A New Privacy-Preserving Scheme DOSPA for SaaS
In Software-as-a-Service (SaaS) model, business applications and databases are both deployed at the platform of unstrusted service providers. Data privacy has become the biggest challenges in wider adoption of SaaS model. Based on information dispersal approach combine with data fragmentation, this paper present an effective and flexible data obfuscation scheme DOSPA (Data Obfuscation of Single Privacy Attribute) for single attribute data privacy protection in SaaS. DOSPA supports exact comparison operations to be directly applied on obfuscated data and handles flexible data update gracefully. It is proven that DOSPA is effective and feasible through security analysis and experiments.
Keywordssoftware as s service privacy preservation single privacy attribute data obfuscation
Unable to display preview. Download preview PDF.
- 1.Brown, H.: Considerations in implementing a Database Management System. Encryption Security Solution (2003)Google Scholar
- 2.He, J.-m., Wang, M.: Cryptography and relational database management system (2001)Google Scholar
- 3.Oracle Oracle9i database security for e-business (2001)Google Scholar
- 4.Hacigumns, H., Lyer, B., Li, C.: Executing SQL over encrypted data in the database-server-provider model (2002)Google Scholar
- 5.Agrawal, R., Kirenan, J., Srikant, R.: Order-preserving encryption for numeric data. Sigmod (2004)Google Scholar
- 6.Agrawal, D., El Abbadi, A., Emekci, F., Metwally, A.: Database Management as a Service: Challenges and Opportunities. In: IEEE 25th International Conference on Data Engineering, ICDE 2009, March 29-April 2, pp. 1709–1716 (2009)Google Scholar
- 7.Mowbray, M., Pearson, S.: A Client-Based Privacy Manager for Cloud Computing. In: Proceedings of the 4th International ICST Conference on Communication System Software and Middleware, COMSWARE 2009. ACM, New York (2009)Google Scholar
- 8.Gu, L., Cheung, S.-C.: Constructing and Testing Privacy-Aware Services in Cloud Computing invironment - Challenges and Opportunities. In: Proceedings of the 1st Asia-Pacific Symposium on Internetware, Internetware 2009, pp. 1–10. IEEE Computer Society, Piscataway (2009)Google Scholar