A framework for preservation of cloud users' data privacy using dynamic reconstruction of metadata

In the rising paradigm of cloud computing, attainment of sustainable levels of cloud users' trust in using cloud services is directly dependent on effective mitigation of its associated impending risks and resultant security threats. Among the various indispensible security services required to ensure effective cloud functionality leading to enhancement of users' confidence in using cloud offerings, those related to the preservation of cloud users' data privacy are significantly important and must be matured enough to withstand the imminent security threats, as emphasized in this research paper. This paper highlights the possibility of exploiting the metadata stored in cloud's database in order to compromise the privacy of users' data items stored using a cloud provider's simple storage service. It, then, proposes a framework based on database schema redesign and dynamic reconstruction of metadata for the preservation of cloud users' data privacy. Using the sensitivity parameterization parent class membership of cloud database attributes, the database schema is modified using cryptographic as well as relational privacy preservation operations. At the same time, unaltered access to database files is ensured for the cloud provider using dynamic reconstruction of metadata for the restoration of original database schema, when required. The suitability of the proposed technique with respect to private cloud environments is ensured by keeping the formulation of its constituent steps well aligned with the recommendations proposed by various Standards Development Organizations working in this domain.

[1]  V. Torra,et al.  Disclosure control methods and information loss for microdata , 2001 .

[2]  Donald E. Knuth,et al.  The Art of Computer Programming: Volume 3: Sorting and Searching , 1998 .

[3]  Hiroyuki Kitagawa,et al.  A Novel Framework for Database Security Based on Mixed Cryptography , 2009, 2009 Fourth International Conference on Internet and Web Applications and Services.

[4]  S. O. Kuyoro,et al.  Cloud computing security issues and challenges , 2011 .

[5]  Daniel J. Abadi,et al.  Scalable Semantic Web Data Management Using Vertical Partitioning , 2007, VLDB.

[6]  Marten van Dijk,et al.  On the Impossibility of Cryptography Alone for Privacy-Preserving Cloud Computing , 2010, HotSec.

[7]  Timothy Grance,et al.  Cloud Computing Synopsis and Recommendations , 2012 .

[8]  Antonio Puliafito,et al.  Achieving Information Security in Network Computing Systems , 2009, 2009 Eighth IEEE International Conference on Dependable, Autonomic and Secure Computing.

[9]  王慧 Privacy-Preserving Data Sharing in Cloud Computing , 2010 .

[10]  Jiawei Han,et al.  Concept-Based Data Classification in Relational Databases † , 1991 .

[11]  Wanlei Zhou,et al.  Cloud security defence to protect cloud computing against HTTP-DoS and XML-DoS attacks , 2011, J. Netw. Comput. Appl..

[12]  John B. Kam,et al.  A database encryption system with subkeys , 1981, TODS.

[13]  V. M. Markowitz Problems underlying the use of referential integrity mechanisms in relational database management systems , 1990 .

[14]  Haider Abbas,et al.  User Privacy Issues in Eucalyptus: A Private Cloud Computing Environment , 2011, 2011IEEE 10th International Conference on Trust, Security and Privacy in Computing and Communications.

[15]  Tong Jin,et al.  NIST-SP 500-291, NIST Cloud Computing Standards Roadmap | NIST , 2011 .

[16]  Henk C. A. van Tilborg,et al.  Encyclopedia of Cryptography and Security, 2nd Ed , 2005 .

[17]  Eugene Inseok Chong,et al.  Supporting table partitioning by reference in oracle , 2008, SIGMOD Conference.

[18]  Reza Curtmola,et al.  Provable data possession at untrusted stores , 2007, CCS '07.

[19]  Roberto Di Pietro,et al.  Secure virtualization for cloud computing , 2011, J. Netw. Comput. Appl..

[20]  Michael D. Hogan,et al.  NIST Cloud Computing Standards Roadmap , 2013 .

[21]  Roberto Di Pietro,et al.  Scalable and efficient provable data possession , 2008, IACR Cryptol. ePrint Arch..

[22]  Philip S. Yu,et al.  Privacy-preserving data publishing: A survey of recent developments , 2010, CSUR.

[23]  Miguel Correia,et al.  Lucy in the sky without diamonds: Stealing confidential data in the cloud , 2011, 2011 IEEE/IFIP 41st International Conference on Dependable Systems and Networks Workshops (DSN-W).

[24]  Jie Wu,et al.  Secure and privacy preserving keyword searching for cloud storage services , 2012, J. Netw. Comput. Appl..

[25]  V. Torra,et al.  Comparing SDC Methods for Microdata on the Basis of Information Loss and Disclosure Risk , 2004 .

[26]  Jörg Schwenk,et al.  Towards an Anonymous Access Control and Accountability Scheme for Cloud Computing , 2010, 2010 IEEE 3rd International Conference on Cloud Computing.

[27]  Wendy Hui Wang Ambiguity: Hide the Presence of Individuals and Their Privacy with Low Information Loss , 2008, COMAD.

[28]  Jiawei Han,et al.  Generalization and decision tree induction: efficient classification in data mining , 1997, Proceedings Seventh International Workshop on Research Issues in Data Engineering. High Performance Database Management for Large-Scale Applications.

[29]  Ernest Teniente,et al.  A Survey of Current Methods for Integrity Constraint Maintenance and View Updating , 1999, ER.

[30]  Donald Ervin Knuth,et al.  The Art of Computer Programming , 1968 .

[31]  Yau-Hwang Kuo,et al.  An effective privacy protection scheme for cloud computing , 2011, 13th International Conference on Advanced Communication Technology (ICACT2011).

[32]  Daniele Catteddu,et al.  Cloud Computing: Benefits, Risks and Recommendations for Information Security , 2009 .

[33]  Victor M. Markowitz,et al.  Problems Underlying the Use of Referential Integrity in Relational Database Management Systems , 1991, ICDE.

[34]  Ulrich Greveler,et al.  A Privacy Preserving System for Cloud Computing , 2011, 2011 IEEE 11th International Conference on Computer and Information Technology.