The success of the cloud database paradigm is strictly related to strong guarantees in terms of service availability, scalability and security, but also of data confidentiality. Any cloud provider assures the security and availability of its platform, while the implementation of scalable solutions to guarantee confidentiality of the information stored in cloud databases is an open problem left to the tenant. Existing solutions address some preliminary issues through SQL operations on encrypted data. We propose the first complete architecture that combines data encryption, key management, authentication and authorization solutions, and that addresses the issues related to typical threat scenarios for cloud database services. Formal models describe the proposed solutions for enforcing access control and for guaranteeing confidentiality of data and metadata. Experimental evaluations based on standard benchmarks and real Internet scenarios show that the proposed architecture satisfies also scalability and performance requirements.
Scalable architecture for multi-user encrypted SQL operations on cloud database services / Ferretti, Luca; Pierazzi, Fabio; Colajanni, Michele; Marchetti, Mirco. - In: IEEE TRANSACTIONS ON CLOUD COMPUTING. - ISSN 2168-7161. - STAMPA. - 2:4(2014), pp. 448-458. [10.1109/TCC.2014.2378782]
Scalable architecture for multi-user encrypted SQL operations on cloud database services
FERRETTI, LUCA;PIERAZZI, FABIO;COLAJANNI, Michele;MARCHETTI, Mirco
2014
Abstract
The success of the cloud database paradigm is strictly related to strong guarantees in terms of service availability, scalability and security, but also of data confidentiality. Any cloud provider assures the security and availability of its platform, while the implementation of scalable solutions to guarantee confidentiality of the information stored in cloud databases is an open problem left to the tenant. Existing solutions address some preliminary issues through SQL operations on encrypted data. We propose the first complete architecture that combines data encryption, key management, authentication and authorization solutions, and that addresses the issues related to typical threat scenarios for cloud database services. Formal models describe the proposed solutions for enforcing access control and for guaranteeing confidentiality of data and metadata. Experimental evaluations based on standard benchmarks and real Internet scenarios show that the proposed architecture satisfies also scalability and performance requirements.File | Dimensione | Formato | |
---|---|---|---|
TCC2378782_final2015.pdf
Accesso riservato
Tipologia:
Versione pubblicata dall'editore
Dimensione
564.45 kB
Formato
Adobe PDF
|
564.45 kB | Adobe PDF | Visualizza/Apri Richiedi una copia |
Pubblicazioni consigliate
I metadati presenti in IRIS UNIMORE sono rilasciati con licenza Creative Commons CC0 1.0 Universal, mentre i file delle pubblicazioni sono rilasciati con licenza Attribuzione 4.0 Internazionale (CC BY 4.0), salvo diversa indicazione.
In caso di violazione di copyright, contattare Supporto Iris