Yıl 2018, Cilt 3, Sayı 2, Sayfalar 207 - 224 2018-05-17

Using Record Level Encryption for Securing Information in Classified Information Systems

Blerim Rexha [1] , Halil Sadiku [2] , Bujar Krasniqi [3]

63 41

Information technology (IT) systems have great potential to improve the efficiency and methods of operation in each government organization, providing added convenience and flexibility. Currently, most of government law enforcement agencies have digitized their methods of work by advancing their user services. With this new approach, have come new threats, therefore, it is necessary to develop and implement standard policies to enhance information security and privacy on all classified information systems. In this paper a novel solution is presented for protection of information up to the record level encryption by applying the Advanced Encryption Standard (AES) algorithm using derived symmetric master key. The master key is unique per each record and is calculated in the client application. The uniqueness of the derived master key is assured by applying the exclusive or operation of the key of each record and the unique key of the client. Furthermore, this paper includes a critical approach on existing cryptographic methods and proposes additional methods to protect information, such us authentication, access control, and audit.

Information security, Privacy, Encryption, Decryption, Access control, Audit
  • Arshad, N.H. , Shah, S.N.T , Mohamed, A. , Mamat, A.M. (2007) ‘The Design and Implementation of Database Encryption’, International Journal of Applied Mathematics and Informatics, Vol. 1 Iss. 3, pp. 115-122.
  • Aarthi, G. and Ramaraj, E. (2012) ‘A Novel Encryption approach in Database Securit’, International Journal of Computer& Organization Trends, Vol. 2 Iss. 1, pp. 16-20.
  • Albarqi, A., Alzaid, E., Al Ghamdi, F., Asiri, S. and Kar, J. (2015) ‘Public Key Infrastructure: A Survey’, Journal of Information Security, Vol.06 No. 01, pp. 31-37.
  • Bouganim, L. and Guo, Y. (2009) ‘Database encryption. Encyclopedia of cryptography and security’, pp. 1-9.
  • Department of Defense (2004) DoD Personnel Identity Protection (PIP) Program, Directive Number 1000.25.
  • European Commission (2015). Commission Decision (EU, Euratom) 2015/444 on the security rules for protecting EU classified information, Brussel.
  • European Commission (2016). EU eGovernment Action Plan 2016-2020: Accelerating the digital transformation of government, Brussel. http://ec.europa.eu/newsroom/dae/document.cfm?doc_id=15268 (Accessed 11 January 2018).
  • Harris, S. (2010) Certified Information Systems Security Professional (CISSP) Exam Guide, 5th Edition.
  • Huey, P. (2017) Oracle Database Advanced Security Guide, 12c Release 1 (12.1), Oracle, E50333-16.
  • Josefsson, S. (2006). The Base16, Base32, and Base64 Data Encodings. RFC 4648 (Proposed Standard), http://www.ietf.org/rfc/rfc4648.txt (Accessed 2 December 2017).
  • Lowy, J. and Montgomery, M. (2015) Programming WCF Services: Design and Build Maintainable Service-Oriented Systems, 4th Edition.
  • Menezes, A. , Oorschot, P.V. and Vanstone, S. (1997) ‘Handbook of Applied Cryptography’, CRC Press, pp. 1-48.
  • Mattsson, Ulf T. (2005) ‘Database Encryption - How to Balance Security with Performance’ [online] at SSRN: https://ssrn.com/abstract=670561 or http://dx.doi.org/10.2139/ssrn.670561 (Accessed 11 December 2017)
  • Mahajan, A., Verma, A. and Pahuja, D. (2014) ‘Smart Card: Turning Point of Technology’, International Journal of Computer Science and Mobile Computing, Vol. 3 Iss. 10, pp. 982–987.
  • Microsoft. [Online] https://msdn.microsoft.com/en-us/library/system.security.cryptography.rfc2898derivebytes(v=vs.110).aspx (Accesed 25 December 2017).
  • Javamex. ‘Comparison of ciphers’, [Online] http://www.javamex.com/tutorials/cryptography/ciphers.shtml (Accessed on 12 December 2017).
  • National Security Agency, Central Security Service (2017) Information Assurance Capabilities - Data at Rest Capability Package, Version 3.8.
  • Oswal, S., Singh, A. and Kumari, K. (2016) ‘Deflate Compression Algorithm’, International Journal of Engineering Research and General Science, Vol.4 Issue 1. pp. 430-436.
  • Rexha, B., Lajqi, H. and Limani, M. (2010) ‘Implementing Data Security in Student Lifecycle Management System at the University of Prishtina’, Journal Transaction on Information Science and Application, Vol. 7 Iss. 7, pp. 965-974.
  • Rexha, B., Halili, A., Rrmoku, K. and Imeraj, D. (2015) ‘Impact of secure programming on web application vulnerabilities’, IEEE International Conference on Computer Graphics, Vision and Information Security, KIIT University, Bhubaneswar, Odisha, India.
  • Varga, S., Cherry, D., D'Antoni, J. (2016) Introducing Microsoft SQL Server 2016: Mission-Critical Applications, Deeper Insights, Hyperscale Cloud, Microsoft Press, Redmond, Washington.
Birincil Dil en
Konular Bilgisayar Mühendisliği ve Bilişim
Dergi Bölümü 3
Yazarlar

