A novel architecture for database outsourcing in cloud computing with regard to data life cycle

Authors

1 Assistant Professor of Shahid Beheshti University of Tehran

2 Senior expert of Shahid Beheshti University of Tehran

Abstract

The increasing amount of information as well as lack of existence of sufficient computational facilities
and storage in organizations have caused various management problems. These problems on the one hand
and the rapid expansion of storage services on the other hand have made different organizations to use
cloud storage service providers in order to store and manage their organizational information. Using such
services, causes organizational information to be stored outside of the organization environment and therefore
the owner have less control over its information. Therefore, security concerns will be raised. Many security
solutions are proposed to deal with these security concerns, but most of these solutions have focused
on a particular aspect of data life cycle such as storage phases. Understanding and considering the data
life cycle as well as the challenges and the opportunities facing organizations leads to provide appropriate
solutions to overcome security concerns. This paper aims at discussing and analyzing the challenges and
opportunities facing organizations using data outsourcing services, and then a new architecture for the database
outsourcing with regards to the data life cycle will be presented.

Keywords


[1] J. N. Lee, M. Q. Huynh, R. C. W. Kwok, and S.
M. Pi, “IT outsourcing evolution: past present and
future,” Communications of the ACM, pp. 84-89,
2003.
[2] Mcfredries, “Technically speaking: The cloud is
the computer,” Spectrum, IEEE, pp. 20-20, 2008.
[3] P. Mell and T. Grance, “The NIST definition of
cloud computing (draft),” NIST special publication,
pp.1-8, 2011.
[4] J. Q. Anderson and H. Rainie, “The future of
cloud computing,” Washington, DC: Pew Internet
& American Life Project, 2010.
[5] M. Miller, “Cloud computing: Web-based applications
that change the way you work and collaborate
online,” Que publishing, 2008.
[6] R. Buyya, J. Broberg, and Goscinski, “Cloud computing:
Principles and paradigms,” John Wiley &
Sons, 2010.
[7] R. Saint-Germain, “Information security management
best practice based on ISO/IEC
17799,” Information Management Journal, pp. 60-
66, 2005.
[8] L. Bouganim and P. Pucheral, “Chip-secured data
access: Confidential data on untrusted servers,”
In Proceedings of the 28th international conference
on Very Large Data Bases, 2002.
[9] G. Brunette and R. Mogull, “Security guidance for
critical areas of focus in cloud computing v2.
1,” Cloud Security Alliance, pp. 1-76, 2009.
[10] C. Dong, R. Giovanni, and D. Naranker, “Shared
and searchable encrypted data for untrusted servers,”
Journal of Computer Security, pp. 367-397,
2011.
[11] E. Ferrari, “Database as a Service: Challenges and
solutions for privacy and security,” Services Computing
Conference, 2009.
[12] H. Kadhem, T. Amagasa, and H. Kitagawa, “A
novel framework for database security based on
mixed cryptography,” In Internet and Web Applications
and Services, Fourth International Conference
IEEE, pp. 163-170, 2009.
[13] J. Hur and D. K. Noh, “Attribute-based access
control with efficient revocation in data outsourcing
systems,” Parallel and Distributed Systems,
IEEE Transactions, pp. 1214-1221, 2011.
[14] S. Yu, C. Wang, K. Ren, and W. Lou, “Attribute
based data sharing with attribute revocation,”
In Proceedings of the 5th ACM Symposium on
Information, Computer and Communications Security,
pp. 261-270, 2010.
[15] S. D. C. Di Vimercati, S. Foresti, S. Jajodia, S.
Paraboschi, and P. Samarati, “Over-encryption:
management of access control evolution on outsourced
data,” In Proceedings of the 33rd international
conference on Very large data bases, pp.
123-134, 2007.
[16] L. Ibraimi, M. Petkovic, S. Nikova, P. Hartel, and
W. Jonker, “Mediated ciphertext-policy attributebased
encryption and its application,”
In Information Security Applications, pp. 309-323,
2009.
[17] S. D. C. Di Vimercati, S. Foresti, S. Jajodia,
Paraboschi, S., & Samarati, P. “A data outsourcing
architecture combining cryptography and access
control.” In Proceedings of the ACM workshop on
Computer security architecture, pp. 63-69, 2007.
[18] Foresti, S. “Preserving privacy in data outsourcing”,
Springer 2010.
[19] E. Damiani, S. D. C. Di Vimercati, S. Foresti, S.
Jajodia, S. Paraboschi and P. Samarati, “Metadata
management in outsourced encrypted databases,”
In Secure Data Management, pp. 16-32, 2005.
[20] E. Mykletun, M. Narasimha, and G. Tsudik,
“Authentication and integrity in outsourced databases,”
ACM, 2006.
Volume 2, Issue 4 - Serial Number 4
September 2020
Pages 41-54
  • Receive Date: 25 May 2014
  • Revise Date: 04 July 2023
  • Accept Date: 19 September 2018
  • Publish Date: 21 January 2015