1. Introduction:
Globalization and advancements in the internet and information technology laid paths to new ways of communication. Countries separated through oceans united through Internet and Web. Gone are the days where data and information was stored on papers. Now, everything is stored electronically which is more reliable and secure.
As the data is growing in multiple folds, Security issues are also growing at the same speed raising the concerns about its security. Though, Regulatory bodies have come up with strict guidelines and policies with constant amendments being made to keep the data and information secure and preventing it from falling into wrong hand, still data breaches continue to happen putting the people and businesses at great risks.
Hence, it is the hour of the need that data must be secured at the root level and Data Encryption fits appropriately in accomplishing this task and protects data at rest.
This paper focuses on Database encryption for database security, different methods and levels of database encryption and its advantages over other methods of data protection.
It also discusses on the performance issues associated with data encryption and best practices to minimize the performance over head on the database server due to encryption.
2. Database security - Encryption:
Database security is securing the data on a centralized database against the compromises of their confidentiality, integrity and availability. It is achieved through various information security controls or processes which include Access control, Authentication, Auditing, Integrity controls, backups and Encryption.
Databases have been protected at a higher level through network security measures such as firewalls and n...
... middle of paper ...
.... doi:10.1109/TPDS.2013.154
3. Sharma, M., Chaudhary, A., & Kumar, S. (2013) Query Processing Performance and Searching over Encrypted Data by using an Efficient Algorithm. International Journal of Computer Applications 62(10), 4, 5-8. doi: arXiv:1308.4687v1 [cs.DB]
4. Oracle Corporation. (2012). Transparent Data Encryption Best Practices. Retrieved from http://www.oracle.com/technetwork/database/security/twp-transparent-data-encryption-bes-130696.pdf
5. Hsueh, S. Microsoft Corporation. (2008). Database Encryption in SQL Server 2008 Enterprise Edition. Retrieved from http://technet.microsoft.com/enus/library/cc278098(v=sql.100).aspx
6. Keshavamurthy, B., Khan, A., & Toshniwal, D. (2013). Privacy preserving association rule mining over distributed databases using genetic algorithm. Neural Computing & Applications, 22351-364. doi:10.1007/s00521-013-1343-9.
This type of encryption key administration is to create an extra key for decoding the data and is kept secure in escrow by an authorised 3rd party. We can also call this as a backup key or split-key. This kind of encryption method is been using to recover the data if a user forgot the password.
Encryption is a strategy for changing data on a computer in a manner that it gets to be distinctly incomprehensible regardless of the possibility that somebody can access a PC with individual information on it.
..., Nicholas G. 2010. “Past, Present, and Future Methods of Cryptography and Data Encryption.” Department of Electrical and Computer Engineering
In the rapidly developing field of computer science, there is no more controversial issue than encryption. Encryption has become a highly contested issue with the broad use of global networks including the Internet. As more and more sensitive documents are being placed on computer networks, and trusted information is being sent from computer to computer throughout the world, the need for encryption has never been greater. However, the effects of encryption on our lifestyle and the government's role in encryption has been (and will continue to be) debated for years to come.
Security helps the organization meet its business objectives or mission by protecting its physical and financial resources, reputation, legal position, employees, and other tangible and intangible assets through the selection and application of appropriate safeguards. Businesses should establish roles and responsibilities of all personnel and staff members. However, a Chief Information Officer should be appointed to direct an organization’s day to day management of information assets. Supporting roles are performed by the service providers and include systems operations, whose personnel design and operate the computer systems. Each team member must be held accountable in ensuring all of the rules and policies are being followed, as well as, understanding their roles, responsibilities and functions. Organizations information processing systems are vulnerable to many threats that can inflict various types of damage that can result in significant losses (Harris, 2014). Losses can come from actions from trusted employees that defraud the system, outside hackers, or from careless data entry. The major threat to information protection is error and omissions that data entry personnel, users, system operators and programmers make. To better protect business information resources, organizations should conduct a risk analysis to see what
Encryption is a key solution to mitigate potential corruption without fault. Many resolutions to problems are large enough to ensure that the whole company is in complete submission to the security regulations. Data encryption enables a company to reach a high level of security with ease and low cost. Data encryption can also shield confidential information stored on a computer
Data encryption refers to the process of transforming electronic information into a scrambled form that can only be read by someone who knows how to translate the code. In nowadays business world, it’s the easiest and most practical way to secure the information that we stored and processed, and it’s significant for our sensitive information. For example, as electronic commerce is popular now, the vendors and retailers must protect the customers’ personal information from hackers or competitors. They also have many business files or contracts that need to be strictly protected. Without data encryption, these important information may fall into wrong hands and be misused by others. Besides, data encryption may be used to secure sensitive information that exists on company networks, or create digital signatures, and help to authorize in business. No one should underestimate the importance of encryption. A little mistake in encryption may make sensitive information revealing, or even result in illegal and criminal accuse.