Yazar: Blerim Rexha

Yazar: Halil Sadiku

Yazar: Bujar Krasniqi (Sorumlu Yazar)

Bibtex @araştırma makalesi { nesciences424677, journal = {Natural and Engineering Sciences}, issn = {2458-8989}, eissn = {2458-8989}, address = {Cemal Turan}, year = {2018}, volume = {3}, pages = {207 - 224}, doi = {10.28978/nesciences.424677}, title = {Using Record Level Encryption for Securing Information in Classified Information Systems}, key = {cite}, author = {Sadiku, Halil and Krasniqi, Bujar and Rexha, Blerim} }
APA Rexha, B , Sadiku, H , Krasniqi, B . (2018). Using Record Level Encryption for Securing Information in Classified Information Systems. Natural and Engineering Sciences, 3 (2), 207-224. DOI: 10.28978/nesciences.424677
MLA Rexha, B , Sadiku, H , Krasniqi, B . "Using Record Level Encryption for Securing Information in Classified Information Systems". Natural and Engineering Sciences 3 (2018): 207-224 <http://dergipark.gov.tr/nesciences/issue/37018/424677>
Chicago Rexha, B , Sadiku, H , Krasniqi, B . "Using Record Level Encryption for Securing Information in Classified Information Systems". Natural and Engineering Sciences 3 (2018): 207-224
RIS TY - JOUR T1 - Using Record Level Encryption for Securing Information in Classified Information Systems AU - Blerim Rexha , Halil Sadiku , Bujar Krasniqi Y1 - 2018 PY - 2018 N1 - doi: 10.28978/nesciences.424677 DO - 10.28978/nesciences.424677 T2 - Natural and Engineering Sciences JF - Journal JO - JOR SP - 207 EP - 224 VL - 3 IS - 2 SN - 2458-8989-2458-8989 M3 - doi: 10.28978/nesciences.424677 UR - http://dx.doi.org/10.28978/nesciences.424677 Y2 - 2018 ER -
EndNote %0 Natural and Engineering Sciences Using Record Level Encryption for Securing Information in Classified Information Systems %A Blerim Rexha , Halil Sadiku , Bujar Krasniqi %T Using Record Level Encryption for Securing Information in Classified Information Systems %D 2018 %J Natural and Engineering Sciences %P 2458-8989-2458-8989 %V 3 %N 2 %R doi: 10.28978/nesciences.424677 %U 10.28978/nesciences.424677
ISNAD Rexha, Blerim , Sadiku, Halil , Krasniqi, Bujar . "Using Record Level Encryption for Securing Information in Classified Information Systems". Natural and Engineering Sciences 3 / 2 (Mayıs 2018): 207-224. http://dx.doi.org/10.28978/nesciences.424677