Data Privacy Preserving Mechanism Based on Tenant Customization for SaaS

As a newly software delivery model, Software as a Service, SaaS for short, is the best way for small and medium enterprise to adopt the newly technology. However trustworthiness is greatest challenge in the wide acceptance of SaaS. In the absence of trustworthiness in SaaS applications, data privacy is the primary and the most important issue for tenants. How to protect the data privacy when software service and database are both hosted at the service provider's client is still an open issue. So based on the customization feature of SaaS applications and shared database shared schema storage model, this paper demonstrates the shared data storage model, defines three kinds of privacy constraints, and then proposes a customizable privacy constraints based approach for data privacy preserving by combing data encryption and information disassociation. This approach is proofed correctly and could be used for privacy preserving in SaaS applications in static scenarios.

[1]  Hakan Hacigümüs,et al.  Providing database as a service , 2002, Proceedings 18th International Conference on Data Engineering.

[2]  Bo Gao,et al.  A Framework for Native Multi-Tenancy Application Development and Management , 2007, The 9th IEEE International Conference on E-Commerce Technology and The 4th IEEE International Conference on Enterprise Computing, E-Commerce and E-Services (CEC-EEE 2007).

[3]  Dean Jacobs,et al.  Ruminations on Multi-Tenant Databases , 2007, BTW.

[4]  Jeroen Doumen,et al.  Searching in encrypted data , 2004 .

[5]  Wei Sun,et al.  Software as a Service: Configuration and Customization Perspectives , 2008, 2008 IEEE Congress on Services Part II (services-2 2008).

[6]  Rajeev Motwani,et al.  Two Can Keep A Secret: A Distributed Architecture for Secure Database Services , 2005, CIDR.

[7]  Sushil Jajodia,et al.  Fragmentation and Encryption to Enforce Privacy in Data Storage , 2007, ESORICS.

[8]  Francesco Parisi-Presicce,et al.  Blind Custodians: A Database Service Architecture That Supports Privacy Without Encryption , 2005, DBSec.

[9]  Ma Hui-dong A Database Encryption Method Based on Information Dissociation and Association , 2007 .

[10]  Thomas Kwok,et al.  A Software as a Service with Multi-tenancy Support for an Electronic Contract Management Application , 2008, 2008 IEEE International Conference on Services Computing.

[11]  Yuan Zhou,et al.  Supporting Database Applications as a Service , 2009, 2009 IEEE 25th International Conference on Data Engineering.

[12]  Ranajn Bangalore Seetharama MULTI-TENANT DATABASES FOR SOFTWARE AS A SERVICE , 2008 .