A Confidentiality-Guarantee Mechanism for SaaS

  • Guozhen Ren
  • Qingzhong Li
  • Yuliang Shi
  • Lizhen Cui
Part of the Lecture Notes in Business Information Processing book series (LNBIP, volume 122)


In SaaS Applications, the data of tenants are stored in the untrusted service provider side, this case increases the risk of data leakage, and becomes the brief reason to prevent people and enterprise from taking SaaS mode for their applications. Correspondingly, confidentiality-guarantee has become the key factor of its large scale promotion. In this paper we propose a general secure mechanism that allows the sensitive data of tenants to be stored in encrypted mode, which guarantees data confidentiality on the assumption that application server is trusted, and then put forward the analysis of its security and performance.


SaaS data confidentiality trusted application server 


  1. 1.
    Hacigumus, H., Hore, B., Iyer, B., Mehrotra, S.: Search on Encrypted Data. IBM Search Report 2007, 385–425 (2007)Google Scholar
  2. 2.
    Feng, D.G., Qin, Y.: Research on Attestation Method for Trust Computing Environment. Chinese Journal of Computers 31(9) (September 2008)Google Scholar
  3. 3.
    KaraBulut, Y., Nassi, I.: Secure Enterprise Services Consumption for SaaS Technology Plataforms. In: IEEE International Conference on Data Engineering (2009)Google Scholar
  4. 4.
    Zwyhun, N.: SaaS Data Security, Microsoft ReportGoogle Scholar
  5. 5.
    Bouganim, L., Pucheral, P.: Chip-Secured Data Access: Confidential Data on Untrusted Servers. In: Proc., of VLDB (2002)Google Scholar
  6. 6.
    Aggarwal, G., Bawa, M., Ganesan, P., Garcia-Molina, H., Kenthapadi, K., Srivastava, U., Thomas, D., Xu, Y.: Two Can Keep a Secret: A Distributed Architecture for Secure Database Service. In: Proc. of CIDR (2005)Google Scholar
  7. 7.
    Goh, E.-J.: Secure Indexes. Technical report 2003/216, in IACR ePrint Cryptography Archive (2003)Google Scholar
  8. 8.
    Song, D., Wagner, D., Perrig, A.: Practical Techniques for Search on Encrypted Data. In: Proc. of IEEE SRSP (2000)Google Scholar
  9. 9.
    Hacigümüg, H., Iyer, B., Mehrotra, S.: Encrypted Database Integrity in Database Service Provider Model. In: Proc. of IFIP 17th World Computer Congress on Certification and Security in E-Services, CSES 2002 (2002)Google Scholar
  10. 10.
    Hacigumug, H., Iyer, B., Mehrotra, S.: Providing Database as a Service. In: Proc. Of ICDE (2002)Google Scholar
  11. 11.
    Hore, B., Mehrotra, S., Tsudik, G.: A Privacy-Preserving Index for Range Queries. In: Proc. of VLDB (2004)Google Scholar
  12. 12.
    Chang, Y.-C., Mitzenmacher, M.: Privacy Preserving Keyword Searches on Remote Encrypted Data. In: Ioannidis, J., Keromytis, A.D., Yung, M. (eds.) ACNS 2005. LNCS, vol. 3531, pp. 442–455. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  13. 13.
    Golle, P., Staddon, J., Waters, B.: Secure Conjunctive Keyword Search over Encrypted Data. In: Jakobsson, M., Yung, M., Zhou, J. (eds.) ACNS 2004. LNCS, vol. 3089, pp. 31–45. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  14. 14.
    Guo, C.J., Sun, W., Huang, Y., Wang, Z.H., Gao, B.: A Framework for Native Multi-Tenancy Application Develoment and Management. In: The 9th IEEE International Conference on E-CommerceGoogle Scholar
  15. 15.
    Reiner, S., Zhang, X.-L., Trent, J., Van Doorn, L.: Design and implementation of a TCG-based intergrety mesurement architecture. In: Proceeding of the 13th Usenix Security Symposium, San Diego, California, pp. 223–238 (2004)Google Scholar
  16. 16.
    Reiner, S., Van Doorn, L., Ward, J.P.: The role of TPM in enterprise security. IBM Research Report RC23368 (October 2004)Google Scholar
  17. 17.
    Agrawal, R., Kiernan, J., Srikant, R., Xu, Y.: Order Preserving Encryption for Numeric Data. In: SIGMOD 2004, Paris, France, June 13-18 (2004)Google Scholar
  18. 18.
    Wang, Z., Wang, W., Shi, B.: Efficient method of querying encrypt data. Computer Engineering and Applications 44(12), 29–33 (2008)Google Scholar
  19. 19.
    Lilin, M., Hong, L.: A Permission Model of SaaS System Based on RBAC. Computer Applications and Software 27(4), 42–44 (2010)Google Scholar

Copyright information

© IFIP International Federation for Information Processing 2012

Authors and Affiliations

  • Guozhen Ren
    • 1
  • Qingzhong Li
    • 1
  • Yuliang Shi
    • 1
  • Lizhen Cui
    • 1
  1. 1.School of Computer Science and TechnologyShandong UniversityJinanChina

Personalised recommendations