DB-SECaaS: a cloud-based protection system for document-oriented NoSQL databases

7Citations
Citations of this article
52Readers
Mendeley users who have this article in their library.

This article is free to access.

Abstract

The trend of cloud databases is leaning towards Not Only SQL (NoSQL) databases as they provide better support for scalable storage and quick retrieval of exponentially voluminous data. One of the more prominent types of NoSQL databases is document-based storage, which is being increasingly used in the dynamic cloud paradigm. However, there are inherent security issues in cloud, including remote data residency along with the non-existent control of owners over their own data. In addition to that, the inherent security features of most document-based NoSQL databases lack granular access control and robust confidentiality mechanisms. There is also a distinct lack of a comprehensive solution that effectively caters to all the security requirements of a document-oriented database in cloud. In order to overcome these issues, we propose a database security-as-a-service (DB-SECaaS) system over document-oriented database hosted in cloud, which provides authentication, fine-grained authorization, and encryption of the database objects, while ensuring that access to the data is granted only to authorized users on a need-to-know basis. The paper shows that the DB-SECaaS system strongly enhances the security of document-oriented databases on cloud, and it is thus expected to facilitate the industry to reap the benefits of NoSQL without worrying over security issues. In order to certify the abovementioned security enhancements, provided by DB-SECaaS, the paper also provides a formal analysis of DB-SECaaS using the Scyther model checker. As a proof of concept, the core functionalities of the protocol, i.e., authorization, authentication, and encryption, are formally modeled in Scyther to formally verify that the proposed framework mitigates privacy and security concerns.

Cite

CITATION STYLE

APA

Ghazi, Y., Masood, R., Rauf, A., Shibli, M. A., & Hassan, O. (2016). DB-SECaaS: a cloud-based protection system for document-oriented NoSQL databases. Eurasip Journal on Information Security, 2016(1). https://doi.org/10.1186/s13635-016-0040-5

Register to see more suggestions

Mendeley helps you to discover research relevant for your work.

Already have an account?

Save time finding and organizing research with Mendeley

Sign up for free