Skip to main content
SpringerLink
Log in

Data Fragmentation Scheme: Improving Database Security in Cloud Computing

  • Conference paper
  • First Online:
Recent Trends in Computer Applications

  • 438 Accesses

Abstract

Cloud computing is a technology that promotes numerous configurable resources in which the data is stored and managed in a decentralized manner. However, as the data is out of the owner’s control, concerns have arisen regarding data confidentiality. Encryption schemes have been proposed to provide users with confidentiality for data stored in a cloud; however, many of these encryption algorithms are weak, enabling data security to be breached simply by compromising a weak encryption algorithm. We propose a combination of encryption algorithms and a distributed system to improve database confidentiality. This scheme distributes the database over the clouds based on the level of security that is provided by the utilized encryption algorithms. We analyzed our proposed system by designing and conducting experiments and by comparing our scheme with existing solutions. The results show that our scheme offers a highly secure approach providing users with data confidentiality and providing acceptable overhead performance.

This is an extended version of a preliminary conference paper that was accepted and presented in ICCA 2017 [2].

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Hardcover Book
USD 54.99
Price excludes VAT (USA)
  • Durable hardcover edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. P. Mell, T. Grance, and T. Grance, “The NIST Definition of Cloud Computing Recommendations of the National Institute of Standards and Technology,” 2011.

    Google Scholar 

  2. A. Amjad, P. Bodorik, and S. Sampalli, “Improving database security in cloud computing by fragmentation of data,” in 2017 International Conference on Computer and Applications (ICCA). IEEE, Sept 2017, pp. 43–49.

    Google Scholar 

  3. H. Hacig, “Query Optimization in Encrypted Database,” pp. 43–55, 2005.

    Google Scholar 

  4. N. Anciaux, M. Benzine, L. Bouganim, P. Pucheral, D. Shasha, and I. Rocquencourt, “GhostDB : Querying Visible and Hidden Data Without Leaks,” 2007.

    Google Scholar 

  5. A. Hudic, S. Islam, P. Kieseberg, S. Rennert, and E. R. Weippl, “Data confidentiality using fragmentation in cloud computing,” International Journal of Pervasive Computing and Communications, vol. 9, no. 1, pp. 37–51, 2013. [Online]. Available: http://www.scopus.com/inward/record.url?eid=2-s2.0-84878829696{&}partnerID=tZOtx3y1

  6. H. Hacig and C. Li, “Executing SQL over Encrypted Data in the Database-Service-Provider Model,” vol. 7, 2002.

    Google Scholar 

  7. B. Hore, S. Mehrotra, M. Canim, and M. Kantarcioglu, “Secure multidimensional range queries over outsourced data,” The VLDB Journal, vol. 21, no. 3, pp. 333–358, Aug 2011. [Online]. Available: http://link.springer.com/10.1007/s00778-011-0245-7

  8. B. Hore, S. Mehrotra, and G. Tsudik, “A privacy-preserving index for range queries,” pp. 720–731, Aug 2004. [Online]. Available: http://dl.acm.org/citation.cfm?id=1316689.1316752

  9. L. Bouganim and P. Pucheral, “Chip-Secured Data Access : Confidential Data on Untrusted Servers,” 2002.

    Google Scholar 

  10. S. Y. Ko and K. Jeon, “The HybrEx Model for Confidentiality and Privacy in Cloud Computing,” 2011.

    Google Scholar 

  11. K. Zhang, X. Zhou, Y. Chen, and X. Wang, “Sedic : Privacy-Aware Data Intensive Computing on Hybrid Clouds Categories and Subject Descriptors,” pp. 515–525, 2011.

    Google Scholar 

  12. Z. Zhou, H. Zhang, X. Du, P. Li, and X. Yu, “Prometheus : Privacy-Aware Data Retrieval on Hybrid Cloud,” pp. 2643–2651, 2013.

    Google Scholar 

  13. C. Zhang, E.-c. Chang, and R. H. C. Yap, “Tagged-MapReduce : A General Framework for Secure Computing with Mixed-Sensitivity Data on Hybrid Clouds,” pp. 31–40, 2014.

    Google Scholar 

  14. K. Y. Oktay and S. Mehrotra, “SEMROD : Secure and Efficient MapReduce Over HybriD Clouds The University of Texas at Dallas,” pp. 153–166, 2015.

    Google Scholar 

  15. R. A. Popa, C. M. S. Redfield, N. Zeldovich, and H. Balakrishnan, “CryptDB : Protecting Confidentiality with Encrypted Query Processing,” pp. 85–100, 2012.

    Google Scholar 

  16. E.-O. Blass, G. Noubir, and T. D. Vo-Huu, “Epic: Efficient privacy-preserving counting for mapreduce,” Cryptology ePrint Archive, Report 2012/452, 2012, http://eprint.iacr.org/2012/452.

