Meta-data Driven Data Chunk Based Secure Data Storage for SaaS

Software-as-a-Service, i.e. SaaS, is an emergin g model that allows t enants t o out source computation a nd sto rage of their sensitive data to ext ernal service provid ers. Although Saa S mo del provides many b enefits, it introduce s new security conce rns in dat a s torage. Untrustworthy service providers might violate tenants’ da ta priva cy or maliciously delete, mod ify and falsify tenants’ data due to some reason, which hinders wider adoption of SaaS model. With regard to data storage security issue of S aaS model, this paper gives the c oncept of data combination privacy and data integrity for SaaS, and th en presents a novel data storage protection mechanism which combines the data privacy protection issue and secure data possession issues based on a meta-data driven data chunk based data storage model. For data privacy issue in SaaS, this paper uses the data fragmentation technology to hidden t he ass ociation between data att ributes based on dat a co mbination privacy c oncept, wh ich protects the privacy of data. For secure d ata possession issue in SaaS, this paper gives the concept of data i ntegrity, considers secure data poss ession in term s of du rable i ntegrity, corre ct int egrity and provenance in tegrity, proposes a nove l secure dat a stora ge verifica tion mecha nism based on da ta chunk for Saa S model . B ased on a met a-data d riven da ta chun k based dat a-sharing stora ge mod el, data privacy and data integrity issues could be solved together well. We demonstrate the correctness and effectiveness of this mechanism through the experiments in this paper.

[1]  Reza Curtmola,et al.  Provable data possession at untrusted stores , 2007, CCS '07.

[2]  Cong Wang,et al.  Enabling Public Verifiability and Data Dynamics for Storage Security in Cloud Computing , 2009, ESORICS.

[3]  Zhou Shui Privacy Preservation in Database Applications:A Survey , 2009 .

[4]  Xiaofeng Meng,et al.  Integrity Auditing of Outsourced Data , 2007, VLDB.

[5]  Shing-Chi Cheung,et al.  Constructing and testing privacy-aware services in a cloud computing environment: challenges and opportunities , 2009, Internetware.

[6]  Hakan Hacigümüs,et al.  Providing database as a service , 2002, Proceedings 18th International Conference on Data Engineering.

[7]  Siani Pearson,et al.  A Privacy Manager for Cloud Computing , 2009, CloudCom.

[8]  Ayman I. Kayssi,et al.  Privacy as a Service: Privacy-Aware Data Storage and Processing in Cloud Computing Architectures , 2009, 2009 Eighth IEEE International Conference on Dependable, Autonomic and Secure Computing.

[9]  Yin Jian,et al.  A Data Privacy Preservation Method Based on Lossy Decomposition , 2009 .

[10]  Yuliang Shi,et al.  Data Privacy Preserving Mechanism Based on Tenant Customization for SaaS , 2009, 2009 International Conference on Multimedia Information Networking and Security.

[11]  Tian Xiu Database as a Service——Security and Privacy Preserving , 2010 .

[12]  Sushil Jajodia,et al.  Enforcing Confidentiality Constraints on Sensitive Databases with Lightweight Trusted Clients , 2009, DBSec.

[13]  Aoying Zhou,et al.  Database as a Service-Security and Privacy Preserving: Database as a Service-Security and Privacy Preserving , 2010 .

[14]  Siani Pearson,et al.  A client-based privacy manager for cloud computing , 2009, COMSWARE '09.

[15]  Ari Juels,et al.  Pors: proofs of retrievability for large files , 2007, CCS '07.

[16]  Ari Juels,et al.  HAIL: a high-availability and integrity layer for cloud storage , 2009, CCS.

[17]  Francesco Parisi-Presicce,et al.  Blind Custodians: A Database Service Architecture That Supports Privacy Without Encryption , 2005, DBSec.

[18]  Sushil Jajodia,et al.  Fragmentation and Encryption to Enforce Privacy in Data Storage , 2007, ESORICS.

[19]  Jian Pei,et al.  Correlation hiding by independence masking , 2010, 2010 IEEE 26th International Conference on Data Engineering (ICDE 2010).

[20]  Craig Gentry,et al.  Fully homomorphic encryption using ideal lattices , 2009, STOC '09.

[21]  Ma Hui-dong A Database Encryption Method Based on Information Dissociation and Association , 2007 .

[22]  Cong Wang,et al.  Ensuring data storage security in Cloud Computing , 2009, 2009 17th International Workshop on Quality of Service.

[23]  Philip S. Yu,et al.  Dual encryption for query integrity assurance , 2008, CIKM '08.