Data confidentiality: to which extent cryptography and secured hardware can help

Nicolas Anciaux 1, 2 Luc Bouganim 1, 2 Philippe Pucheral 1, 2
1 SMIS - Secured and Mobile Information Systems
PRISM - Parallélisme, Réseaux, Systèmes, Modélisation, UVSQ - Université de Versailles Saint-Quentin-en-Yvelines, Inria Paris-Rocquencourt, CNRS - Centre National de la Recherche Scientifique : UMR8144
Abstract : Data confidentiality has become a major concern for individuals as well as for companies and administrations. In a classical client-server setting, the access control management is performed on the server, relying on the assumption that the server is a trusted party. However, this assumption no longer holds given the increasing vulnerability of database servers facing a growing number of external and even internal attacks. This paper studies different alternatives exploiting cryptographic techniques and/or tamper-resistant hardware to fight against these attacks. The pros and cons of each alternative are analyzed in terms of security, access control granularity and preserved database features (performance, query processing, volume of data). Finally, this paper sketches a hybrid approach mixing data encryption, integrity control and secured hardware that could pave the way for future highly secured DBMS.
Type de document :
Article dans une revue
Annals of Telecommunications - annales des télécommunications, Springer, 2006, 61 (3-4)
Liste complète des métadonnées

https://hal.inria.fr/inria-00000400
Contributeur : Elisabeth Baque <>
Soumis le : vendredi 26 septembre 2008 - 13:38:17
Dernière modification le : jeudi 18 octobre 2018 - 16:56:03
Document(s) archivé(s) le : vendredi 4 juin 2010 - 11:49:41

Fichier

ABP06b.pdf
Fichiers produits par l'(les) auteur(s)

Identifiants

  • HAL Id : inria-00000400, version 2

Collections

Citation

Nicolas Anciaux, Luc Bouganim, Philippe Pucheral. Data confidentiality: to which extent cryptography and secured hardware can help. Annals of Telecommunications - annales des télécommunications, Springer, 2006, 61 (3-4). 〈inria-00000400v2〉

Partager

Métriques

Consultations de la notice

227

Téléchargements de fichiers

164