More Web Proxy on the site http://driver.im/

research-article

Securing SQL with Access Control for Database as a Service Model

Authors:

Manik Lal DasAuthors Info & Claims

ICTCS '16: Proceedings of the Second International Conference on Information and Communication Technology for Competitive Strategies

Article No.: 104, Pages 1 - 6

https://doi.org/10.1145/2905055.2905163

Published: 04 March 2016 Publication History

Abstract

'Software as a service - SaaS' is a well known model used in cloud infrastructure, outsourcing and pervasive computing. With the SaaS model, application service providers (ASP) facilitates various functionalities of software to application developers as well as to consumers over a public channel like Internet. In order to manage large volumes of users data, 'Database as a service - DaaS' model is a practical requirement for ASPs. The DaaS model allows implementation of need-based (e.g., role-based) privileges of database access to its users. However, the use of DaaS model raises security concerns (e.g. confidentiality and integrity of data) of data while storing users data in untrusted public storage server. In this paper, we review one DaaS tool, CryptDB [1], developed in recent times, and we observe some limitations in it and then present an improved solution for securing data in untrusted database provider. The proposed solution mitigates the limitations of CryptDB while keeping the efficiency of the service model used between ASP and DB intact.

References

[1]

R. A. Popa, C. Redfield, N. Zeldovich, and H. Balakrishnan. CryptDB: protecting confidentiality with encrypted query processing. In Proceedings of the ACM Symposium on Operating Systems Principles, ACM, pp. 85--100, 2011.

Digital Library

[2]

H. Hacigumus, B. Iyer, and S. Mehrotra. Providing database as a service. In Proceedings of International Conference on Data Engineering, IEEE, pp. 29--38, 2002.

Digital Library

[3]

M. Cooney. IBM touts encryption innovation; new technology performs calculations on encrypted data without decrypting it. Computer World, June 2009.

[4]

J. Li, M. Krohn, D. Mazi'eres, and D. Shasha. Secure untrusted data repository (SUNDR). In Proceedings of the Symposium on Operating Systems Design and Implementation, ACM, pp. 121--136, 2004.

Digital Library

[5]

A. J. Feldman, W. P. Zeller, M. J. Freedman, and E. W. Felten. SPORC: Group collaboration using untrusted cloud resources. In Proceedings of the Symposium on Operating Systems Design and Implementation, ACM, pp. 337--350, 2010.

Digital Library

[6]

P. Mahajan, S. Setty, S. Lee, A. Clement, L. Alvisi, M. Dahlin, and M. Walfish. Depot: Cloud storage with minimal trust. ACM Transactions on Computer Systems, 29(4):12, 2010.

Digital Library

[7]

C. Gentry. Fully homomorphic encryption using ideal lattices. In Proceedings of the ACM Symposium on Theory of Computing, ACM, pp. 169--178, 2009.

Digital Library

[8]

M. Kantarcioglu, and C. Clifton. Security issues in querying encrypted data. In XIX Annual IFIP WG 11.3 Working Conference on Database and Applications Security, 005.

Digital Library

[9]

L. Xiong, S. Chitti, and L. Liu. Preserving data privacy in outsourcing data aggregation services. ACM Transactions on Internet Technology, 7(3):17, 2007.

Digital Library

[10]

C. Curino, E. P. C. Jones, R. A. Popa, N. Malviya, E. Wu, S. Madden, H. Balakrishnan, and N. Zeldovich. Relational cloud: A database-as-a-service for the cloud. In Proceedings of the Conference on Innovative Data Systems Research, CIDR, pp. 235--240, 2011.

[11]

J. He and M. Wang. Cryptography and relational database management systems. In International Symposium on Database Engineering and Applications, IEEE, pp. 273--284, 2001.

Digital Library

[12]

V. Ciriani, S. D. C. Vimercati, S. Foresti, S. Jajodia, S. Paraboschi, and P. Samarati. Keep a few: Outsourcing data while maintaining confidentiality. In Proceedings of European Symposium on Research in Computer Security, LNCS 5789, Springer, pp. 440--455, 2009.

Digital Library

[13]

E. Damiani, S. D. C. Vimercati, S. Jajodia, S. Paraboschi, and P. Samarati. Balancing confidentiality and efficiency in untrusted relational DBMSs. In Proceedings of the ACM Conference on Computer and Communications Security, ACM, pp. 93--102, 2003.

Digital Library

[14]

G. Chen, K. Chen, and J. Dong. A database encryption scheme for enhanced security and easy sharing. In Proceedings of International Conference on Computer Supported Cooperative Work in Design, IEEE, pp. 1--6, 2006.

[15]

Z. Yang, S. Zhong, and R. N. Wright. Privacy preserving queries on encrypted data. In Proceedings of European Symposium on Research in Computer Security, LNCS 4189, Springer, pp. 479--495, 2006.

Digital Library

[16]

E. Shi, J. Bethencourt, T. H. Chan, D. Song, and A. Perrig. Multi dimensional range query over encrypted data. In Proceedings of IEEE Symposium on Security and Privacy, IEEE, pp. 350--364, 2007.

Digital Library

[17]

S. Rizvi, A. Mendelzon, S. Sudarshan, and P. Roy. Extending query rewriting techniques for fine-grained access control. In Proceedings of the ACM SIGMOD International Conference on Management of Data, ACM, pp. 551--562, 2004.

Digital Library

[18]

A. Chlipala. Static checking of dynamically-varying security policies in database-backed applications. In Proceedings of the Symposium on Operating Systems Design and Implementation, ACM, pp. 105--118, 2010.

