StealthyCRM: A Secure Cloud CRM System Application that Supports Fully Homomorphic Database Encryption

Customer Relationship Management (CRM) system improves companies' profitability by helping companies focus on the relationships with customers, colleagues or suppliers. By having strong initiative to move applications to cloud, enterprises are hindered by cloud security and reliability issues [1], especially when it comes to financial industries. To provide a practical and secure solution to these enterprises, this project aims to build a cloud CRM system that enables fully homomorphic encryption. In order to explore the potential of this, the project integrates three key components: Open source CRM system Sugar CRM, partial homomorphic database system Crypt DB and fully homomorphic encryption library HElib. By leveraging the structure based on our previous work [2], Stealthy CRM successfully integrates fully homomorphic encryption support on top of Crypt DB database encryption environment. Besides that, Stealthy CRM enables a transparent and seamless integration to any CRM system by using a modified My SQL proxy to listen to, encrypt the queries and interact with Crypt DB and HElib subsystems. An evaluation of TPC-C and TPC-H queries is conducted on Stealthy CRM system. The result shows Stealthy CRM has 14%-28% throughput overhead for most of the CRM queries, compared with unmodified My SQL server. For complex TPC-H queries involving multiplication and composition of computation, Stealthy CRM is able to execute the query between 1.75 min to 11.7 min. Although the time takes to complete a fully homomorphic query in CRM system is still long, Stealthy CRM provided a prototype for researchers and other business application developers to explore the potential.

[1]  Hari Balakrishnan,et al.  CryptDB: A Practical Encrypted Relational DBMS , 2011 .

[2]  Ziynet Dayıoğlu Secure Database in Cloud Computing - CryptDB Revisited , 2014 .

[3]  Berk Sunar,et al.  On the Difficulty of Securing Web Applications Using CryptDB , 2014, 2014 IEEE Fourth International Conference on Big Data and Cloud Computing.

[5]  J. Nemecek,et al.  CRM and cloud computing , 2011 .

[6]  Murali Mani,et al.  Enabling Secure Database as a Service using Fully Homomorphic Encryption: Challenges and Opportunities , 2013, ArXiv.

[7]  Craig Gentry,et al.  A fully homomorphic encryption scheme , 2009 .

[8]  Shai Halevi,et al.  Bootstrapping for HElib , 2015, EUROCRYPT.

[9]  B. Bhavani Bai THE INTERNATIONAL JOURNAL OF SCIENCE & TECHNOLEDGE Ensuring Security at Data Level in Cloud using Multi Cloud Architecture , 2014 .

[10]  Mrs. I. Golda Selia,et al.  CRM System in Cloud Computing with Different Service Providers , 2012 .

[11]  Sri Vasavi,et al.  Cloud Computing: A CRM Service Based on a Separate Encryption and Decryption using Blowfish algorithm , 2012 .

[12]  Hari Balakrishnan,et al.  CryptDB: protecting confidentiality with encrypted query processing , 2011, SOSP.

[13]  Michael Miller,et al.  Cloud Computing: Web-Based Applications That Change the Way You Work and Collaborate Online , 2008 .

[14]  K. V. S. Prasad,et al.  A CRM Based Cryptography Service for Ensuring Security in Cloud Computing , 2013 .

[15]  Chien-Hsing Wu,et al.  A Business Model for Cloud Computing Based on a Separate Encryption and Decryption Service , 2011, 2011 International Conference on Information Science and Applications.

[16]  Shai Halevi,et al.  Algorithms in HElib , 2014, CRYPTO.