Using Record Level Encryption for Securing Information in Classified Information Systems

Year 2018, , 207 - 224, 17.05.2018

Blerim Rexha Halil Sadiku Bujar Krasniqi

https://doi.org/10.28978/nesciences.424677

Abstract

Information technology (IT) systems have great potential to improve the efficiency and methods
of operation in each government organization, providing added convenience and flexibility.
Currently, most of government law enforcement agencies have digitized their methods of work
by advancing their user services. With this new approach, have come new threats, therefore, it is
necessary to develop and implement standard policies to enhance information security and
privacy on all classified information systems. In this paper a novel solution is presented for
protection of information up to the record level encryption by applying the Advanced Encryption
Standard (AES) algorithm using derived symmetric master key. The master key is unique per
each record and is calculated in the client application. The uniqueness of the derived master key
is assured by applying the exclusive or operation of the key of each record and the unique key of
the client. Furthermore, this paper includes a critical approach on existing cryptographic methods
and proposes additional methods to protect information, such us authentication, access control,
and audit.

Keywords

Information security, Privacy, Encryption, Decryption, Access control, Audit

References

• Arshad, N.H. , Shah, S.N.T , Mohamed, A. , Mamat, A.M. (2007) ‘The Design and Implementation of Database Encryption’, International Journal of Applied Mathematics and Informatics, Vol. 1 Iss. 3, pp. 115-122.
• Aarthi, G. and Ramaraj, E. (2012) ‘A Novel Encryption approach in Database Securit’, International Journal of Computer& Organization Trends, Vol. 2 Iss. 1, pp. 16-20.
• Albarqi, A., Alzaid, E., Al Ghamdi, F., Asiri, S. and Kar, J. (2015) ‘Public Key Infrastructure: A Survey’, Journal of Information Security, Vol.06 No. 01, pp. 31-37.
• Bouganim, L. and Guo, Y. (2009) ‘Database encryption. Encyclopedia of cryptography and security’, pp. 1-9.
• Department of Defense (2004) DoD Personnel Identity Protection (PIP) Program, Directive Number 1000.25.
• European Commission (2015). Commission Decision (EU, Euratom) 2015/444 on the security rules for protecting EU classified information, Brussel.
• European Commission (2016). EU eGovernment Action Plan 2016-2020: Accelerating the digital transformation of government, Brussel. http://ec.europa.eu/newsroom/dae/document.cfm?doc_id=15268 (Accessed 11 January 2018).
• Harris, S. (2010) Certified Information Systems Security Professional (CISSP) Exam Guide, 5th Edition.
• Huey, P. (2017) Oracle Database Advanced Security Guide, 12c Release 1 (12.1), Oracle, E50333-16.
• Josefsson, S. (2006). The Base16, Base32, and Base64 Data Encodings. RFC 4648 (Proposed Standard), http://www.ietf.org/rfc/rfc4648.txt (Accessed 2 December 2017).
• Lowy, J. and Montgomery, M. (2015) Programming WCF Services: Design and Build Maintainable Service-Oriented Systems, 4th Edition.
• Menezes, A. , Oorschot, P.V. and Vanstone, S. (1997) ‘Handbook of Applied Cryptography’, CRC Press, pp. 1-48.
• Mattsson, Ulf T. (2005) ‘Database Encryption - How to Balance Security with Performance’ [online] at SSRN: https://ssrn.com/abstract=670561 or http://dx.doi.org/10.2139/ssrn.670561 (Accessed 11 December 2017)
• Mahajan, A., Verma, A. and Pahuja, D. (2014) ‘Smart Card: Turning Point of Technology’, International Journal of Computer Science and Mobile Computing, Vol. 3 Iss. 10, pp. 982–987.
• Microsoft. [Online] https://msdn.microsoft.com/en-us/library/system.security.cryptography.rfc2898derivebytes(v=vs.110).aspx (Accesed 25 December 2017).
• Javamex. ‘Comparison of ciphers’, [Online] http://www.javamex.com/tutorials/cryptography/ciphers.shtml (Accessed on 12 December 2017).
• National Security Agency, Central Security Service (2017) Information Assurance Capabilities - Data at Rest Capability Package, Version 3.8.
• Oswal, S., Singh, A. and Kumari, K. (2016) ‘Deflate Compression Algorithm’, International Journal of Engineering Research and General Science, Vol.4 Issue 1. pp. 430-436.
• Rexha, B., Lajqi, H. and Limani, M. (2010) ‘Implementing Data Security in Student Lifecycle Management System at the University of Prishtina’, Journal Transaction on Information Science and Application, Vol. 7 Iss. 7, pp. 965-974.
• Rexha, B., Halili, A., Rrmoku, K. and Imeraj, D. (2015) ‘Impact of secure programming on web application vulnerabilities’, IEEE International Conference on Computer Graphics, Vision and Information Security, KIIT University, Bhubaneswar, Odisha, India.
• Varga, S., Cherry, D., D'Antoni, J. (2016) Introducing Microsoft SQL Server 2016: Mission-Critical Applications, Deeper Insights, Hyperscale Cloud, Microsoft Press, Redmond, Washington.