Approach of Tamper Detection for Sensitive Data based on Negotiable Hash Algorithm
Volume 13, Number 5, September 2017 - Paper 14 - pp. 711-720 DOI: 10.23940/ijpe.17.05.p14.711720
Jing Lin*, Chuqiao Mi, Yuanquan Shi
School of Computer Science and Engineering, Huaihua University, Huaihua, 418000, Hunan, China (Submitted on March 24, 2017; Revised on June 29, 2017; Accepted on August 21, 2017)
Abstract:
Sensitive data is a very important to information safety. The real-world sensitive data is often illegally altered because database administrators (DBAs) have special identity and permissions in database system. However, the traditional secure measures, such as user authentication and access control, do not work well for them. For this case, it is necessary to identify effectively whether the sensitive data in database in enterprise trusted domain is illegally altered or not. Therefore, combining active detection at the security server with passive detection at the security client, a detection approach of the tampered sensitive data based on negotiable hash algorithm is proposed in this paper. Experiments show our algorithm can performs well for sensitive data tamper detection, and it is adapt to protect sensitive data in medical database.
References: 23
- W. Al-Nuaimy, M. A. M. El-Bendary, A. Shafik, F. Shawki, A. E. Abou-El-azm, N. El-Fishawy, S. M. Elhalafawy, S. M. Diab, B. M. Sallam, F. E. A. El-Samie, and H. B. Kazemian, “An SVD Audio Watermarking Approach Using Chaotic Encrypted Images,” Digital Signal Processing, vol. 21, no. 6, pp. 764-779, 2011
- C. Cida, “Recent Developments in Cryptographic Hash Functions: Security Implications and Future Directions,” Information Security Technical Report, vol. 11, no. 2, pp. 100-107, 2006
- S. Cimato, C. N. Yang, and C. C. Wu, “Visual Cryptography Based Watermarking: Definition and Meaning,” Lecture Notes in Computer Science, vol. 7809, pp. 435-448, 2013
- H. Guo, Y. Li, A. Liu, and S. Jajodia, “A Fragile Watermarking Scheme for Detecting Malicious Modifications of Database Relations,” Information Sciences, vol. 176, no. 10, pp. 1350-1378, 2006
- S. Greeshma and R. Jayapriya, “Securing Database Server Using Homomorphic Encryption and Re-Encryption,” Security in Computing and Communications. Springer International Publishing, pp. 277-289, 2015
- V. Gupta and I. J. Rajput, “Privacy Preserving in Data-Mining: A Survey on Security of Outsourced Transaction Databases,” Compusoft International Journal of Advanced Computer Technology, vol. 3, no. 12, pp. 1377-1385, 2014
- A. Hamadou, X. Sun, L. Gao, and S. A. Shah, “A Fragile Zero-Watermarking Technique for Authentication of Relational Databases,” International Journal of Digital Content Technology & Its Applications, vol. 5, no. 5, pp. 189-200, 2011
- A. Hamadou, X. Sun, S. A. Shah, and L. Gao, “A Hybrid Watermarking Scheme for Relational Databases Copyright Protection and Tamper Proofing,” International Journal of Advancements in Computing Technology, vol. 3, no. 8, pp. 18-28, 2011
- J. Lin and Q. S. Huang, “Method of Data Tamper Detection by Using Improved MD5 Algorithm,” Computer Engineering & Applications, vol. 44, no. 33, pp. 148-150, 2008 (In Chinese)
- Y. Li, H. Guo, and S. Jajodia, “Tamper Detection and Localization for Categorical Data Using Fragile Watermarks,” in Digital Rights Management(DRM), Proceedings of the 2004 4th ACM Workshop on, pp. 73-82, October,2004
- E. Mykletun, M. Narasimha, and G. Tsudik, “Authentication and Integrity in Outsourced Databases,” ACM Transactions on Storage, vol. 2,no. 2, pp. 107-132, 2006
- S. Mead, “Unique File Identification in the National Software Reference Library,” Digital Investigation, vol. 3, no. 3, pp. 138-150, 2006
- A. R. Pathak and B. Padmavathi, “A Secure Threshold Secret Sharing Framework for Database Outsourcing,” in Advanced Communication Control and Computing Technologies (ICACCCT), 2014 IEEE International Conference on, pp. 1642-1649, IEEE, May, 2014
- R. L. Rivest, “The MD5 Message-Digest Algorithm,” RFC 1321, 1992
- M. Stevens, “Single-Block Collision Attack on MD5,” Cryptology Eprint Archive Report, pp. 1-11, 2012
- M. Stevens, “Fast Collision Attack on MD5,” Cryptology Eprint Archive, 2006
- R. T. Snodgrass, S. S. Yao, and C. Collberg, “Tamper Detection in Audit Logs,” in Very Large Databases(VLDB), Proceedings of the 2004 Thirtieth International Conference on, vol. 30, pp. 504-515, August, 2004
- M. V. Venkatesh and M. P. Parthasarathi, “Enhanced Audit Services for the Correctness of Outsourced Data in Cloud Storage,” International Journal of Advanced Research in Computer Engineering & Technology, vol. 2, no. 2, pp. 564- 567, 2013
- X. Wang and H. Yu, “How to Break MD5 and Other Hash Functions,” Lecture Notes in Computer Science, vol. 3494, pp. 561-561, 2005
- M. Xie, H. Wang, J. Yin, and X. Meng, “Integrity Auditing of Outsourced Data,” in Very Large Data Bases(VLDB), Proceedings of the 2007 33rd International Conference on, pp. 782-793 , September, 2007
- A. Yavuz, “Immutable Authentication and Integrity Schemes for Outsourced Databases,” IEEE Transactions on Dependable & Secure Computing, pp. 1-14, 2016
- J. Zhang, P. Li, and J. Mao, “IPad: ID-based Public Auditing for the Outsourced Data in the Standard Model,” Cluster Computing, vol. 19, no. 1, pp. 127-138, 2016
- Z. Zhang, L. Wu, H. Li, H. Lai, and C. Zhang, “Dual Watermarking Algorithm for Medical Image,” Journal of Medical Imaging and Health Informatics, vol. 7, no. 3, pp. 607-622, 2017
Click here to download the paper.
Please note : You will need Adobe Acrobat viewer to view the full articles. |