Secure NoSQL Over Cloud Using Data Decomposition and Queryable Encryption

Abstract

NoSQL-based databases are attractive to store and manage big data, mainly due to high scalability and data modeling flexibility. However, security in NoSQL-based databases is not as compared to the SQL-based relational databases, which raises concerns for users. Specifically, the security of data-at-rest is of serious concern for the users, who deploy their databases on the cloud, because any unauthorized access to the servers will expose the data easily. There have been some efforts to enable encryption for data at rest for NoSQL-based databases. However, most of the existing solutions do not support secure query processing and are difficult to integrate with the applications. In our work, we address the NoSQL data-at-rest security issue by proposing a system which decomposes a given database into two sub-databases. Then encrypt the data, support secure query processing, and enable seamless integration with NoSQL-based databases. The proposed solution for the data at rest is based on a combination of Chaotic Encryption (CE), Order Preserving Encryption (OPE), and Advanced Encryption Standard (AES). The database decomposition into two sub-databases helps to improve data confidentiality while providing comparable performance to the state-of-the-art baseline method.