A Flexible Mechanism for Data Confidentiality in Cloud Database Scenarios

Eliseu C. Branco Jr., José Maria Monteiro, Roney Reis, Javam C. Machado

Abstract

Cloud computing is a recent trend of technology that aims to provide unlimited, on-demand, elastic computing and data storage resources. In this context, cloud services decrease the need for local data storage and the infrastructure costs. However, hosting confidential data at a cloud storage service requires the transfer of control of the data to a semi-trusted external provider. Therefore, data confidentiality is the top concern from the cloud issues list. Recently, three main approaches have been introduced to ensure data confidentiality in cloud services: data encryption; combination of encryption and fragmentation; and fragmentation. In this paper, we present i-OBJECT, a new approach to preserve data confidentiality in cloud services. The proposed mechanism uses information decomposition to split data into unrecognizable parts and store them in different cloud service providers. Besides, i-OBJECT is a flexible mechanism since it can be used alone or together with other previously approaches in order to increase the data confidentiality level. Thus, a user may trade performance or data utility for a potential increase in the degree of data confidentiality. Experimental results show the potential efficiency of the proposed approach.

References

  1. Aggarwal, C. C. (2005). On k-anonymity and the curse of dimensionality. In Proceedings of the 31st international conference on Very large data bases, pages 901-909. VLDB Endowment.
  2. Camenisch, J., Fischer-Hbner, S., and Rannenberg, K. (2011). Privacy and identity management for life. Springer.
  3. Ceselli, A., Damiani, E., De Capitani di Vimercati, S., Jajodia, S., Paraboschi, S., and Samarati, P. (2005). Modeling and assessing inference exposure in encrypted databases. ACM Transactions on Information and System Security (TISSEC), 8(1).
  4. Ciriani, V., De Capitani Di Vimercati, S., Foresti, S., Jajodia, S., Paraboschi, S., and Samarati, P. (2009). Keep a few: Outsourcing data while maintaining confidentiality. In Proceedings of the 14th European Conference on Research in Computer Security, ESORICS'09, pages 440-455, Berlin, Heidelberg. Springer-Verlag.
  5. Ciriani, V., Vimercati, S. D. C. D., Foresti, S., Jajodia, S., Paraboschi, S., and Samarati, P. (2010). Combining fragmentation and encryption to protect privacy in data storage. ACM Trans. Inf. Syst. Secur., 13(3):22:1- 22:33.
  6. Clarke, R. (1999). Introduction to dataveillance and information privacy, and definition of terms.
  7. Hegel, G. (1991). The encyclopedia logic (tf geraets, wa suchting, hs harris, trans.). Indianapolis: Hackett, 1.
  8. Joseph, N. M., Daniel, E., and Vasanthi, N. A. (2013). Article: Survey on privacy-preserving methods for storage in cloud computing. IJCA Proceedings on Amrita International Conference of Women in Computing - 2013, AICWIC(4):1-4. Full text available.
  9. Krishna, R. K. N. S., Sayi, T. J. V. R. K. M. K., Mukkamala, R., and Baruah, P. K. (2012). Efficient privacypreserving data distribution in outsourced environments: A fragmentation-based approach. In Proceedings of the International Conference on Advances in Computing, Communications and Informatics, ICACCI 7812, pages 589-595, New York, NY, USA. ACM.
  10. Okman, L., Gal-Oz, N., Gonen, Y., Gudes, E., and Abramov, J. (2011). Security issues in nosql databases. In Trust, Security and Privacy in Computing and Communications (TrustCom), 2011 IEEE 10th International Conference on, pages 541-547.
  11. Rekatsinas, T., Deshpande, A., and Machanavajjhala, A. (2013). Sparsi: Partitioning sensitive data amongst multiple adversaries. Proc. VLDB Endow., 6(13):1594-1605.
  12. Resch, J. K. and Plank, J. S. (2011). Aont-rs: blending security and performance in dispersed storage systems. In Proceedings of FAST-2011: 9th Usenix Conference on File and Storage Technologies,February 2011.
  13. Samarati, P. (2014). Data security and privacy in the cloud. In Information Security Practice and Experience - 10th International Conference, ISPEC 2014, Fuzhou, China, May 5-8, 2014. Proceedings, pages 28-41.
  14. Samarati, P. and di Vimercati, S. D. C. (2010). Data protection in outsourcing scenarios: Issues and directions. In Proceedings of the 5th ACM Symposium on Information, Computer and Communications Security, ASIACCS 7810, pages 1-14, New York, NY, USA. ACM.
  15. Wiese, L. (2010). Horizontal fragmentation for data outsourcing with formula-based confidentiality constraints, pages 101-116. Springer.
  16. Xu, X., Xiong, L., and Liu, J. (2015). Database fragmentation with confidentiality constraints: A graph search approach. In Proceedings of the 5th ACM Conference on Data and Application Security and Privacy, CODASPY 7815, pages 263-270, New York, NY, USA. ACM.
  17. Zhifeng, X. and Yang, X. (2013). Security and privacy in cloud computing. Communications Surveys & Tutorials, IEEE, 15(2):843-859.
Download


Paper Citation


in Harvard Style

Jr. E., Monteiro J., Reis R. and Machado J. (2016). A Flexible Mechanism for Data Confidentiality in Cloud Database Scenarios . In Proceedings of the 18th International Conference on Enterprise Information Systems - Volume 1: ICEIS, ISBN 978-989-758-187-8, pages 359-368. DOI: 10.5220/0005872503590368


in Bibtex Style

@conference{iceis16,
author={Eliseu C. Branco Jr. and José Maria Monteiro and Roney Reis and Javam C. Machado},
title={A Flexible Mechanism for Data Confidentiality in Cloud Database Scenarios},
booktitle={Proceedings of the 18th International Conference on Enterprise Information Systems - Volume 1: ICEIS,},
year={2016},
pages={359-368},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0005872503590368},
isbn={978-989-758-187-8},
}


in EndNote Style

TY - CONF
JO - Proceedings of the 18th International Conference on Enterprise Information Systems - Volume 1: ICEIS,
TI - A Flexible Mechanism for Data Confidentiality in Cloud Database Scenarios
SN - 978-989-758-187-8
AU - Jr. E.
AU - Monteiro J.
AU - Reis R.
AU - Machado J.
PY - 2016
SP - 359
EP - 368
DO - 10.5220/0005872503590368