Digital Library

[19]

H. Hacigumus, B. Iyer, C. Li, and S. Mehrotra. Executing SQL over encrypted data in the database-service-provider model. In Proceedings of the ACM SIGMOD International Conference on Management of Data, ACM, pp. 216--227, 2002.

Digital Library

[20]

A. Boldyreva, N. Chenette, Y. Lee, and A. O'Neill. Order preserving symmetric encryption. In Proceedings of the International Conference on the Theory and Applications of Cryptographic Techniques, LNCS 5479, Springer, pp. 224--241, 2009.

[21]

V. Kachitvichyanukul and B. W. Schmeiser. Algorithm 668: H2PEC: Sampling from the hypergeometric distribution. ACM Transactions on Mathematical Software, 14(4):397--398, 1988.

Digital Library

[22]

R. A. Popa, C. M. S. Redfield, N. Zeldovich, and H. Balakrishnan. CryptDB web site. Retrived http://css.csail.mit.edu/cryptdb/

Cited By

Dave JChoudhury NTiwari UKamtam SRohith K(2023)Secure Deduplication with Dynamic Key Management in Fog Enabled Internet of Things2023 IEEE 47th Annual Computers, Software, and Applications Conference (COMPSAC)10.1109/COMPSAC57700.2023.00187(1237-1242)Online publication date: Jun-2023
https://doi.org/10.1109/COMPSAC57700.2023.00187
Jay Dave Dutta AFaruki PLaxmi VGaur M(2020)Secure Proof of Ownership Using Merkle Tree for Deduplicated StorageAutomatic Control and Computer Sciences10.3103/S014641162004003354:4(358-370)Online publication date: 14-Sep-2020
https://doi.org/10.3103/S0146411620040033
Dave JLaxmi VFaruki PGaur MShah B(2019)Bloom Filter Based Privacy Preserving Deduplication SystemSecurity and Privacy10.1007/978-981-13-7561-3_2(17-34)Online publication date: 30-Apr-2019
https://doi.org/10.1007/978-981-13-7561-3_2
Show More Cited By

Recommendations

Database as a Service: Towards a Unified Solution for Security Requirements
COMPSACW '12: Proceedings of the 2012 IEEE 36th Annual Computer Software and Applications Conference Workshops

Security of database outsourcing, due to the untrustworthiness of service provider, is a basic challenge to have Database As a Service in a cloud computing environment. Having disparate assumptions to solve different aspects of security such as ...
Oracle Database 12c SQL
Sql: Learn Basics of Queries and Implement Easily (sql programming, SQL 2016, sql database programming, sql for beginners, sql beginners guide, sql ... sql workbook, sql guide, MSSQL) (Volume 1)

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

cover image ACM Other conferences

ICTCS '16: Proceedings of the Second International Conference on Information and Communication Technology for Competitive Strategies

March 2016

843 pages

ISBN:9781450339629

DOI:10.1145/2905055

Copyright © 2016 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 04 March 2016

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article
Research
Refereed limited

Conference

ICTCS '16

ICTCS '16: Second International Conference on Information and Communication Technology for Competitive Strategies

March 4 - 5, 2016

Udaipur, India

Acceptance Rates

Overall Acceptance Rate 97 of 270 submissions, 36%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

6
Total Citations
View Citations
182
Total Downloads

Downloads (Last 12 months)0
Downloads (Last 6 weeks)0

Reflects downloads up to 30 Dec 2024

Other Metrics

View Author Metrics

Citations

Cited By

Dave JChoudhury NTiwari UKamtam SRohith K(2023)Secure Deduplication with Dynamic Key Management in Fog Enabled Internet of Things2023 IEEE 47th Annual Computers, Software, and Applications Conference (COMPSAC)10.1109/COMPSAC57700.2023.00187(1237-1242)Online publication date: Jun-2023
https://doi.org/10.1109/COMPSAC57700.2023.00187
Jay Dave Dutta AFaruki PLaxmi VGaur M(2020)Secure Proof of Ownership Using Merkle Tree for Deduplicated StorageAutomatic Control and Computer Sciences10.3103/S014641162004003354:4(358-370)Online publication date: 14-Sep-2020
https://doi.org/10.3103/S0146411620040033
Dave JLaxmi VFaruki PGaur MShah B(2019)Bloom Filter Based Privacy Preserving Deduplication SystemSecurity and Privacy10.1007/978-981-13-7561-3_2(17-34)Online publication date: 30-Apr-2019
https://doi.org/10.1007/978-981-13-7561-3_2
Faruki PBuddhadev BShah BZemmari ALaxmi VGaur M(2019)DroidDivesDeep: Android Malware Classification via Low Level Monitorable Features with Deep Neural NetworksSecurity and Privacy10.1007/978-981-13-7561-3_10(125-139)Online publication date: 30-Apr-2019
https://doi.org/10.1007/978-981-13-7561-3_10
Dave JFaruki PLaxmi VBezawada BGaur MShekhawat RGaur MElci AVaidya JMakarevich OPoet ROrgun MDhaka VBohra MSingh VBabenko LSheykhkanloo NRahnama B(2017)Secure and efficient proof of ownership for deduplicated cloud storageProceedings of the 10th International Conference on Security of Information and Networks10.1145/3136825.3136889(19-26)Online publication date: 13-Oct-2017
https://dl.acm.org/doi/10.1145/3136825.3136889
Dave JSaharan SFaruki PLaxmi VGaur M(2017)Secure Random Encryption for Deduplicated StorageInformation Systems Security10.1007/978-3-319-72598-7_10(164-176)Online publication date: 2-Dec-2017
https://doi.org/10.1007/978-3-319-72598-7_10

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Media

Figures

Other

Tables

View Table of Contents