Secured data destruction in cloud based multi-tenant database architecture

2014 International Conference on Computer Communication and Informatics Pub Date : 2014-10-16 DOI:10.1109/ICCCI.2014.6921774

M. Vanitha, C. Kavitha

{"title":"Secured data destruction in cloud based multi-tenant database architecture","authors":"M. Vanitha, C. Kavitha","doi":"10.1109/ICCCI.2014.6921774","DOIUrl":null,"url":null,"abstract":"Cloud computing falls into two general categories. Applications being delivered as service and hardware and data centers that provides those services [1]. Cloud storage evolves from just a storage model to a new service model where data is being managed, maintained, and stored in multiple remote severs for back-up reasons. Cloud platform server clusters are running in network environment and it may contain multiple users' data and the data may be scattered in different virtual data centers. In a multi-user shared cloud computing platform users are only logically isolated, but data of different users may be stored in same physical equipment. These equipments can be rapidly provisioned, implemented, scaled up or down and decommissioned. Current cloud providers do not provide the control or at least the knowledge over the provided resources to their customers. The data in cloud is encrypted during rest, transit and back-up in multi tenant storage. The encryption keys are managed per customer. There are different stages of data life cycle Create, Store, Use, Share, Archive and Destruct. The final stage is overlooked [2], which is the complex stage of data in cloud. Data retention assurance may be easier for the cloud provider to demonstrate while the data destruction is extremely difficult. When the SLA between the customer and the cloud provider ends, today in no way it is assured that the particular customers' data is completely destroyed or destructed from the cloud provider's storage. The proposed method identifies way to track individual customers' data and their encryption keys and provides solution to completely delete the data from the cloud provider's multi-tenant storage architecture. It also ensures deletion of data copies as there are always possibilities of more than one copy of data being maintained for back-up purposes. The data destruction proof shall also be provided to customer making sure that the owner's data is completely removed.","PeriodicalId":244242,"journal":{"name":"2014 International Conference on Computer Communication and Informatics","volume":"298 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2014-10-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"2","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2014 International Conference on Computer Communication and Informatics","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ICCCI.2014.6921774","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 2

Abstract

Cloud computing falls into two general categories. Applications being delivered as service and hardware and data centers that provides those services [1]. Cloud storage evolves from just a storage model to a new service model where data is being managed, maintained, and stored in multiple remote severs for back-up reasons. Cloud platform server clusters are running in network environment and it may contain multiple users' data and the data may be scattered in different virtual data centers. In a multi-user shared cloud computing platform users are only logically isolated, but data of different users may be stored in same physical equipment. These equipments can be rapidly provisioned, implemented, scaled up or down and decommissioned. Current cloud providers do not provide the control or at least the knowledge over the provided resources to their customers. The data in cloud is encrypted during rest, transit and back-up in multi tenant storage. The encryption keys are managed per customer. There are different stages of data life cycle Create, Store, Use, Share, Archive and Destruct. The final stage is overlooked [2], which is the complex stage of data in cloud. Data retention assurance may be easier for the cloud provider to demonstrate while the data destruction is extremely difficult. When the SLA between the customer and the cloud provider ends, today in no way it is assured that the particular customers' data is completely destroyed or destructed from the cloud provider's storage. The proposed method identifies way to track individual customers' data and their encryption keys and provides solution to completely delete the data from the cloud provider's multi-tenant storage architecture. It also ensures deletion of data copies as there are always possibilities of more than one copy of data being maintained for back-up purposes. The data destruction proof shall also be provided to customer making sure that the owner's data is completely removed.

查看原文本刊更多论文

基于云的多租户数据库架构中的安全数据销毁

云计算分为两大类。作为服务、硬件和提供这些服务的数据中心交付的应用程序[1]。云存储从仅仅是一种存储模型演变为一种新的服务模型，在这种模型中，数据被管理、维护和存储在多台远程服务器上，用于备份。云平台服务器集群运行在网络环境中，可能包含多个用户的数据，这些数据可能分散在不同的虚拟数据中心。在多用户共享云计算平台中，用户只是在逻辑上相互隔离，不同用户的数据可能存储在同一物理设备中。这些设备可以快速配置、实施、扩大或缩小以及退役。当前的云提供商不向其客户提供对所提供资源的控制，至少不提供对所提供资源的了解。云中的数据在休息、传输和备份期间在多租户存储中进行加密。加密密钥是按客户管理的。数据生命周期有不同的阶段:创建、存储、使用、共享、存档和销毁。最后一个阶段被忽略了[2]，这是数据在云中的复杂阶段。对于云提供商来说，数据保留保证可能更容易演示，而数据销毁则极其困难。今天，当客户和云提供商之间的SLA终止时，无法保证特定客户的数据从云提供商的存储中被完全销毁或销毁。该方法确定了跟踪单个客户数据及其加密密钥的方法，并提供了从云提供商的多租户存储架构中完全删除数据的解决方案。它还确保删除数据副本，因为总是有可能为备份目的而保留多个数据副本。还应向客户提供数据销毁证明，以确保所有者的数据被完全删除。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

2014 International Conference on Computer Communication and Informatics

自引率

0.00%

发文量