Masking page reference patterns in encryption databases on untrusted storage

作者:

Highlights:

摘要

To support ubiquitous computing, the underlying data have to be persistent and available anywhere-anytime. The data thus have to migrate from devices that are local to individual computers, to shared storage volumes that are accessible over open network. This potentially exposes the data to heightened security risks. In particular, the activity on a database exhibits regular page reference patterns that could help attackers learn logical links among physical pages and then launch additional attacks. We propose two countermeasures to mitigate the risk of attacks initiated through analyzing the shared storage server’s activity for those page patterns. The first countermeasure relocates data pages according to which page sequences they are in. The second countermeasure enhances the first by randomly prefetching pages from predicted page sequences. We have implemented the two countermeasures in MySQL, and experiment results demonstrate their effectiveness and practicality.

论文关键词:Page reference patterns,Plausible deniability,Traffic analysis,Pattern mining

论文评审过程:Received 3 May 2005, Accepted 14 June 2005, Available online 12 July 2005.

论文官网地址:https://doi.org/10.1016/j.datak.2005.06.003