  17. J. J. Stephen, S. Savvides, R. Seidel, and P. Eugster, “Practical confidentiality preserving big data analysis,” in 6th USENIX Workshop on Hot Topics in Cloud Computing (HotCloud 14). Philadelphia, PA: USENIX Association, Jun. 2014. [Online]. Available: https://www.usenix.org/conference/hotcloud14/workshop-program/presentation/stephen

  18. T. Mayberry, E.-o. Blass, and A. H. Chan, “PIRMAP : Efficient Private Information Retrieval for MapReduce,” pp. 371–385, 2013.

    Google Scholar 

  19. E.-o. Blass, R. D. Pietro, R. Molva, and M. Onen, “PRISM — Privacy-Preserving Search in MapReduce,” pp. 180–200, 2012.

    Google Scholar 

  20. S. D. Tetali and T. Millstein, “MrCrypt : Static Analysis for Secure Cloud Computations,” pp. 271–286, 2013.

    Google Scholar 

  21. D. Liu, S. Wang, and C. I. C. T. Centre, “Programmable Order-Preserving Secure Index for Encrypted Database Query,” 2012 IEEE Fifth International Conference on Cloud Computing, pp. 502–509, Jun. 2012. [Online]. Available: http://ieeexplore.ieee.org/lpdocs/epic03/wrapper.htm?arnumber=6253544

  22. D. Xiaodong, S. David, and W. Adrian, “Practical Techniques for Searches on Encrypted Data.”

    Google Scholar 

  23. N. Singhal and J. P. S. Raina, “Comparative Analysis of AES and RC4 Algorithms for Better Utilization,” pp. 177–181, 2011.

    Google Scholar 

  24. W. Stallings, Cryptography and network security: Principles and practice. Upper Saddle River, N.J. : Prentice Hall, 1999.

    Google Scholar 

  25. P. Samarati and I. C. Society, “Protecting Respondents’ Identities in Microdata Release,” vol. 13, no. 6, pp. 1010–1027, 2001.

    Google Scholar 

  26. J. Daemen, The design of Rijndael : AES - the advanced encryption standard with 17 tables. Berlin [u.a.]: Springer, 2002.

    Google Scholar 

  27. J. Blomer, “Fault Based Cryptanalysis of the Advanced Encryption Standard (AES),” Lecture notes in computer science., no. 2742, pp. 162 – 181, 2003.

    Google Scholar 

  28. E. M. Mohamed, “Enhanced Data Security Model for Cloud Computing,” pp. 12–17, 2012.

    Google Scholar 

  29. A. Arasu, S. Blanas, K. Eguro, M. Joglekar, R. Kaushik, D. Kossmann, R. Ramamurthy, P. Upadhyaya, and R. Venkatesan, “Secure database-as-a-service with Cipherbase,” Proceedings of the 2013 international conference on Management of data - SIGMOD ’13, p. 1033, 2013. [Online]. Available: http://dl.acm.org/citation.cfm?doid=2463676.2467797

  30. G. Nalinipriya and R. Aswin Kumar, “Extensive medical data storage with prominent symmetric algorithms on cloud - A protected framework,” International Conference on Smart Structures and Systems - Icsss’13, pp. 171–177, Mar. 2013. [Online]. Available: http://ieeexplore.ieee.org/lpdocs/epic03/wrapper.htm?arnumber=6623021

  31. “Rackspace: The Leader in Hybrid Cloud.” [Online]. Available: http://www.rackspace.com/

Download references

Acknowledgments

This work is partially supported by Aljouf University represented by the Saudi Arabian Cultural Bureau in Canada. The authors would like to thank the anonymous reviewers for their constructive comments.

Author information

Authors and Affiliations

  1. Faculty of Computer Science, Dalhousie University, Halifax, NS, Canada

    Amjad Alsirhani, Peter Bodorik & Srinivas Sampalli

Authors
  1. Amjad Alsirhani
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Peter Bodorik
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Srinivas Sampalli
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Peter Bodorik .

Editor information

Editors and Affiliations

  1. Computer Science and Engineering, Qatar University, Doha, Qatar

    Jihad Mohamad Alja’am

  2. Faculty of Engineering, University of Ottawa, Ottawa, ON, Canada

    Abdulmotaleb El Saddik

  3. Electronic and Computer Engineering, Brunel University London, Uxbridge, UK

    Abdul Hamid Sadka

Rights and permissions

Reprints and permissions

Copyright information

© 2018 Springer International Publishing AG, part of Springer Nature

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Alsirhani, A., Bodorik, P., Sampalli, S. (2018). Data Fragmentation Scheme: Improving Database Security in Cloud Computing. In: Alja’am, J., El Saddik, A., Sadka, A. (eds) Recent Trends in Computer Applications. Springer, Cham. https://doi.org/10.1007/978-3-319-89914-5_8

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-89914-5_8

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-89913-8

  • Online ISBN: 978-3-319-89914-5

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation