Presentation is loading. Please wait.

Presentation is loading. Please wait.

Secure Database in cloud

Published byΣαῦλος Άιμον Σπανός Modified over 6 years ago

Similar presentations

Presentation on theme: "Secure Database in cloud"— Presentation transcript:

1 Secure Database in cloud
PART 1 Mohammad Ahmadian COP-6087 University of Central Florida

2 Agenda Motivation Database in AWS Approaches to reduce risk SUNDE
DBCrypt SQL-aware Encryption Threats Case studies Performance Evaluation Contribution Weakness Improvement COP 6087 Cloud comptation Tuesday, November 27, 2018Tuesday, November 27, 2018

3 Motivation Unencrypted databases can be very unsecure
Attackers, malicious admins, hosting providers Snoop on private data: Health records, Financial Statements Current encrypted systems are either client- side or computationally expensive

4 Database service in AWS
DynamoDB  SimpleDB RDS MySQL in EC2 DynamoDB : DynamoDB is a fast, fully managed Non SQL database service that makes it simple and cost-effective to store and retrieve any amount of data, and serve any level of request traffic. All data items are stored on Solid State Drives (SSDs), and are replicated across 3 Availability Zones for high availability and durability. With DynamoDB, you can offload the administrative burden of operating and scaling a highly available distributed database cluster, while paying a low price for only what you use. (A NoSQL database provides a mechanism for storage and retrieval of data that employs less constrained consistency models than traditional relational databases. Motivations for this approach include simplicity of design, horizontal scaling and finer control over availability. NoSQL databases are often highly optimized key–value stores intended for simple retrieval and appending operations, with the goal being significant performance benefits in terms of latency and throughput. NoSQL databases are finding significant and growing industry use in big data and real-time web applications. NoSQL systems are also referred to as "Not only SQL" to emphasize that they do in fact allow SQL-like query languages to be used.) Amazon SimpleDB Amazon SimpleDB is a highly available and flexible non-relational data store that offloads the work of database administration. Developers simply store and query data items via web services requests and Amazon SimpleDB does the rest. Unbound by the strict requirements of a relational database, Amazon SimpleDB is optimized to provide high availability and flexibility, with little or no administrative burden. Behind the scenes, Amazon SimpleDB creates and manages multiple geographically distributed replicas of your data automatically to enable high availability and data durability. The service charges you only for the resources actually consumed in storing your data and serving your requests. You can change your data model on the fly, and data is automatically indexed for you. With Amazon SimpleDB, you can focus on application development without worrying about infrastructure provisioning, high availability, software maintenance, schema and index management, or performance tuning. Relational Database Service (Amazon RDS) RDS is a web service that makes it easier to set up, operate, and scale a relational database in the cloud. It provides cost-efficient, resizable capacity for an industry-standard relational database and manages common database administration tasks. When you buy a server, you get CPU, memory, storage, and IOPS, all bundled together. With Amazon RDS, these are split apart so that you can scale them independently. So, for example, if you need more CPU, less IOPS, or more storage, you can easily allocate them. Amazon RDS manages backups, software patching, automatic failure detection, and recovery. In order to deliver a managed service experience, Amazon RDS does not provide shell access to DB instances, and it restricts access to certain system procedures and tables that require advanced privileges. You can have automated backups performed when you need them, or create your own backup snapshot. These backups can be used to restore a database, and Amazon RDS's restore process works reliably and efficiently. You can get high availability with a primary instance and a synchronous secondary instance that you can failover to when problems occur. You can also use MySQL read replicas to increase read scaling. You can use the database products you are already familiar with: MySQL, Oracle, and Microsoft SQL Server. In addition to the security in your database package, you can help control who can access your RDS databases by using AWS IAM to define users and permissions. You can also help protect your databases by putting them in a virtual private cloud. IOPS is a common performance measurement used to benchmark computer storage devices like hard disk drives, solid state drives, and storage area networks.

5 Solutions Encrypting all sensitive data in database
DBCrypt: execute queries that SQL over encrypted data. The biggest challenge is providing efficiency and adequate confidentiality. Strong cryptosystems like AES would prevent DBMS server from executing many SQL queries, such that ask for number of employees whose salary is greater than $60000 DBCrypt addresses two threats. The first threat is a curious database administrator (DBA) who tries to learn private data (e.g., health records, financial statements, personal information) by snooping on the DBMS server; here, DBCrypt prevents the DBA from learning private data. The second threat is an adversary that gains complete control of application and DBMS servers. In this case, DBCrypt cannot provide any guarantees for users that are logged into the application during an attack, but can still ensure the confidentiality of logged-out users’ data.

6 SUNDR(Secure Untrusted Data Repository)
Encrypting all sensitive data in database Advantage: It reduce damage caused by server compromises Disadvantages: All computation (application logic) runs on clients. Other applications not support this approach For instance database-backed web sites that process queries not supports this approach

7 DBCrypt Intermediate point between DBMS and application server
Executes queries over encrypted data Efficiently supports SQL queries Equality checks, sums, joins, etc Supports most relational queries Symmetric Encryption MySQL 5.1 C++ & PHP

8 Integration of Encryption and Query Processing
Users have a plaintext view of an encrypted database I strictly will focus on the OPES algorithms in my next presentation Comparison operators are directly applied over encrypted columns Queries Plaintext queries are translated into equivalent queries over encrypted data Select name from Emp where sal > Translation layer Select decrypt (“xsxx”) from “cwlxss” where “xescs” > OPESencrypt(100000) DBMS Tables are encrypted using standard as well as order preserving encryption Encrypted data And metadata

9 Evalution Works for 99.5% of columns used by MIT applications
Low overhead Reduced throughput by only 14.5% for phpBB forum and by 26% for TPC-C 6 applications running on secure database

10 Database Management System Proxy
Intercepts all queries Encrypts & decrypts data Hides decryption keys from DBMS Prevents access to logged out users’ data Can’t prevent deletion of data or maintain integrity of application

11 Threat 1: DBMS Compromise
Attacker: (Passive) Malicious admin or attacker with access to DBMS More likely to read or leak data than to alter or delete Goal: Confidentiality Approach DBCrypt encrypts queries and inserted data Encrypts meta-data

12 Threat 1: DBMS Compromise
Guarantees Sensitive data is not plaintext readable by DBMS DBMS can’t read results of queries not requested by DBCrypt Can’t Hide Table structure, number of rows, column types, column relationships

13 Queries over Encrypted Data
Proxy intercepts and rewrites query anonymizes table and cloumn names Encrypts using a master Secret Key Passes new query to DBMS Decrypts query results and returns it to the application

14 Example

15 Queries over Encrypted Data
Different Layers of encryption depending on query type

16 SQL-aware Encryption Random Deterministic
Maximum security (AES or Blowfish) Indistinguishable under an adaptive chosen- plaintext attack Deterministic Generates same ciphertext for the same plaintext Allows server to perform equality checks (equality JOINs, GROUP BY, COUNT, DISTINCT)

17 SQL-aware Encryption Order-preserving encryption Join Word Search
If x < y, then OPE(x) < OPE(y) Allows for ORDER BY, MIN, MAX, SORT Join Prevents cross-column correlations exposed by Deterministic encryption Word Search Allows for searching over encrypted text (LIKE) Only full-word, can’t support regex

18 Adjustable Query-based Encryption
Adjust layer of encryption based on query needs

19 Threat 2: Arbitrary Threats
Attacker compromises application server, DBCrypt proxy, or DBMS Solution: Encrypt different data with different keys – e.g. data belonging to different users Developers annotate DB schema to indicate how each data item should be decrypted Maintains security from threat 1

20 Example

21 Threat 2: Arbitrary Threats
Key chaining & public key encryption allow different groups or users access to the same information Sub-forum that is hidden to non-group members Private messages between two users Only access data for logged in users

22 Case Studies phpBB HotCRP Opensource forum
Users & groups with varied access permissions to messages, forums, posts HotCRP Conference review application Users restricted from viewing who reviewed papers Currently, vanilla HotCRP cannot prevent a conference chair from viewing confidential information, so many conferences setup second server

23 Case Studies Grad-apply Graduate admissions system used by MIT EECS
An applicant’s data can only be viewed by applicant and reviewing faculty Applicant can’t view letters of recommendation

24 Application Changes

25 Functional Evaluation

26 Performance Evaluation (TPC-C)

27 Performance Evaluation (phpBB)
10 parallel clients

28 Contribution Layer of security for typical databases that guarantees a certain level of confidentiality for different threats

29 Weaknesses Cannot support both computation and comparison on the same column E.g. WHERE salary > employment_length*1200 In multi-key mode, cannot support server- side computations on encrypted data affecting multiple entities

30 Improvement Add features to secure Integrity of data in addition to Confidentiality Perhaps impractical Add both comparison and Computation in one query

31 Questions?

32 PART ii OPE FHE(HOM)

Download ppt "Secure Database in cloud"

Similar presentations

Creating HIPAA-Compliant Medical Data Applications with Amazon Web Services Presented by, Tulika Srivastava Purdue University.

