Transparent Data Encryption for Data-in-Use and Data-at-Rest in a Cloud-Based Database-as-a-Service Solution
With high and growing supply of Database-as-a-Service solutions from cloud platform vendors, many enterprises still show moderate to low demand for them. Even though migration to a DaaS solution might result in a significantly reduced bill for IT maintenance, data security and privacy issues are amo...
Saved in:
| Main Authors: | , |
|---|---|
| Other Authors: | |
| Format: | Conference or Workshop Item |
| Language: | English |
| Published: |
2017
|
| Subjects: | |
| Online Access: | https://hdl.handle.net/10356/83217 http://hdl.handle.net/10220/42463 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Institution: | Nanyang Technological University |
| Language: | English |
| id |
sg-ntu-dr.10356-83217 |
|---|---|
| record_format |
dspace |
| spelling |
sg-ntu-dr.10356-832172020-03-07T11:48:45Z Transparent Data Encryption for Data-in-Use and Data-at-Rest in a Cloud-Based Database-as-a-Service Solution Sidorov, Vasily Ng, Wee Keong School of Computer Science and Engineering 2015 IEEE World Congress on Services (SERVICES) Query processing Relational databases With high and growing supply of Database-as-a-Service solutions from cloud platform vendors, many enterprises still show moderate to low demand for them. Even though migration to a DaaS solution might result in a significantly reduced bill for IT maintenance, data security and privacy issues are among the reasons of low popularity of these services. Such a migration is also often only justified if it could be done seamlessly, with as few changes to the system as possible. Transparent Data Encryption could help, but solutions for TDE shipped with major database systems are limited to securing only data-at-rest, and appear to be useless if the machine could be physically accessed by the adversary, which is a probable risk when hosting in the cloud. This paper proposes a different approach to TDE, which takes into account cloud-specific risks, extends encryption to cover data-in-use and partly data-in-motion, and is capable of executing large subsets of SQL including heavy relational operations, complex operations over attributes, and transactions. Accepted version 2017-05-22T07:43:34Z 2019-12-06T15:14:13Z 2017-05-22T07:43:34Z 2019-12-06T15:14:13Z 2015-06-01 2015 Conference Paper Sidorov, V., & Ng, W. K. (2015). Transparent Data Encryption for Data-in-Use and Data-at-Rest in a Cloud-Based Database-as-a-Service Solution. 2015 IEEE World Congress on Services (SERVICES), 221-228. https://hdl.handle.net/10356/83217 http://hdl.handle.net/10220/42463 10.1109/SERVICES.2015.40 200905 en © 2015 IEEE. Personal use of this material is permitted. Permission from IEEE must be obtained for all other uses, in any current or future media, including reprinting/republishing this material for advertising or promotional purposes, creating new collective works, for resale or redistribution to servers or lists, or reuse of any copyrighted component of this work in other works. The published version is available at: [https://dx.doi.org/10.1109/SERVICES.2015.40]. 8 p. application/pdf |
| institution |
Nanyang Technological University |
| building |
NTU Library |
| country |
Singapore |
| collection |
DR-NTU |
| language |
English |
| topic |
Query processing Relational databases |
| spellingShingle |
Query processing Relational databases Sidorov, Vasily Ng, Wee Keong Transparent Data Encryption for Data-in-Use and Data-at-Rest in a Cloud-Based Database-as-a-Service Solution |
| description |
With high and growing supply of Database-as-a-Service solutions from cloud platform vendors, many enterprises still show moderate to low demand for them. Even though migration to a DaaS solution might result in a significantly reduced bill for IT maintenance, data security and privacy issues are among the reasons of low popularity of these services. Such a migration is also often only justified if it could be done seamlessly, with as few changes to the system as possible. Transparent Data Encryption could help, but solutions for TDE shipped with major database systems are limited to securing only data-at-rest, and appear to be useless if the machine could be physically accessed by the adversary, which is a probable risk when hosting in the cloud. This paper proposes a different approach to TDE, which takes into account cloud-specific risks, extends encryption to cover data-in-use and partly data-in-motion, and is capable of executing large subsets of SQL including heavy relational operations, complex operations over attributes, and transactions. |
| author2 |
School of Computer Science and Engineering |
| author_facet |
School of Computer Science and Engineering Sidorov, Vasily Ng, Wee Keong |
| format |
Conference or Workshop Item |
| author |
Sidorov, Vasily Ng, Wee Keong |
| author_sort |
Sidorov, Vasily |
| title |
Transparent Data Encryption for Data-in-Use and Data-at-Rest in a Cloud-Based Database-as-a-Service Solution |
| title_short |
Transparent Data Encryption for Data-in-Use and Data-at-Rest in a Cloud-Based Database-as-a-Service Solution |
| title_full |
Transparent Data Encryption for Data-in-Use and Data-at-Rest in a Cloud-Based Database-as-a-Service Solution |
| title_fullStr |
Transparent Data Encryption for Data-in-Use and Data-at-Rest in a Cloud-Based Database-as-a-Service Solution |
| title_full_unstemmed |
Transparent Data Encryption for Data-in-Use and Data-at-Rest in a Cloud-Based Database-as-a-Service Solution |
| title_sort |
transparent data encryption for data-in-use and data-at-rest in a cloud-based database-as-a-service solution |
| publishDate |
2017 |
| url |
https://hdl.handle.net/10356/83217 http://hdl.handle.net/10220/42463 |
| _version_ |
1681036350180032512 |