Databases are an integral part in many applications, such as financial applications and medical eHealth applications. The databases might be very sensitive, containing valuable data to an enterprise or individuals. The theft of sensitive data is a growing concern for individuals, businesses and governments.
Databases are managed by using Database Management System (DBMSs), such as Oracle Database, MySQL, Microsoft SQL Server, etc. A database can be deployed on a server within an enterprise, on a virtual server in a cloud, or on a DBMS service in a cloud. The data theft is a concern for each type of deployment.
When databases are deployed on a server within the premises of an enterprise, the server is physically under the control of the enterprise. If the server is compromised or infected with malware or viruses, attackers might be able to access the raw database data file and steal the data by circumventing any enterprise access control mechanism. On the other hand, the database administrators in the enterprise have the opportunity to breach the privacy and integrity of data intentionally or accidentally since they can access the stored data for performing the database management tasks.
A database system can also be deployed by an enterprise on a virtual server, which runs on a cloud like the Amazon Elastic Compute Cloud (Amazon EC2). In this case, the virtual server underlying the database is physically under the control of the cloud provider, and onto the virtual server the enterprise installs DBMS to manage their databases. Similar to the above case, the data theft also happens in this case if the cloud infrastructure is compromised by attackers, infected with malware or viruses, and the enterprise database administrators might breach the privacy and integrity of databases. Moreover, if the cloud providers are not trustworthy; they can steal the database data in virtual servers provided by them.
There are currently DBMS services provided by cloud providers, such as Amazon Relational Database Service (Amazon RDS) and Microsoft SQL Azure Database. By using DBMS service, an enterprise can put their databases in a virtual DBMS on the cloud. In this case, the enterprise does not need to buy and install their own DBMS software, and the cost of hiring highly-skilled database administrators (DBA) may be reduced. The cloud providers are responsible for the management, upgrading and performance tuning of the database systems. Similarly, an attack or virus infection can steal the data if the database service is compromised. Also, since the databases are directly under the management of the cloud providers, the providers can steal the enterprise data easily just by using the standard database access interface.
The straightforward approach to the data theft problem of databases is to encrypt the data in databases. That is, data are encrypted when stored into a database, or the entire data file is encrypted, as allowed by Microsoft SQL Server 2008 and Oracle 10g Database. In this way, the data in the database are protected from the attackers who compromise the server and the database administrators if they do not know the encryption keys. However, after encrypted, the database can no longer be directly queried in Microsoft SQL Server 2008 and Oracle 10g database, or the data has to be decrypted before performing a query.