Skip to main content
SpringerLink
Log in
Book cover

International Conference on Enterprise Information Systems

ICEIS 2016: Enterprise Information Systems pp 261–283Cite as

A New Mechanism to Preserving Data Confidentiality in Cloud Database Scenarios

  • Conference paper
  • First Online:

  • 1147 Accesses

Part of the book series: Lecture Notes in Business Information Processing ((LNBIP,volume 291))

Abstract

A cloud database is a database that typically runs on a cloud computing platform. There are two common deployment models: users can run databases on virtual machines hosted and managed by a infrastructure as a service provider, or they can purchase access to a database service, maintained by a software as a service provider, without physically launching a virtual machine instance for the database. In a database service, application owners do not have to install and maintain the database themselves. Instead, the database as a service provider takes responsibility for installing and maintaining the database, and application owners pay according to their usage. Thus, database services decrease the need for local data storage and the infrastructure costs. Nevertheless, hosting confidential data at a database service requires the transfer of control of the data to a semi-trusted external provider. Therefore, data confidentiality is an important concern from cloud service providers. Recently, three main approaches have been introduced to ensure data confidentiality in cloud services: data encryption; combination of encryption and fragmentation; and fragmentation. Besides, other strategies use a mix of these three main approaches. In this paper, we present i-OBJECT, a new mechanism to preserve data confidentiality in database service scenarios. The proposed mechanism uses information decomposition to split data into unrecognizable parts and store them in different cloud service providers. Additionally, i-OBJECT is a flexible mechanism since it can be used alone or together with other previously approaches in order to increase the data confidentiality level. Thus, a user may trade performance or data utility for a potential increase in the degree of data confidentiality. Experimental results show the potential efficiency of i-OBJECT.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

References

  1. Ciriani, V., De Capitani di Vimercati, S., Foresti, S., Jajodia, S., Paraboschi, S., Samarati, P.: Keep a few: outsourcing data while maintaining confidentiality. In: Backes, M., Ning, P. (eds.) ESORICS 2009. LNCS, vol. 5789, pp. 440–455. Springer, Heidelberg (2009). doi:10.1007/978-3-642-04444-1_27

    Chapter  Google Scholar 

  2. Clarke, R.: Introduction to dataveillance and information privacy, and definition of terms (1999)

    Google Scholar 

  3. Camenisch, J., Fischer-Hübner, S., Rannenberg, K.: Privacy and Identity Management for Life. Springer, Heidelberg (2011). doi:10.1007/978-3-642-20317-6

    Book  Google Scholar 

  4. Zhifeng, X., Yang, X.: Security and privacy in cloud computing. IEEE Commun. Surv. Tutor. 15, 843–859 (2013)

    Article  MathSciNet  Google Scholar 

  5. Ciriani, V., Vimercati, S., Foresti, S., Jajodia, S., Paraboschi, S., Samarati, P.: Combining fragmentation and encryption to protect privacy in data storage. ACM Trans. Inf. Syst. Secur. 13, 22:1–22:33 (2010)

    Article  Google Scholar 

  6. Samarati, P., di Vimercati, S.D.C.: Data protection in outsourcing scenarios: issues and directions. In: Proceedings of the 5th ACM Symposium on Information, Computer and Communications Security. ASIACCS 2010, pp. 1–14. ACM (2010)

    Google Scholar 

  7. Joseph, N.M., Daniel, E., Vasanthi, N.A.: Article: survey on privacy-preserving methods for storage in cloud computing. In: IJCA Proceedings on Amrita International Conference of Women in Computing - 2013 AICWIC, pp. 1–4 (2013). (Full text available)

    Google Scholar 

  8. Ceselli, A., Damiani, E., Vimercati, S.D.C.D., Jajodia, S., Paraboschi, S., Samarati, P.: Modeling and assessing inference exposure in encrypted databases. ACM Trans. Inf. Syst. Secur. (TISSEC) 8, 119–152 (2005)

    Article  Google Scholar 

  9. Hegel, G.: The Encyclopedia Logic, vol. 1. Hackett, Indianapolis (1991). (Geraets, T.F., Suchting, W.A., Harris, H.S. (trans.))

