A Specific Encryption Solution for Data Warehouses

Authors

Abstract

Protecting Data Warehouses (DWs) is critical, because they store the secrets of the business. Although published research and best practice guides state encryption is the best way to assure the confidentiality of sensitive data and maintain high performance, this adds overheads that jeopardize their feasibility in DWs. In this paper, we propose a Specific Encryption Solution tailored for DWs (SES-DW), using a numerical cipher with variable mixes of eXclusive Or (XOR) and modulo (division remainder) operators. Data storage overhead is avoided by preserving each encrypted column’s datatype, while transparent SQL rewriting is used to avoid I/O and network bandwidth bottlenecks by discarding data roundtrips for encryption and decryption purposes. The experimental evaluation using the TPC-H benchmark and a real-world sales DW with Oracle 11g and Microsoft SQL Server 2008 shows that SES-DW achieves better response time in both inserting and querying, than standard and state-of-the-art encryption algorithms such as AES, 3DES, OPES and Salsa20, while providing considerable security strength.

Keywords

Encryption, Data Security, Data Warehousing

Subject

Encryption, Data Security, Data Warehousing

Conference

DASFAA 2013 - International Conference on Database Systems for Advanced Applications, April 2013

PDF File