used to process the query. This implies that the partial encryption based on classifying the data into sensitive and non-sensitive categories has improves the efficiency of query processing.
关键词：Cloud Computing; Cloud Database; Secure Query Processing; Cloud Query Processing