    Google Scholar 

  10. Barbay, J., Navarro, G.: Compressed representations of permutations, and applications (2009). arXiv preprint: arXiv:0902.1038

  11. Resch, J.K., Plank, J.S.: AONT-RS: blending security and performance in dispersed storage systems. In: Proceedings of FAST-2011: 9th Usenix Conference on File and Storage Technologies, February 2011

    Google Scholar 

  12. Wiese, L.: Horizontal fragmentation for data outsourcing with formula-based confidentiality constraints. In: Echizen, I., Kunihiro, N., Sasaki, R. (eds.) IWSEC 2010. LNCS, vol. 6434, pp. 101–116. Springer, Heidelberg (2010). doi:10.1007/978-3-642-16825-3_8

    Chapter  Google Scholar 

  13. Ning, C., Cong, W., Ming, L., Kui, R., Wenjing, L.: Privacy-preserving multi-keyword ranked search over encrypted cloud data. IEEE Trans. Parallel Distrib. Syst. 25, 222–233 (2014)

    Article  Google Scholar 

  14. Shannon, C.E.: Communication theory of secrecy systems*. Bell Syst. Tech. J. 28, 656–715 (1949)

    Article  MathSciNet  MATH  Google Scholar 

  15. Okman, L., Gal-Oz, N., Gonen, Y., Gudes, E., Abramov, J.: Security issues in NoSQL databases. In: 2011 IEEE 10th International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom), pp. 541–547 (2011)

    Google Scholar 

  16. Aggarwal, C.C.: On k-anonymity and the curse of dimensionality. In: Proceedings of the 31st International Conference on Very Large Data Bases, pp. 901–909. VLDB Endowment (2005)

    Google Scholar 

  17. Xu, X., Xiong, L., Liu, J.: Database fragmentation with confidentiality constraints: a graph search approach. In: Proceedings of the 5th ACM Conference on Data and Application Security and Privacy, CODASPY 2015, pp. 263–270. ACM (2015)

    Google Scholar 

  18. Krishna, R., Sayi, T., Mukkamala, R., Baruah, P.K.: Efficient privacy-preserving data distribution in outsourced environments: a fragmentation-based approach. In: Proceedings of the International Conference on Advances in Computing, Communications and Informatics, ICACCI 2012, pp. 589–595. ACM (2012)

    Google Scholar 

  19. Rekatsinas, T., Deshpande, A., Machanavajjhala, A.: SPARSI: partitioning sensitive data amongst multiple adversaries. Proc. VLDB Endow. 6, 1594–1605 (2013)

    Article  Google Scholar 

  20. Samarati, P.: Data security and privacy in the cloud. In: Huang, X., Zhou, J. (eds.) ISPEC 2014. LNCS, vol. 8434, pp. 28–41. Springer, Cham (2014). doi:10.1007/978-3-319-06320-1_4

    Chapter  Google Scholar 

Download references

Acknowledgments

This Research was partially supported by LSBD/UFC and CNPQ - Brazil. We acknowledge that this work is a partial result of the Automatic Management of Cloud Databases project supported by CNPq (MCTI/CNPq 14/2014 - Universal) under grant number 446090/2014-0.

Author information

Authors and Affiliations

  1. Federal University of Ceara, Fortaleza, CE, Brazil

    Eliseu C. Branco Jr., José Maria Monteiro, Roney Reis & Javam C. Machado

Authors
  1. Eliseu C. Branco Jr.
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. José Maria Monteiro
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Roney Reis
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Javam C. Machado
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Eliseu C. Branco Jr. .

Editor information

Editors and Affiliations

  1. MODESTE/ESEO, Angers, France

    Slimane Hammoudi

  2. Wroclaw University of Economics, Wroclaw, Poland

    Leszek A. Maciaszek

  3. ISTC-CNR, Institute of Sciences and Technologies of Cognition, Rome, Italy

    Michele M. Missikoff

  4. MODESTE/ESEO, Angers, France

    Olivier Camp

  5. EST, Instituto Politécnico de Setúbal (IPS), Setúbal, Portugal

    José Cordeiro

Rights and permissions

Reprints and permissions

Copyright information

© 2017 Springer International Publishing AG

About this paper

Cite this paper

Branco, E.C., Monteiro, J.M., Reis, R., Machado, J.C. (2017). A New Mechanism to Preserving Data Confidentiality in Cloud Database Scenarios. In: Hammoudi, S., Maciaszek, L., Missikoff, M., Camp, O., Cordeiro, J. (eds) Enterprise Information Systems. ICEIS 2016. Lecture Notes in Business Information Processing, vol 291. Springer, Cham. https://doi.org/10.1007/978-3-319-62386-3_13

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-62386-3_13

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-62385-6

  • Online ISBN: 978-3-319-62386-3

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation