MIT Libraries logoDSpace@MIT

MIT
View Item 
  • DSpace@MIT Home
  • MIT Libraries
  • MIT Theses
  • Graduate Theses
  • View Item
  • DSpace@MIT Home
  • MIT Libraries
  • MIT Theses
  • Graduate Theses
  • View Item
JavaScript is disabled for your browser. Some features of this site may not work without it.

Practical security for multi-user web application databases

Author(s)
Redfield, Catherine M. S
Thumbnail
DownloadFull printable version (1.161Mb)
Alternative title
CryptDB : practical security for multi-user web application databases
Other Contributors
Massachusetts Institute of Technology. Dept. of Electrical Engineering and Computer Science.
Advisor
Nickolai Zeldovich.
Terms of use
M.I.T. theses are protected by copyright. They may be viewed from this source for any purpose, but reproduction or distribution in any format is prohibited without written permission. See provided URL for inquiries about permission. http://dspace.mit.edu/handle/1721.1/7582
Metadata
Show full item record
Abstract
Online web applications are continuously vulnerable to attacks on their users' data. Outside adversaries can gain unauthorized access by exploiting unknown vulnerabilities; curious or malicious database administrators can examine or alter the data in situ. Multiple Principal CryptDB protects against attacks on web application servers. By chaining encryption keys to user passwords, an attacker gaining access to decrypted data through issuing arbitrary queries to the database through CryptDB cannot access data belonging to offline users. A logging system and distributed key storage for CryptDB constrain the pool of possibly compromised data after an attack. Multiple Principal CryptDB can be used to secure the data of six web applications examined, with 2-8 lines of altered source code and 15-111 annotations added to the schema. On the phpBB web forum application, Multiple Principal CryptDB reduces throughput by only 14.5%, with 24 sensitive fields encrypted, and adds less than 26ms of latency to each individual query.
Description
Thesis (M. Eng.)--Massachusetts Institute of Technology, Dept. of Electrical Engineering and Computer Science, 2012.
 
This electronic version was submitted by the student author. The certified thesis is available in the Institute Archives and Special Collections.
 
Cataloged from student-submitted PDF version of thesis.
 
Includes bibliographical references (p. 67-68).
 
Date issued
2012
URI
http://hdl.handle.net/1721.1/76820
Department
Massachusetts Institute of Technology. Department of Electrical Engineering and Computer Science
Publisher
Massachusetts Institute of Technology
Keywords
Electrical Engineering and Computer Science.

Collections
  • Graduate Theses

Browse

All of DSpaceCommunities & CollectionsBy Issue DateAuthorsTitlesSubjectsThis CollectionBy Issue DateAuthorsTitlesSubjects

My Account

Login

Statistics

OA StatisticsStatistics by CountryStatistics by Department
MIT Libraries
PrivacyPermissionsAccessibilityContact us
MIT
Content created by the MIT Libraries, CC BY-NC unless otherwise noted. Notify us about copyright concerns.