Secure Data Storage Architecture on Cloud Environments

Tran Thi Xuan Trang, Katsuhisa Maruyama


Securing sensitive customer data outsourced to external servers in cloud computing environments is challenging. To maintain data confidentiality on untrusted servers, conventional data security techniques usually employ cryptographic approaches. However, most enterprises are unwilling to employ these approaches if they require high-performance client devices to cipher the entire data. In this situation, separating out the confidential data is beneficial since only the confidential data are encrypted or stored in trusted servers. Although this idea has already been proposed, its support is still insufficient. This paper proposes a secure data storage model in cloud computing environments that is based on the concept of data slicing and presents its prototype tool that supports the low-cost migration of existing applications. Our tool provides a structured query language (SQL) translation mechanism that provides transparent access to partitioned data without changing the original SQL queries. A simple case study shows how the proposed architecture implements secure data storage in cloud computing environments.


  1. Aggarwal, G., Bawa, M., Ganesan, P., Garcia-Molina, H., Kenthapadi, K., Motwani, R., Srivastava, U., Thomas, D., and Xu, Y. (2005). Two can keep a secret: A distributed architecture for secure database services. In 2nd Biennial Conference on Innovative Data Systems Research (CIDR 2005).
  2. Bessani, A., Correia, M., Quaresma, B., Andr'e, F., and Sousa, P. (2011). DEPSKY: Dependable and secure storage in a cloud-of-clouds. In 6th Conference on Computer Systems (EuroSys'11), pages 31-46.
  3. Catteddu, D. and Hogben, G. (2009). Cloud computing: Benefits, risks and recommendations for information security. Technical report.
  4. Ciriani, V., di Vimercati, S. D. C., Foresti, S., Jajodia, S., Paraboschi, S., and Samarati, P. (2011). Selective data outsourcing for enforcing privacy. Journal of Computer Security, 19(3):531-566.
  5. Fernandes, D. A., Soares, L. F., ao V. Gomes, J., Freire, M. M., and Inácio, P. R. (2014). Security issues in cloud environments: A survey. International Journal of Information Security, 13(2):113-170.
  6. Ferrari, E. (2009). Database as a service: Challenges and solutions for privacy and security. In Asia-Pacific Services Computing Conference (APSCC 2009), pages 46-51.
  7. Ferretti, L., Colajanni, M., Marchetti, M., and Scaruffi, A. E. (2013). Transparent access on encrypted data distributed over multiple cloud infrastructures. In 4th International Conference on Cloud Computing, GRIDs, and Virtualization, pages 201-207.
  8. Gentry, C. (2009). Fully homomorphic encryption using ideal lattices. In 41st Annual ACM Symposium on Theory of Computing (STOC'09), pages 169-178.
  9. Gomathisankaran, M., Tyagi, A., and Namuduri, K. (2011). HORNS: A homomorphic encryption scheme for cloud computing using residue number system. In 45th Annual Conference on Information Sciences and Systems (CISS), pages 1-5.
  10. Hacigümüs, H., Iyer, B., and Mehrotra, S. (2002). Providing database as a service. In 18th International Conference on Data Engineering (ICDE'02), pages 29-38.
  11. Hashizume, K., Rosado, D. G., Fernndez-Medina, E., and Fernandez, E. B. (2013). An analysis of security issues for cloud computing. Journal of Internet Services and Applications, 4(1):1-13.
  12. Jammalamadaka, R. C., Gamboni, R., Mehrotra, S., Seamons, K. E., and Venkatasubramanian, N. (2008). iDataGuard: Middleware providing a secure network drive interface to untrusted internet data storage. In 11th International Conference on Extending Database Technology (EDBT'08), pages 36-41.
  13. Jansen, W. and Grance, T. (2011). Guidelines on security and privacy in public cloud computing. Technical Report SP 800-144.
  14. Mell, P. and Grance, T. (2011). The nist definition of cloud computing. Technical Report SP 800-145.
  15. Menychtas, A., Santzaridou, C., Kousiouris, G., Varvarigou, T., Orue-Echevarria, L., Alonso, J., Gorronogoitia, J., Bruneliere, H., Strauss, O., Senkova, T., Pellens, B., and Stuer, P. (2013). ARTIST methodology and framework: A novel approach for the migration of legacy software on the cloud. In 15th International Symposium on Symbolic and Numeric Algorithms for Scientific Computing (SYNASC) , pages 424-431.
  16. Ren, K., Wang, C., and Wang, Q. (2012). Security challenges for the public cloud. IEEE Internet Computing, 16(1):69-73.
  17. Subashini, S. and Kavitha, V. (2011). A survey on security issues in service delivery models of cloud computing. Journal of Networkand Computer Applications, 34(1):1-11.
  18. Subashini, S. and Kavitha, V. (2012). A metadata based storage model for securing data in cloud environment. American Journal of Applied Sciences, 9(9):1407- 1414.
  19. Tak, B. C. and Tang, C. (2014). Appcloak: Rapid migration of legacy applications into cloud. In International Conference on Cloud Computing, pages 810-817.
  20. Wei, L., Zhu, H., Cao, Z., Dong, X., Jia, W., Chen, Y., and Vasilakos, A. V. (2014). Security and privacy for storage and computation in cloud computing. Information Sciences, 258:371-386.
  21. Weis, J. and Alves-Foss, J. (2011). Securing database as a service: Issues and compromises. IEEE Security Privacy, 9(6):49-55.
  22. Yu, A., Sathanur, A. V., and Jandhyala, V. (2012). A partial homomorphic encryption scheme for secure design automation on public clouds. In 21st Conference on Electrical Performance of Electronic Packaging and Systems, pages 177-180.
  23. Zhang, Q., Cheng, L., and Boutaba, R. (2010). Cloud computing: state-of-the-art and research challenges. Journal of Internet Services and Applications, 1(1):7-18.

Paper Citation

in Harvard Style

Trang T. and Maruyama K. (2016). Secure Data Storage Architecture on Cloud Environments . In Proceedings of the 11th International Joint Conference on Software Technologies - Volume 1: ICSOFT-EA, (ICSOFT 2016) ISBN 978-989-758-194-6, pages 39-47. DOI: 10.5220/0005974400390047

in Bibtex Style

author={Tran Thi Xuan Trang and Katsuhisa Maruyama},
title={Secure Data Storage Architecture on Cloud Environments},
booktitle={Proceedings of the 11th International Joint Conference on Software Technologies - Volume 1: ICSOFT-EA, (ICSOFT 2016)},

in EndNote Style

JO - Proceedings of the 11th International Joint Conference on Software Technologies - Volume 1: ICSOFT-EA, (ICSOFT 2016)
TI - Secure Data Storage Architecture on Cloud Environments
SN - 978-989-758-194-6
AU - Trang T.
AU - Maruyama K.
PY - 2016
SP - 39
EP - 47
DO - 10.5220/0005974400390047