Security model for cloud database as a service (DBaaS)

Database-as-a-service (DBaaS) is a cloud computing service model that provides users with some form of access to a database without the need for setting up physical hardware, installing software or configuring for performance. Since consumers host data on the Cloud, DBaaS providers should be able to guarantee data owners that their data would be protected from all potential security threats. Protecting application data for large-scale web and mobile apps can be complex; especially with distributed and NoSQL databases. Data centers are no longer confined to the enterprise perimeter. More and more enterprises take their data to the cloud, but forget to adjust their security management practices when doing so. Unauthorized access to data resources, misuse of data stored on third party platform, data confidentiality, integrity and availability are some of the major security challenges that ail this nascent Cloud service model, which hinders the wide-scale adoption of DBaaS. In this paper, I propose a security model for cloud Database as a service (DBaaS). A user can change his/her password, whenever demanded. Furthermore, security analysis realizes the feasibility of the proposed framework for DBaaS and achieves efficiency. This will help Cloud community to get an insight into state-of-the-art progress in terms of secure strategies, their deficiencies and possible future directions.

[1]  R. Nithiavathy Data integrity and data dynamics with secure storage service in cloud , 2013, 2013 International Conference on Pattern Recognition, Informatics and Mobile Engineering.

[2]  Robert R. Moeller,et al.  Executive's Guide to IT Governance: Improving Systems Processes with Service Management, COBIT, and ITIL , 2013 .

[3]  Zoe L. Jiang,et al.  Privacy-Preserving Public Auditing for Secure Cloud Storage , 2013, IEEE Transactions on Computers.

[4]  Hakan Hacigümüs,et al.  Efficient Execution of Aggregation Queries over Encrypted Relational Databases , 2004, DASFAA.

[5]  Norbert Meyer,et al.  TITLE: NATIONAL DATA STORAGE 2: SECURE STORAGE CLOUD WITH EFFICIENT AND EASY DATA ACCESS , 2013 .

[6]  Eric Pardede,et al.  Using Multi Shares for Ensuring Privacy in Database-as-a-Service , 2011, 2011 44th Hawaii International Conference on System Sciences.

[7]  Ralph C. Merkle,et al.  A Certified Digital Signature , 1989, CRYPTO.

[8]  Yogesh L. Simmhan,et al.  Cryptonite: A Secure and Performant Data Repository on Public Clouds , 2012, 2012 IEEE Fifth International Conference on Cloud Computing.

[9]  Divyakant Agrawal,et al.  Database Management as a Service: Challenges and Opportunities , 2009, 2009 IEEE 25th International Conference on Data Engineering.

[10]  Michele Colajanni,et al.  Supporting Security and Consistency for Cloud Database , 2012, CSS.

[11]  Shouhuai Xu,et al.  Efficient query integrity for outsourced dynamic databases , 2012, CCSW '12.