Efficient Cloud Data Confidentiality for DaaS

Privacy is a pinnacle concern of the cloud database model known as “Database as a service (DaaS)”. DaaS is highly appreciated in business community because it saves hardware cost, cost of the technical people required to manage the database and it also saves the license cost of the database. Moreover, it offers reliable services and people can access their data 24 x 7 from anywhere provided the internet connection is available. Despite of all these advantages enterprises are reluctant to adopt DaaS, because of two types of threats that are associated with it. Firstly, it can be attacked by the hacker and secondly the privacy of data can be compromised by the administrators, managing the cloud database environment. In this paper we have focused on the second issue and proposed a model to protect privacy of data stored in cloud databases. As per proposed model we encrypt and obfuscate data on client side before sending to the cloud database. In addition we offer mechanism to query over encrypted and obfuscated data on server side. Once the required data is filtered on server side, it is transferred on client side where the de-obfuscation and decryption is performed. Experiment results are also highlighted showing the enhancement in performance due to obfuscation factor.

[1]  Siani Pearson,et al.  A client-based privacy manager for cloud computing , 2009, COMSWARE '09.

[2]  Bharat K. Bhargava,et al.  Secure and efficient access to outsourced data , 2009, CCSW '09.

[3]  Dan Lin,et al.  Data protection models for service provisioning in the cloud , 2010, SACMAT '10.

[4]  Sawan Kumar,et al.  Ensuring data storage security in Cloud Computing , 2009, 2009 17th International Workshop on Quality of Service.

[5]  V. Kavitha,et al.  A survey on security issues in service delivery models of cloud computing , 2011, J. Netw. Comput. Appl..

[6]  Hong Zhu,et al.  Executing Query over Encrypted Character Strings in Databases , 2007, 2007 Japan-China Joint Workshop on Frontier of Computer Science and Technology (FCST 2007).

[7]  Hakan Hacigümüs,et al.  Executing SQL over encrypted data in the database-service-provider model , 2002, SIGMOD '02.

[8]  Wei Wang,et al.  Storage and Query over Encrypted Character and Numerical Data in Database , 2005, The Fifth International Conference on Computer and Information Technology (CIT'05).

[9]  Ayman I. Kayssi,et al.  Privacy as a Service: Privacy-Aware Data Storage and Processing in Cloud Computing Architectures , 2009, 2009 Eighth IEEE International Conference on Dependable, Autonomic and Secure Computing.

[10]  Krishna P. Gummadi,et al.  Towards Trusted Cloud Computing , 2009, HotCloud.