Supporting Security and Consistency for Cloud Database
Typical Cloud database services guarantee high availability and scalability, but they rise many concerns about data confidentiality. Combining encryption with SQL operations is a promising approach although it is characterized by many open issues. Existing proposals, which are based on some trusted intermediate server, limit availability and scalability of original cloud database services. We propose an alternative architecture that avoids any intermediary component, thus achieving availability and scalability comparable to that of unencrypted cloud database services. Moreover, our proposal guarantees data consistency in scenarios in which independent clients concurrently execute SQL queries, and the structure of the database can be modified.
KeywordsCloud Provider Encrypt Data Customer Data Concurrent Execution Snapshot Isolation
Unable to display preview. Download preview PDF.
- 3.Cattaneo, G., Catuogno, L., Sorbo, A.D., Persiano, P.: The design and implementation of a transparent cryptographic file system for unix. In: Proceedings of the FREENIX Track: 2001 USENIX Annual Technical Conference, pp. 199–212. USENIX Association, Berkeley (2001)Google Scholar
- 5.Damiani, E., De Capitani di Vimercati, S., Jajodia, S., Paraboschi, S., Samarati, P.: Balancing confidentiality and efficiency in untrusted relational dbmss. In: Proceedings of the 10th ACM Conference on Computer and Communications Security, CCS 2003, pp. 93–102. ACM, New York (2003)CrossRefGoogle Scholar
- 6.Feldman, A., Zeller, W., Freedman, M., Felten, E.: Sporc: Group collaboration using untrusted cloud resources. OSDI (October 2010)Google Scholar
- 7.Hacigümüş, H., Iyer, B., Mehrotra, S.: Providing database as a service. In: Proceedings of the 18th International Conference on Data Engineering, pp. 29–38 (2002)Google Scholar
- 9.Jansen, W., Grance, T.: Guidelines on security and privacy in public cloud computing. NIST Special Publication 800–144(2011)Google Scholar
- 10.Li, J., Krohn, M., Mazières, D., Shasha, D.: Secure untrusted data repository (sundr). In: Proceedings of the 6th Symposium on Operating Systems Design and Implementation, pp. 91–106 (2004)Google Scholar
- 12.Oracle corporation: Oracle advanced security (October 2012), http://www.oracle.com/technetwork/database/options/advanced-security
- 14.Yabandeh, M., Gómez Ferro, D.: A critique of snapshot isolation. In: Proceedings of the 7th ACM European Conference on Computer Systems, pp. 155–168. ACM (2012)Google Scholar