Security of Relational Databases in Business Outsourcing
Uzun, Ersin; Stephenson, Bryan
Keyword(s): database watermarking, fingerprinting encryption
Abstract: For most corporations the volume of sensitive data used by outsourcing providers continues to increase. As the number of different entities having access to a database increases, it gets harder to prevent and trace-back data leakage. We address the problems of proving ownership and unauthorized data distribution (leakage) for relational databases. We propose three techniques that altogether may be used to detect, deter and trace-back data leaks from relational databases. We use business process outsourcing scenarios as the descriptive use case, but our techniques are equally applicable in other use cases when a relational database is shared among many parties and its confidentiality and authenticity needs to be protected. Previous work has shown how to watermark and fingerprint numerical relational data to prove ownership and track unauthorized redistributions respectively. This work represents the first attempt to find more general solutions that can practically accommodate relational data with non-numerical or error sensitive attributes that are common in corporate databases.
External Posting Date: October 21, 2008 [Fulltext]. Approved for External Publication
Internal Posting Date: October 21, 2008 [Fulltext]