Policy-Based Customized Privacy Preserving Mechanism for SaaS Applications

  • Yuliang Shi
  • Zhen Jiang
  • Kun Zhang
Part of the Lecture Notes in Computer Science book series (LNCS, volume 7861)


In the SaaS (Software as a Service) model, the sensitive data of tenants are in danger of leakage. Meanwhile there are different privacy requirements for different tenants. This paper presents a policy based customized privacy preserving mechanism which realizes the preserving of tenants’ sensitive data. Based on the requirements of the tenants and the transactions of SaaS application, we build the policy of tenants’ customized privacy preserving and fragment tenants’ sensitive data through the Related Attributes Model(RAM). Finally we realize the effective combination of unencrypted privacy preserving and SaaS application’s transaction. To avoid the leakage of tenants’ privacy policy, this paper presents a trusted third party model to manage the policy of tenants’ customized privacy preserving. The experiment certified it’s an effective and practical privacy preserving mechanism.


SaaS Hybrid Fragmentation Data Privacy Customization 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Liu, Q., Wang, G., Wu, J.: An Efficient Privacy Preserving Keyword Search Scheme in Cloud Computing. In: Proceedings of the 2009 International Conference on Computational Science and Engineering, vol. 02, pp. 715–720 (2009)Google Scholar
  2. 2.
    Sadeghi, A.-R., Schneider, T., Winandy, M.: Token-based cloud computing: secure outsourcing of data and arbitrary computations with lower latency. In: Acquisti, A., Smith, S.W., Sadeghi, A.-R. (eds.) TRUST 2010. LNCS, vol. 6101, pp. 417–429. Springer, Heidelberg (2010)CrossRefGoogle Scholar
  3. 3.
    Kamara, S., Lauter, K.: Cryptographic cloud storage. In: Proceedings of the 14th International Conference on Financial Cryptograpy and Data Security, pp. 136–149 (2010)Google Scholar
  4. 4.
    Ananthi, S., Sendil, M.S., Karthik, S.: Privacy preserving keyword search over encrypted cloud data. In: Abraham, A., Lloret Mauri, J., Buford, J.F., Suzuki, J., Thampi, S.M. (eds.) ACC 2011, Part I. CCIS, vol. 190, pp. 480–487. Springer, Heidelberg (2011)CrossRefGoogle Scholar
  5. 5.
    Hu, H., Xu, J., Ren, C., Choi, B.: Processing Private Queries over Untrusted Data Cloud through Privacy Homomorphism. In: Proc. the 27th IEEE International Conference on Data Engineering, ICDE 2011 (2011)Google Scholar
  6. 6.
    Cao, N., Wang, C., Li, M., Ren, K., Lou, W.: Privacy-preserving multi-keyword ranked search over encrypted cloud data. In: 2011 Proceedings IEEE INFOCOM, pp. 829–837 (2011)Google Scholar
  7. 7.
    Rivest, R.L., Shamir, A., Adleman, L.: A method for obtaining digital signatures and public-key cryptosystems. Commun. ACM 21(2), 120–126 (1978)CrossRefzbMATHMathSciNetGoogle Scholar
  8. 8.
    Paillier, P.: Public-key cryptosystems based on composite degree residuosity classes. In: Proceedings of the 17th International Conference on Theory and Application of Cryptographic Techniques, pp. 223–238 (1999)Google Scholar
  9. 9.
    Hohenberger, S., Lysyanskaya, A.: How to securely outsource cryptographic computations. In: Kilian, J. (ed.) TCC 2005. LNCS, vol. 3378, pp. 264–282. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  10. 10.
    Smart, N.P., Vercauteren, F.: Fully homomorphic encryption with relatively small key and ciphertext sizes. In: Nguyen, P.Q., Pointcheval, D. (eds.) PKC 2010. LNCS, vol. 6056, pp. 420–443. Springer, Heidelberg (2010)CrossRefGoogle Scholar
  11. 11.
    Muntés-Mulero, V., Nin, J.: Privacy and anonymization for very large datasets. In: Proceedings of the 18th ACM Conference on Information and Knowledge Management, pp. 2117–2118 (2009)Google Scholar
  12. 12.
    YuBao, L., Zhilan, H., Jian, Y., Weic, F.: Harm decomposition- based data privacy protection method. Journal of Integrative Plant Biology 46(7), 1217–1225 (2009)Google Scholar
  13. 13.
    Xiaochun, Y., Yazhe, W., Bin, W.: Multi-sensitive faced privacy protection method. Chinese Journal of Computers 31(4), 574–587 (2008)Google Scholar
  14. 14.
    Zhang, K., Li, Q., Shi, Y.: Data privacy preservation during schema evolution for multi-tenancy applications in cloud computing. In: Gong, Z., Luo, X., Chen, J., Lei, J., Wang, F.L. (eds.) WISM 2011, Part I. LNCS, vol. 6987, pp. 376–383. Springer, Heidelberg (2011)CrossRefGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2013

Authors and Affiliations

  • Yuliang Shi
    • 1
  • Zhen Jiang
    • 1
  • Kun Zhang
    • 2
  1. 1.School of Computer Science and TechnologyShandong UniversityJinanChina
  2. 2.School of Information science and EngineeringUniversity of JinanJinanChina

Personalised recommendations