Username   Password       Forgot your password?  Forgot your username? 

Approach of Tamper Detection for Sensitive Data based on Negotiable Hash Algorithm

Volume 13, Number 5, September 2017 - Paper 14  - pp. 711-720
DOI: 10.23940/ijpe.17.05.p14.711720

Jing Lin*, Chuqiao Mi, Yuanquan Shi

School of Computer Science and Engineering, Huaihua University, Huaihua, 418000, Hunan, China

(Submitted on March 24, 2017; Revised on June 29, 2017; Accepted on August 21, 2017)


Sensitive data is a very important to information safety. The real-world sensitive data is often illegally altered because database administrators (DBAs) have special identity and permissions in database system. However, the traditional secure measures, such as user authentication and access control, do not work well for them. For this case, it is necessary to identify effectively whether the sensitive data in database in enterprise trusted domain is illegally altered or not. Therefore, combining active detection at the security server with passive detection at the security client, a detection approach of the tampered sensitive data based on negotiable hash algorithm is proposed in this paper. Experiments show our algorithm can performs well for sensitive data tamper detection, and it is adapt to protect sensitive data in medical database.


References: 23

    1. W. Al-Nuaimy, M. A. M. El-Bendary, A. Shafik, F. Shawki, A. E. Abou-El-azm, N. El-Fishawy, S. M. Elhalafawy, S. M. Diab, B. M. Sallam, F. E. A. El-Samie, and H. B. Kazemian, “An SVD Audio Watermarking Approach Using Chaotic Encrypted Images,” Digital Signal Processing, vol. 21, no. 6, pp. 764-779, 2011
    2. C. Cida, “Recent Developments in Cryptographic Hash Functions: Security Implications and Future Directions,” Information Security Technical Report, vol. 11, no. 2, pp. 100-107, 2006
    3. S. Cimato, C. N. Yang, and C. C. Wu, “Visual Cryptography Based Watermarking: Definition and Meaning,” Lecture Notes in Computer Science,  vol. 7809,  pp. 435-448, 2013
    4. H. Guo, Y. Li, A. Liu, and S. Jajodia, “A Fragile Watermarking Scheme for Detecting Malicious Modifications of Database Relations,” Information Sciences, vol. 176, no. 10, pp. 1350-1378, 2006
    5. S. Greeshma and R. Jayapriya, “Securing Database Server Using Homomorphic Encryption and Re-Encryption,” Security in Computing and Communications. Springer International Publishing,  pp. 277-289, 2015
    6. V. Gupta and I. J. Rajput, “Privacy Preserving in Data-Mining: A Survey on Security of Outsourced Transaction Databases,” Compusoft International Journal of Advanced Computer Technology, vol. 3, no. 12, pp. 1377-1385, 2014
    7. A. Hamadou, X. Sun, L. Gao, and S. A. Shah, “A Fragile Zero-Watermarking Technique for Authentication of Relational Databases,” International Journal of Digital Content Technology & Its Applications, vol. 5, no. 5, pp. 189-200, 2011
    8. A. Hamadou, X. Sun, S. A. Shah, and L. Gao, “A Hybrid Watermarking Scheme for Relational Databases Copyright Protection and Tamper Proofing,” International Journal of Advancements in Computing Technology, vol. 3, no. 8, pp. 18-28, 2011
    9. J. Lin and Q. S. Huang, “Method of Data Tamper Detection by Using Improved MD5 Algorithm,” Computer Engineering & Applications,  vol. 44, no. 33, pp. 148-150, 2008 (In Chinese)
    10. Y. Li, H. Guo, and S. Jajodia, “Tamper Detection and Localization for Categorical Data Using Fragile Watermarks,” in Digital Rights Management(DRM), Proceedings of the 2004 4th ACM Workshop on, pp. 73-82, October,2004
    11. E. Mykletun, M. Narasimha, and G. Tsudik, “Authentication and Integrity in Outsourced Databases,” ACM Transactions on Storage,  vol. 2,no. 2, pp. 107-132, 2006
    12. S. Mead, “Unique File Identification in the National Software Reference Library,” Digital Investigation, vol. 3, no. 3, pp. 138-150, 2006
    13. A. R. Pathak and B. Padmavathi, “A Secure Threshold Secret Sharing Framework for Database Outsourcing,” in Advanced Communication Control and Computing Technologies (ICACCCT), 2014 IEEE International Conference on, pp. 1642-1649, IEEE, May, 2014
    14. R. L. Rivest, “The MD5 Message-Digest Algorithm,”  RFC 1321, 1992
    15. M. Stevens, “Single-Block Collision Attack on MD5,” Cryptology Eprint Archive Report, pp. 1-11, 2012
    16. M. Stevens, “Fast Collision Attack on MD5,” Cryptology Eprint Archive, 2006
    17. R. T. Snodgrass, S. S. Yao, and C. Collberg, “Tamper Detection in Audit Logs,” in Very Large Databases(VLDB), Proceedings of the 2004 Thirtieth International Conference on, vol. 30, pp. 504-515, August, 2004
    18. M. V. Venkatesh and M. P. Parthasarathi, “Enhanced Audit Services for the Correctness of Outsourced Data in Cloud Storage,” International Journal of Advanced Research in Computer Engineering & Technology, vol. 2, no. 2, pp. 564- 567, 2013
    19. X. Wang and H. Yu, “How to Break MD5 and Other Hash Functions,” Lecture Notes in Computer Science, vol. 3494, pp. 561-561, 2005
    20. M. Xie, H. Wang, J. Yin, and X. Meng, “Integrity Auditing of Outsourced Data,” in Very Large Data Bases(VLDB), Proceedings of the 2007 33rd International Conference on, pp. 782-793 , September, 2007
    21. A. Yavuz, “Immutable Authentication and Integrity Schemes for Outsourced Databases,” IEEE Transactions on Dependable & Secure Computing, pp. 1-14, 2016
    22. J. Zhang, P. Li, and J. Mao, “IPad: ID-based Public Auditing for the Outsourced Data in the Standard Model,” Cluster Computing, vol. 19, no. 1, pp. 127-138, 2016
    23. Z. Zhang, L. Wu, H. Li, H. Lai, and C. Zhang, “Dual Watermarking Algorithm for Medical Image,” Journal of Medical Imaging and Health Informatics, vol. 7, no. 3, pp. 607-622, 2017



      Click here to download the paper.

      Please note : You will need Adobe Acrobat viewer to view the full articles.Get Free Adobe Reader

      This site uses encryption for transmitting your passwords.