Please use this identifier to cite or link to this item:
Public Cloud Database Outsourcing Security Protection Mechanism：Comparison of CryptDB with Fragmentation
|Issue Date:||2020-03-02 11:37:49 (UTC+8)|
During the past few years, cloud service is an information system application that enterprises pay great attention to. In today's network environment, to make it easier and faster to share deployed data, application services, and to balance storage costs and efficiency, individuals and businesses are choosing to move data to the cloud and use cloud services to help you get the job done. Store and use the cloud service to assist with the work. Nowadays, the general public use computers and most of them will install anti-virus software and firewalls. The reason is that users have learned that protecting data is important to personal privacy. Similarly, when data is uploaded to the cloud, data is no longer controlled by users. It is managed by the cloud platform service provider and the security concerns are further enhanced. How the system service provider can protect the customer's data integrity, privacy and availability is the most important part of every cloud service user.
In this study will use two public cloud database protection methods: CryptDB and Fragmentation to explore how companies can operate outsourced data in the cloud while meeting the three essential conditions of confidentiality, integrity, and availability, as well as the comparison of differences in storage management, data operation, and usage processes. Give specific contributions by giving advice and choice to build a database.
|Reference:|| “Cisco Visual Networking Index: Forecast and Trends, 2017–2022 White Paper,” https://www.cisco.com/c/en/us/solutions/collateral/service-provider/visual-networking-index-vni/white-paper-c11-741490.html, accessed: 2019-10-10.|
 R. A. Popa et al., “Cryptdb: Protecting confidentiality with encrypted query processing,” in Proceedings of the Twenty-Third ACM Symposium on Operating Systems Principles, ser. SOSP ’11. New York, NY, USA: ACM, 2011, pp. 85–100. [Online]. Available: http://doi.acm.org/10.1145/2043556.2043566
 S. D. C. di Vimercati et al., “Encryption and fragmentation for data confidentiality in the cloud,” Lecture Notes in Computer Science, vol. 8604, pp.212–243, 2012.
 S. De Capitani di Vimercati et al., “Fragmentation in presence of data dependencies,” IEEE Transactions on Dependable and Secure Computing (TDSC), vol. 11, no. 6, pp. 510–523, November/December 2014.
 M. Almorsy, J. C. Grundy, and I. Müller, “An analysis of the cloud
computing security problem,” CoRR, vol. abs/1609.01107, 2016. [Online]. Available: http://arxiv.org/abs/1609.01107
 M. Pearce, M. Pearce, and M. Pearce, “Virtualization: Issues, security threats, and solutions,” ACM Computing Surveys (CSUR), vol. 45, no. 2, 2013.
 R. L. Rivest and A. T. Sherman, “Randomized encryption techniques,” in Advances in Cryptology, D. Chaum, R. L. Rivest, and A. T. Sherman, Eds. Boston, MA: Springer US, 1983, pp. 145–163.
 A. Boldyreva, N. Chenette, Y. Lee, and A. O＇neill, “Order-preserving symmetric encryption,” in Annual International Conference on the Theory and Applications of Cryptographic Techniques. Springer, 2009, pp. 224–241.
 C. Gentry et al., “Fully homomorphic encryption using ideal lattices.” in Stoc, vol. 9, no. 2009, 2009, pp. 169–178.
 K. Krombholz et al., “Advanced social engineering attacks,” J. Inf. Secur. Appl., vol. 22, no. C, pp. 113–122, Jun. 2015. [Online]. Available:http://dx.doi.org/10.1016/j.jisa.2014.09.005
 B. H. Bloom, “Space/time trade-offs in hash coding with allowable errors,” Commun. ACM, vol. 13, no. 7, pp. 422–426, Jul. 1970. [Online]. Available:http://doi.acm.org/10.1145/362686.362692
 H. Hacigumus, B. Iyer, and S. Mehrotra, “Providing database as a service,” 02 2002, pp. 29 – 38.
 S. D. C. di Vimercati, S. Foresti, and P. Samarati, Selective and Fine-Grained Access to Data in the Cloud. New York, NY: Springer New York, 2014, pp. 123–148. [Online]. Available: https://doi.org/10.1007/978-1-4614-9278-8_6
 S. Jajodia et al., Secure Cloud Computing. Springer-Verlag New York, 2014.
 E. Damiani et al., “Balancing confidentiality and efficiency in untrusted relational dbmss,” in Proceedings of the 10th ACM Conference on Computer and Communications Security, ser. CCS ’03. New York, NY, USA: ACM, 2003, pp. 93–102. [Online]. Available: http://doi.acm.org/10.1145/948109.948124
 G. Aggarwal et al., “Two can keep a secret: A distributed architecture for secure database services,” in CIDR, 2005.
 V. Ciriani et al., “Fragmentation and encryption to enforce privacy in data storage,” in Computer Security – ESORICS 2007, J. Biskup and J. López, Eds. Berlin, Heidelberg: Springer Berlin Heidelberg, 2007, pp. 171–186.
 ——, “Combining fragmentation and encryption to protect privacy in data storage,” ACM Trans. Inf. Syst. Secur., vol. 13, 07 2010.
 ——, “Keep a few: Outsourcing data while maintaining confidentiality,” vol. 5789, 09 2009, pp. 440–455.
 ——, “Selective data outsourcing for enforcing privacy,” Journal of Computer Security, vol. 19, pp. 531–566, 01 2011.
 S. Tu, M. F. Kaashoek, S. Madden, and N. Zeldovich, “Processing analytical queries over encrypted data,” Proc. VLDB Endow., vol. 6, no. 5, pp. 289–300, Mar. 2013. [Online]. Available: http://dx.doi.org/10.14778/2535573.2488336
|Appears in Collections:||[資訊科學系碩士在職專班] 學位論文|
Files in This Item:
All items in 學術集成 are protected by copyright, with all rights reserved.