ABSTRACT
With the advent of cloud computing, the interest of moving the databases from local to remote cloud servers have been increasing. Despite this popularity, data security becomes a major challenge in the way of adopting these Cloud services. Moreover, the heterogeneity and variety of the existing NoSQL DBs that are different from relational database represent one of the main obstacles. Consequently, it prevents designing one solution that can fit different data models. In this paper, we focus on the security of the cloud database as a service (DBaaS) environments. Due to the lack of a unified solution to enhance the security of both SQL and heterogeneous NoSQL cloud databases, we propose a framework for secure cloud Databases, SeCloudDB. We provide a standardized API to support encrypting the data before storing them in the cloud databases. Further-more, our framework is equipped with tools that support generating the encryption keys, storing the metadata and securely control the access policies.
- B Thirumala Rao et al. A study on data storage security issues in cloud computing. Procedia Computer Science, 92:128--135, 2016.Google ScholarCross Ref
- Zaigham Mahmood. Cloud Computing: challenges, limitations and R&D solutions. Springer, 2014.Google ScholarCross Ref
- Aviv Ron, Alexandra Shulman-Peleg, and Anton Puzanov. Analysis and mitigation of nosql injections. IEEE Security & Privacy, 14(2):30--39, 2016.Google ScholarDigital Library
- Jun Tang, Yong Cui, Qi Li, Kui Ren, Jiangchuan Liu, and Rajkumar Buyya. Ensuring Security and Privacy Preservation for Cloud Data Services. ACM Computing Surveys, 49(1):1--39, 2016.Google ScholarDigital Library
- Ebtesam Alomari, Ahmed Barnawi, and Sherif Sakr. Cdport: A portability framework for nosql datastores. Arabian Journal for Science and Engineering, 40(9):2531--2553, 2015.Google ScholarCross Ref
- Vasily Sidorov and Wee Keong Ng. A confidentiality-preserving search technique for encrypted relational cloud databases. In Big Data Computing Service and Applications (BigDataService), 2016 IEEE Second International Conference on, pages 244--251. IEEE, 2016.Google ScholarCross Ref
- Luca Ferretti, Fabio Pierazzi, Michele Colajanni, and Mirco Marchetti. Scalable architecture for multi-user encrypted sql operations on cloud database services. IEEE Transactions on Cloud computing, 2(4):448--458, 2014.Google ScholarCross Ref
- Jin Li, Zheli Liu, Xiaofeng Chen, Fatos Xhafa, Xiao Tan, and Duncan S Wong. L-encdb: A lightweight framework for privacy-preserving data queries in cloud computing. Knowledge-Based Systems, 79:18--26, 2015.Google ScholarDigital Library
- S Muthurajkumar, M Vijayalakshmi, and A Kannan. Intelligent temporal role based access control for data storage in cloud database. In Advanced Computing (ICoAC), 2014 Sixth International Conference on, pages 184--188. IEEE, 2014.Google ScholarCross Ref
- Xiaofei Wang, Qianhong Wu, and Yuqing Zhang. T-db: toward fully functional transparent encrypted databases in dbaas framework. arXiv preprint arXiv:1708.08191, 2017.Google Scholar
- Xingbang Tian, Baohua Huang, and Min Wu. A transparent middleware for encrypting data in mongodb. In Electronics, Computer and Applications, 2014 IEEE Workshop on, pages 906--909. IEEE, 2014.Google ScholarCross Ref
- Pietro Colombo and Elena Ferrari. Towards virtual private nosql datastores. In Data Engineering (ICDE), 2016 IEEE 32nd International Conference on, pages 193--204. IEEE, 2016.Google ScholarCross Ref
- Pietro Colombo and Elena Ferrari. Fine-grained access control within nosql document-oriented datastores. Data Science and Engineering, 1(3):127--138, 2016.Google ScholarCross Ref
- Asadulla Khan Zaki and M Indiramma. A novel redis security extension for nosql database using authentication and encryption. In Electrical, Computer and Communication Technologies (ICECCT), 2015 IEEE International Conference on, pages 1--6. IEEE, 2015.Google Scholar
- Mohammad Ahmadian, Frank Plochan, Zak Roessler, and Dan C Marinescu. Securenosql: An approach for secure search of encrypted nosql databases in the public cloud. International Journal of Information Management, 37(2):63--74, 2017.Google ScholarDigital Library
- Catherine Wise, Carsten Friedrich, Surya Nepal, Shiping Chen, and Richard O Sinnott. Cloud docs: secure scalable document sharing on public clouds. In Cloud Computing (CLOUD), 2015 IEEE 8th International Conference on, pages 532--539. IEEE, 2015.Google ScholarDigital Library
Index Terms
- SeCloudDB: A Unified API for Secure SQL and NoSQL Cloud Databases
Recommendations
SecureNoSQL
HighlightsProposing a descriptive language for security parameters and configuration of crypto-modules.Secure query processing over encrypted NoSQL databases hosted in the public cloud.Data integrity should be considered in the case of cloud malicious ...
Data adapter for querying and transformation between SQL and NoSQL database
As the growing of applications with big data in cloud computing become popular, many existing systems expect to expand their service to support the explosive increase of data. We propose a data adapter system to support hybrid database architecture ...
An Open Source Cloud-Based NoSQL and NewSQL Database Benchmarking Platform for IoT Data
Benchmarking, Measuring, and OptimizingAbstractInternet of Things (IoT) is continually expanding, and the information being transmitted through IoT is often in large-scale in both volume and velocity. With its evolution, IoT raises new challenges such as throughput and scalability of software ...
Comments