| Summary: | With the increasing dependency of database for data storage, many sensitive data
such as personal information data and credit card information data are being stored
inside a database. These data is so valuable that it attracts unauthorized personnel to gain
access for obtaining the data for further usage. Even though the network infrastructure
nowadays is protected with different kind of security measures, there is none of them is
able to block all the threats perfectly. Therefore, the data needs to be able to protect its
confidentiality even though all measures have been failed. This is where the importance
of cryptography in protecting the data confidentiality even the data is in the hands of the
attacker. Cryptography can be implemented in different kind of methods to secure the
database. The purpose of this study is to develop a cryptosystem that is able to
implement cryptography to the data before storing them into the database. This
implementation has been strengthened by introducing two approaches which are the
classification of types of data using Key Family and the classification of data encryption
key status according to the activation time. Key Family separates types of data such as
personal information data and credit card information data. Both families use different
data encryption key to encrypt and decrypt to limit the access of the attacker if one of the
key is obtained. The state of data encryption key is determined by the activation date
which the key which has the latest time will be activated and the old ones will be expired.
This will prevent the key remains too long for encryption and decryption which poses
risks for threats to break the key. This system is developed using Java programming
language with the use of Java Cryptography Extension for the cryptography process.
MySQL database is used as the protected database where all the data in the database is
encrypted for protection. Finally, it is hope that this system can provide better security
for data confidentiality and also become the last line defense of data towards the attacks
|
|---|