Mechanism for securing cloud based data warehouse schema

Several studies have recommended encryption of data for securing Data Warehouse (DW) stored in hostile cloud networks. Most of the published work on encrypted DWs encrypts the DW data while DW Schema, i.e., Fact and Dimension table’s name and their attributes, remain unprotected. Unencrypted DW schema attributes may reveal critical information about the data contents to the cloud administrators or attackers. In this paper, we propose a novel mechanism for encrypting column names of DW’s fact and dimension tables, which in turn protect the revelation of details of interesting columns to the cloud network. For this, we have proposed a customized method for encryption of column names of facts and dimension tables and implemented it in MySQL’s column name restrictions to test its validity. This paper also introduces an Enhanced Encryption Model for Data Warehouse, which provides a complete solution for securing data warehouse. Here, the column name gets encrypted with the help of keys from a secure host without the revelation of security details to the cloud network. It reduces the attacker’s ability to target strategically important columns such as sales figures, cost, etc. As a result, it increases attacker effort by (n – k − W)/(n − k) in case of a weighted column scenario. Here, ‘n’ is the total number of columns, ‘k’, and ‘W’ is the number of unencrypted and encrypted columns, respectively. We have also conducted a performance analysis of the proposed mechanism on the standard TPC-H database for both encryption and decryption cycles. © 2020, Bharati Vidyapeeth's Institute of Computer Applications and Management.