In this research paper I want to shed light on encryption. After careful research it becomes clear that encryption has been around for centuries and used in various ways. There are two distinct methods of encryption: Public Key and Private Key. Each comes with its own set of pros and cons but Private Key is the more widely used method. Laws have been put into place to sanction the use of encryption products and devices. Information has been gathered from several different sources to also explain how encryption has impacted the past and how it will continue to shape our futures.
Data encryption refers to the transformation of data into a structure that makes it unreadable by anyone without a secret decryption key. It ensures that messages can be read only by the planned recipient. Encryption is the procedure of obscuring information to create it unreadable without special information. Only organizations and individuals with an abnormal need for secrecy have actually made good use of it. Nowadays, encryption is one of the most important technologies for maintaining your privacy and the security of important information. This helps out greatly especially when E-Commerce is being used.
In the past, most of the databases were centralized, protected, and kept in a one location using a complicated database system known as centralized database. Nowadays, with the new technology of personal computers and cell phones, a new sort of database has appeared, and it seems that majority of people are pleasant with it, even if their private data is split everywhere. Many enterprises had changed their databases from the centralized databases, into the distributed database system, since it meets the demand of accessing and processing the data in the organization. Distributed database technology is considered as one of the most remarkable developments in this century (Ozsu, 1991; Rahimi & Haug, 2010; Cain, 2012). Distributed databases are basically a collection of databases that are divided on multiple computers which are connected logically but located in different physical locations, and each site manages its own local data. In contrast, centralized database is a database that is located in a one location and it is considered as a big single database (Connolly & Begg, 2010).
In this era when the Internet provides essential communication between tens of millions of people and is being increasingly used as a tool for security becomes a tremendously important issue to deal with, So it is important to deal with it. There are many aspects to security and many applications, ranging from secure commerce and payments to private communications and protecting passwords. One essential aspect for secure communications is that of cryptography. But it is important to note that while cryptography is necessary for secure communications, it is not by itself sufficient. Cryptography is the science of writing in secret code and is an ancient art; In the old age people use to send encoded message which can be understand by the receiver only who know the symbolic and relative meaning of that encoded message .The first documented use of cryptography in writing dates back to circa 1900 B.C. Egyptian scribe used non-standard hieroglyphs in an inscription. After writing was invented cryptography appeared spontaneously with applications ranging from diplomatic missives to war-time battle plans. It is no surprise, then, that new forms of cryptography came soon after the widespread development of computer communications. In telecommunications and data cryptography is necessary when communicating in any untrusted medium, which includes any network, particularly the Internet [1].Within the context of any application-to-application communication, there are some security requirements, including:
A database management system in the main software tool of the database management approach because it controls the creation, maintenance, and use of the database of an organization and its users. The three major functions of a database management system are first to create new database and database application. Second to maintain the quality of the data in an organized database. And last to use the database of an organization to provide the information that its end users need. An example of a database management approach in a banking information system. Note how the savings, checking and installment loan programs use a database management system to share a customer database. Note also that the database management system allows a user to make direct, ad hoc interrogations of the database without using application programs.
Days, months, and years go by and we do not notice them. Living in such a busy world, we are not always aware of the changes in our lives. Twenty years ago, if someone was told we would be able to buy groceries, pay our bills, buy stocks or even a car through the use of a computer, we might have laughed and blamed too much science fiction television for such wild accusations. However, as the next generation of children grows up, they may find it funny that people still send letters to each other through the post office. The development of the Internet has given us the ability to communicate and exchange information instantly across vast distances. The Internet has caused a huge impact in the communication field, and has made our way of living and working a lot easier, faster, and cheaper than before.
The internet has revolutionized all forms of communication since the beginning of its existence. The world has now become smaller' or more like a global village', so to speak. The internet was first used by the U.S military for communications purposes. The internet, from the communication point of view, has brought on new developments and techniques to keep in touch not only for individuals, but for businesses as well. An example of how the internet has impacted communication would be an example of doctors now communicating through live video feeds via the internet with patients or other doctors to diagnose patients or to even guide and advise surgeons through complicated procedures.
The advent of the internet has allowed the world to be more connected and up-to-date on events from all over the world.