Journal of the Korea Society of Computer and Information (한국컴퓨터정보학회논문지)

Korean Society of Computer Information (한국컴퓨터정보학회)
권호 표지
DOI QR코드

DOI QR Code

Study on the Technical Security Factor for the Implementation of Secure DB System

안정적인 DB보안 시스템 구축을 위한 보안기술요소 분석에 관한 연구

  • 윤선희 (숭의여자대학교 디지털미디어전공)
  • Received : 2014.11.19
  • Accepted : 2014.12.10
  • Published : 2014.12.31
Download PDF
⟨ Previous Next ⟩

Abstract

This paper introduces Database security to prevent the rapidly increasing issue of private information leakage. The Database security examined in the paper separates into DB access control area and DB encryption area which further leads the paper to analyze the factors of the two areas and suggest necessary elements for creating stable Database security. In addition, the paper examines previous DB security programs by areas and analyzes pros and cons from the tested result. The experiment indicated that while DB access control presents less degradation and reduced the need to modify the existing DBMS since the access control operates at the end point of the network, DB encryption presented strength in protecting the data from unauthorized access. On the other hand, DB access control is less useful in preventing the attack in advance which leaves the log to enable tracking afterward while DB encryption can only be operated by limited types of Database and causes degradation due to system load and shows higher percentage of failure when creating the system. This paper examines characteristics of Database security areas in order to be used as a reference for institutions or companies seeking stable Database security.

본 논문에서는 기하급수적으로 증가하고 있는 개인 정보 유출로 인한 피해를 방지하기 위해 DB보안 방법을 제안한다. 제안된 보안 방법은 DB접근제어 영역과 DB암호화 영역으로 구분하며 영역별 기술 요소들을 분석하고 안정적인 DB보안 시스템 구축 시 필요한 사항들을 제시한다. 또한 기존의 영역별 DB보안 제품들을 분석하고 성능을 실험하여 결과를 분석한다. 성능을 실험한 결과, DB접근제어 방식은 네트워크 끝점에서 접근통제를 하기 때문에 기존 DBMS의 변경이 거의 필요 없으며 성능저하가 비교적 낮은 장점이 있는 반면 DB암호화 방식은 권한이 없는 경우 데이터 자체의 열람이 불가능하다는 장점이 있다. DB접근제어는 사전 차단이 미약하나 접속 로그 기록을 남겨 사후 추적으로 보완이 가능하다는 단점이 있으며 DB암호화 방식은 적용 가능한 DB종류가 한정적이며 시스템 부하로 성능이 저하될 뿐 아니라 시스템 구축 시 실패율이 높다는 단점이 있다. 따라서 본 논문에서 분석된 영역별 특징들이 향후 기관이나 기업에서 안정적인 DB 보안 시스템을 구축할 때 필요한 참고 자료가 되기를 기대한다.

Keywords

References

  1. http://www.dbguide.net/db.db?cmd=view&boardUid=152806&boardConfigUid=9&categoryUid=216&boardIdx=146&boardStep=1
  2. Eong-Jun Kang, "Sucessful DB Security System Implmentation Method", Technical paper, Softforum,, 2012
  3. Joo Kyung-Soo, Woo Jung-Woong, "An Object-Oriented Analysis and Design Methodology for Secure Database Design-focused on Role Based Access Control", Journal of the Korea Society of Computer and Information, vol.18, no. 6, pp.63-70, June. 2013. https://doi.org/10.9708/jksci.2013.18.6.063
  4. DatabaseSecurity(Common-sensePrinciples), http://www.governmentsecurity. org/articles/DatabaseSecurityCommon-sensePrinciples.php
  5. http://www.kdb.or.kr/info/info_05_.php
  6. http://cafe.naver.com/volthee/120
  7. http://redkite777.tistory.com/315
  8. Jong-Il, Pak, Dae-Woo Park, "A Study on DB Security Problem Improvement of DB Masking by Security Grade", Journal of the Korea Society of Computer and Information, vol.14, no. 4, pp.101-109, April. 2009.
  9. Analysis Report of New Trend of DB Encryption and Security Technology, Financial Security Agency, September, 2012.
  10. Tae-Hee Park, "Database Encryption Police-Introduction of DataSecure", KSCI Review, vol.16, no 1, pp.61-72, Jan. 2008.
  11. Young-Dae Ko, Sang-Jin Lee, "Proposal of Personal Information DB Encryption Assurance Framework", Journal of the Korea Institute of Information Security and Cryptology, vol.24, no. 2, pp.397-409, April, 2014 https://doi.org/10.13089/JKIISC.2014.24.2.397
  12. Seong-Yoon Shin, "A Study on Definitions of Security Requirements for Identification and Authentication on the Step of Analysis ", Journal of the Korea Society of Computer and Information, vol.19, no. 7, pp.87-93, July. 2014. https://doi.org/10.9708/jksci.2014.19.7.087
  13. Joo Kyung-Soo, Woo Jung-Woong, "An Object-Oriented Analysis and Design Methodology for Secure Database Design -focused on Role Based Access Control", Journal of the Korea Society of Computer and Information, vol.18, no. 6, pp.63-70, June. 2013. https://doi.org/10.9708/jksci.2013.18.6.063
  14. Woo Seok Seo, Jung Oh Park, Moon Seog Jun, "A Design of Policy Treatment Techniques of Access Control Inference based Convergence Security System", Korea Information Science Society Journal:Information Communication, vol.38, no. 6, pp.422-430, June. 2011.
  15. Eui-Kil Lee, "Encrption Solution for Personal Information Security, Vometric Data Security Introduction", Technical Paper, COMAS, 2013
  16. Hyun-A Park, Dong-Hoon Lee, Taek-Young Jeong, Young-Taek, Jeong, "Comprehensive Study on Security and Privacy Requirements for Retrieval System over Encrypted Database", Journal of the Korea Institute of Information Security and Cryptology, vol.22, no. 3, pp.621-635, June, 2012