Abstract
In Software-as-a-Service (SaaS) model, business applications and databases are both deployed at the platform of unstrusted service providers. Data privacy has become the biggest challenges in wider adoption of SaaS model. Based on information dispersal approach combine with data fragmentation, this paper present an effective and flexible data obfuscation scheme DOSPA (Data Obfuscation of Single Privacy Attribute) for single attribute data privacy protection in SaaS. DOSPA supports exact comparison operations to be directly applied on obfuscated data and handles flexible data update gracefully. It is proven that DOSPA is effective and feasible through security analysis and experiments.
The research is supported by the National Key Technologies R&D Program No.2009BAH44B02; by the National Natural Science Foundation of China under Grant No.90818001; the Natural Science Foundation of Shandong Province of China under Grant No.2009ZRB019YT, No. ZR2010FQ026; Key Technology R&D Program of Shandong Province under Grant No. 2010GGX10105.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsPreview
Unable to display preview. Download preview PDF.
References
Brown, H.: Considerations in implementing a Database Management System. Encryption Security Solution (2003)
He, J.-m., Wang, M.: Cryptography and relational database management system (2001)
Oracle Oracle9i database security for e-business (2001)
Hacigumns, H., Lyer, B., Li, C.: Executing SQL over encrypted data in the database-server-provider model (2002)
Agrawal, R., Kirenan, J., Srikant, R.: Order-preserving encryption for numeric data. Sigmod (2004)
Agrawal, D., El Abbadi, A., Emekci, F., Metwally, A.: Database Management as a Service: Challenges and Opportunities. In: IEEE 25th International Conference on Data Engineering, ICDE 2009, March 29-April 2, pp. 1709–1716 (2009)
Mowbray, M., Pearson, S.: A Client-Based Privacy Manager for Cloud Computing. In: Proceedings of the 4th International ICST Conference on Communication System Software and Middleware, COMSWARE 2009. ACM, New York (2009)
Gu, L., Cheung, S.-C.: Constructing and Testing Privacy-Aware Services in Cloud Computing invironment - Challenges and Opportunities. In: Proceedings of the 1st Asia-Pacific Symposium on Internetware, Internetware 2009, pp. 1–10. IEEE Computer Society, Piscataway (2009)
Zhang, K., Li, Q., Shi, Y.: Research on Data Combination Privacy Preservation Mechanism for SaaS. Chinese Journal of Computer 33(11), 2044–2055 (2010)
Boldyreva, A., Chenette, N., Lee, Y., O’Neil, A.: Order-Preserving Symmetric Encryption. In: Joux, A. (ed.) EUROCRYPT 2009. LNCS, vol. 5479, pp. 224–241. Springer, Heidelberg (2009)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2011 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Li, L., Li, Q., Shi, Y., Zhang, K. (2011). A New Privacy-Preserving Scheme DOSPA for SaaS. In: Gong, Z., Luo, X., Chen, J., Lei, J., Wang, F.L. (eds) Web Information Systems and Mining. WISM 2011. Lecture Notes in Computer Science, vol 6987. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-23971-7_41
Download citation
DOI: https://doi.org/10.1007/978-3-642-23971-7_41
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-23970-0
Online ISBN: 978-3-642-23971-7
eBook Packages: Computer ScienceComputer Science (R0)