Performance and cost evaluation of an adaptive encryption architecture for cloud databases

Authors

  • Raviteja P M.Tech. from Tirumala Engineering College, Hyderabad, Telangana, India
  • Kumar MU M.Tech., Assistant Professor, Dept.of CSE, Tirumala Engineering College, Hyderabad, Telangana, India
  • Parimala M M.Tech., Associate Professor, Dept.of CSE, Tirumala Engineering College, Hyderabad, Telangana, India
  • Someswar GM B.Tech., M.S.(USA), Ph.D., Director General & Scientist „G‟, Global Research Academy, Hyderabad, Telangana, India

Keywords:

Database as a Service(DBaaS), adaptive encryption scheme, Top Down Integration, Bottom Up Integration, Adaptive encryption, Metadata structure, Encrypted database management

Abstract

The cloud computing paradigm is successfully converging as the fifth utility, but this positive trend is partially limited by concerns about information confidentiality and unclear costs over a medium-long term. We are interested in the Database as a Service paradigm (DBaaS) that poses several research challenges in terms of security and cost evaluation from a tenant‟s point of view. Most results concerning encryption for cloud-based services are inapplicable to the database paradigm. Other encryption schemes, which allow the execution of SQL operations over encrypted data, either suffer from performance limits or they require the choice of which encryption scheme must be adopted for each database column and SQL operations. These latter proposals are fine when the set of queries can be statically determined at design time, while in this paper we are interested to other common scenarios where the workload may change after the database design. In this system, we propose a novel architecture for adaptive encryption of public cloud databases that offers a proxy-free alternative to the system proposed in. The proposed architecture guarantees in an adaptive way the best level of data confidentiality for any database workload, even when the set of SQL queries dynamically changes. The adaptive encryption scheme, which was initially proposed for applications not referring to the cloud, encrypts each plain column into multiple encrypted columns, and each value is encapsulated into different layers of encryption, so that the outer layers guarantee higher confidentiality but support fewer computation capabilities with respect to the inner layers. The outer layers are dynamically adapted at runtime when new SQL operations are added to the workload.

References

R. Buyya, C. S. Yeo, S. Venugopal, J. Broberg, and I. Brandic, “Cloud computing and emerging it platforms: Vision, hype, and reality for delivering computing as the 5th utility,” Future Generation Computer Systems, vol. 25, no. 6, pp. 599–616, 2009.

T. Mather, S. Kumaraswamy, and S. Latif, Cloud security and privacy: an enterprise perspective on risks and compliance. O‟Reilly Media, Incorporated, 2009.

H.-L. Truong and S. Dustdar, “Composable cost estimation and monitoring for computational applications in cloud computing environments,” Procedia Computer Science, vol. 1, no. 1, pp. 2175 – 2184, 2010, iCCS 2010.

E. Deelman, G. Singh, M. Livny, B. Berriman, and J. Good, “The cost of doing science on the cloud: the montage example,” in Proc. 2008 ACM/IEEE Conf. Supercomputing, ser. SC ‟08. Piscataway, NJ, USA: IEEE Press, 2008, pp. 50:1–50:12.

H. Hacig¨um¨us¸, B. Iyer, and S. Mehrotra, “Providing database as a service,” in Proc. 18th IEEE Int’l Conf. Data Engineering, Feb. 2002.

G. Wang, Q. Liu, and J. Wu, “Hierarchical attributebased encryption for fine-grained access control in cloud storage services,” in Proc. 17th ACM Conf. Computer and communications security. ACM, 2010, pp. 735–737.

Google, “Google Cloud Platform Storage with serverside encryption,” http://googlecloudplatform.blogspot.it/2013/08/ googlecloud-storage-now-provides.html, Mar. 2014.

H. Hacig¨um¨us¸, B. Iyer, C. Li, and S. Mehrotra, “Executing sql over encrypted data in the database-serviceprovider model,” in Proc. ACM SIGMOD Int’l Conf. Management of data, June 2002.

L. Ferretti, M. Colajanni, and M. Marchetti, “Distributed, concurrent, and independent access to encrypted cloud databases,” IEEE Trans. Parallel and Distributed Systems, vol. 25, no. 2, Feb. 2014.

R. A. Popa, C. M. S. Redfield, N. Zeldovich, and H. Balakrishnan, “CryptDB: protecting confidentiality with encrypted query processing,” in Proc. 23rd ACM Symp. Operating Systems Principles, Oct. 2011.

C. Gentry, “Fully homomorphic encryption using ideal lattices,” in Proc. 41st ACM Symp. Theory of computing, May 2009.

A. Boldyreva, N. Chenette, and A. O‟Neill, “Orderpreserving encryption revisited: Improved security analysis and alternative solutions,” in Proc. Advances in Cryptology – CRYPTO 2011. Springer, Aug. 2011.

P. Paillier, “Public-key cryptosystems based on composite degree residuosity classes,” in Proc. Advances in Cryptology – EUROCRYPT99. Springer, May 1999.

D. Song, D. Wagner, and A. Perrig, “Practical techniques for searches on encrypted data,” in Proc. IEEE Symposium on Security and Privacy., May 2000.

L. Ferretti, F. Pierazzi, M. Colajanni, and M. Marchetti, “Security and confidentiality solutions for public cloud database services,” in Proc. Seventh Int’l Conf. Emerging Security Information, Systems and Technologies, Aug. 2013.

A. Greenberg, J. Hamilton, D. A. Maltz, and P. Patel, “The cost of a cloud: research problems in data center networks,” SIGCOMM Comput. Commun. Rev., vol. 39, no. 1, pp. 68–73, Jan. 2008.

L. Popa, S. Ratnasamy, G. Iannaccone, A. Krishnamurthy, and I. Stoica, “A Cost Comparison of Data Center Network Architectures,” in Proc. ACM Int’l Conf. Emerging Networking Experiments and Technologies, 2010.

R. N. Calheiros, R. Ranjan, A. Beloglazov, C. A. De Rose, and R. Buyya, “Cloudsim: a toolkit for modeling and simulation of cloud computing environments and evaluation of resource provisioning algorithms,” Software: Practice and Experience, vol. 41, no. 1, pp. 23–50, 2011.

O. Goldreich, Foundations of Cryptography: Volume 2, Basic Applications. Cambridge university press, 2004.

J. Daemen and V. Rijmen, The design of Rijndael: AES – the advanced encryption standard. Springer, 2002.

B. Schneier, “Description of a new variable-length key, 64-bit block cipher (blowfish),” in Proc. Cambridge Security Work. Fast Software Encryption, Dec. 1993.

Downloads

Published

2024-02-26

How to Cite

Raviteja, P., Kumar, M., Parimala, M., & Someswar, G. (2024). Performance and cost evaluation of an adaptive encryption architecture for cloud databases. COMPUSOFT: An International Journal of Advanced Computer Technology, 5(06), 2149–2155. Retrieved from https://ijact.in/index.php/j/article/view/375

Issue

Section

Original Research Article

Similar Articles

<< < 16 17 18 19 20 21 

You may also start an advanced similarity search for this article.