Creating HIPAA-Compliant Medical Data Applications with Amazon Web Services Presented by, Tulika Srivastava Purdue University.
Database Architectures and the Web

Database Architectures and the Web
Oracle Data Guard Ensuring Disaster Recovery for Enterprise Data

Oracle Data Guard Ensuring Disaster Recovery for Enterprise Data
Barracuda Backup Service Data Backup and Disaster Recovery.

Barracuda Backup Service Data Backup and Disaster Recovery.
Microsoft Load Balancing and Clustering. Outline Introduction Load balancing Clustering.

Microsoft Load Balancing and Clustering. Outline Introduction Load balancing Clustering.
Cloud Computing for the Enterprise November 18th, 2011. This work is licensed under a Creative Commons.

Cloud Computing for the Enterprise November 18th, This work is licensed under a Creative Commons.
Chapter 10 : Designing a SQL Server 2005 Solution for High Availability MCITP Administrator: Microsoft SQL Server 2005 Database Server Infrastructure Design.

Chapter 10 : Designing a SQL Server 2005 Solution for High Availability MCITP Administrator: Microsoft SQL Server 2005 Database Server Infrastructure Design.
Managing Multi-User Databases AIMS 3710 R. Nakatsu.

Managing Multi-User Databases AIMS 3710 R. Nakatsu.
Jim McLeod MyDBA  SQL Server Performance Tuning Consultant with MyDBA  Microsoft Certified Trainer with SQLskills Australia 

Jim McLeod MyDBA  SQL Server Performance Tuning Consultant with MyDBA  Microsoft Certified Trainer with SQLskills Australia 
Cloud Computing. What is Cloud Computing? Cloud computing is a model for enabling convenient, on-demand network access to a shared pool of configurable.

Cloud Computing. What is Cloud Computing? Cloud computing is a model for enabling convenient, on-demand network access to a shared pool of configurable.
Mohammad Ahmadian COP-6087 University of Central Florida.

Mohammad Ahmadian COP-6087 University of Central Florida.
CS525: Special Topics in DBs Large-Scale Data Management Hadoop/MapReduce Computing Paradigm Spring 2013 WPI, Mohamed Eltabakh 1.

CS525: Special Topics in DBs Large-Scale Data Management Hadoop/MapReduce Computing Paradigm Spring 2013 WPI, Mohamed Eltabakh 1.
1 Moshe Shadmon ScaleDB Scaling MySQL in the Cloud.

1 Moshe Shadmon ScaleDB Scaling MySQL in the Cloud.
INFO1408 Database Design Concepts Week 15: Introduction to Database Management Systems.

INFO1408 Database Design Concepts Week 15: Introduction to Database Management Systems.
CSCI 3140 Module 6 – Database Security Theodore Chiasson Dalhousie University.

CSCI 3140 Module 6 – Database Security Theodore Chiasson Dalhousie University.
CS525: Big Data Analytics MapReduce Computing Paradigm & Apache Hadoop Open Source Fall 2013 Elke A. Rundensteiner 1.

CS525: Big Data Analytics MapReduce Computing Paradigm & Apache Hadoop Open Source Fall 2013 Elke A. Rundensteiner 1.
MGA Duplica Replication Tool. 1. High Availability and Avoidance of Data Loss  Replicate to alternate databases 2. Split activities across databases.

MGA Duplica Replication Tool. 1. High Availability and Avoidance of Data Loss  Replicate to alternate databases 2. Split activities across databases.
Database Security Cmpe 226 Fall 2015 By Akanksha Jain Jerry Mengyuan Zheng.

Database Security Cmpe 226 Fall 2015 By Akanksha Jain Jerry Mengyuan Zheng.
Introduction.  Administration  Simple DBMS  CMPT 454 Topics John Edgar2.

Introduction.  Administration  Simple DBMS  CMPT 454 Topics John Edgar2.
CryptDB: Protecting Confidentiality with Encrypted Query Processing

CryptDB: Protecting Confidentiality with Encrypted Query Processing

Similar presentations

Ads by Google