A New Privacy-Preserving Scheme DOSPA for SaaS

  • Lin Li
  • Qingzhong Li
  • Yuliang Shi
  • Kun Zhang
Part of the Lecture Notes in Computer Science book series (LNCS, volume 6987)


In Software-as-a-Service (SaaS) model, business applications and databases are both deployed at the platform of unstrusted service providers. Data privacy has become the biggest challenges in wider adoption of SaaS model. Based on information dispersal approach combine with data fragmentation, this paper present an effective and flexible data obfuscation scheme DOSPA (Data Obfuscation of Single Privacy Attribute) for single attribute data privacy protection in SaaS. DOSPA supports exact comparison operations to be directly applied on obfuscated data and handles flexible data update gracefully. It is proven that DOSPA is effective and feasible through security analysis and experiments.


software as s service privacy preservation single privacy attribute data obfuscation 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Brown, H.: Considerations in implementing a Database Management System. Encryption Security Solution (2003)Google Scholar
  2. 2.
    He, J.-m., Wang, M.: Cryptography and relational database management system (2001)Google Scholar
  3. 3.
    Oracle Oracle9i database security for e-business (2001)Google Scholar
  4. 4.
    Hacigumns, H., Lyer, B., Li, C.: Executing SQL over encrypted data in the database-server-provider model (2002)Google Scholar
  5. 5.
    Agrawal, R., Kirenan, J., Srikant, R.: Order-preserving encryption for numeric data. Sigmod (2004)Google Scholar
  6. 6.
    Agrawal, D., El Abbadi, A., Emekci, F., Metwally, A.: Database Management as a Service: Challenges and Opportunities. In: IEEE 25th International Conference on Data Engineering, ICDE 2009, March 29-April 2, pp. 1709–1716 (2009)Google Scholar
  7. 7.
    Mowbray, M., Pearson, S.: A Client-Based Privacy Manager for Cloud Computing. In: Proceedings of the 4th International ICST Conference on Communication System Software and Middleware, COMSWARE 2009. ACM, New York (2009)Google Scholar
  8. 8.
    Gu, L., Cheung, S.-C.: Constructing and Testing Privacy-Aware Services in Cloud Computing invironment - Challenges and Opportunities. In: Proceedings of the 1st Asia-Pacific Symposium on Internetware, Internetware 2009, pp. 1–10. IEEE Computer Society, Piscataway (2009)Google Scholar
  9. 9.
    Zhang, K., Li, Q., Shi, Y.: Research on Data Combination Privacy Preservation Mechanism for SaaS. Chinese Journal of Computer 33(11), 2044–2055 (2010)CrossRefGoogle Scholar
  10. 10.
    Boldyreva, A., Chenette, N., Lee, Y., O’Neil, A.: Order-Preserving Symmetric Encryption. In: Joux, A. (ed.) EUROCRYPT 2009. LNCS, vol. 5479, pp. 224–241. Springer, Heidelberg (2009)CrossRefGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2011

Authors and Affiliations

  • Lin Li
    • 1
  • Qingzhong Li
    • 1
  • Yuliang Shi
    • 1
  • Kun Zhang
    • 1
  1. 1.School of Computer Science and TechnologyShandong UniversityJinanChina

Personalised recommendations