Presentation is loading. Please wait.

Presentation is loading. Please wait.

Based on slides developed by Hakan Hacigumus, Bala Iyer, and Sharad Mehrotra ICDE 2002, San Jose, CA, USA Lecture 17: Providing Database as a Service Professor.

Published byLoraine Roberta Pitts Modified over 9 years ago

Similar presentations

Presentation on theme: "Based on slides developed by Hakan Hacigumus, Bala Iyer, and Sharad Mehrotra ICDE 2002, San Jose, CA, USA Lecture 17: Providing Database as a Service Professor."— Presentation transcript:

1 Based on slides developed by Hakan Hacigumus, Bala Iyer, and Sharad Mehrotra ICDE 2002, San Jose, CA, USA Lecture 17: Providing Database as a Service Professor Chen Li ICS 214B: Transaction Processing and Distributed Data Management

2 ICS214BNotes 172 Talk Outline Software as a Service Database as a Service NetDB2 System Challenges for Database as a Service User Interface Issues Performance Issues Data Privacy Issues Data Encryption in DBMSs for Data Privacy Conclusion

3 ICS214BNotes 173 Software as a Service Get … what you need when you need Pay … what you use Don’t worry … how to deploy, implement, maintain, upgrade

4 ICS214BNotes 174 Software as a Service Driving forces to paradigm shift Faster, cheaper, more accessible networks Rise of distributed architectures Virtualization in server and storage technologies Established e-business infrastructures Hardware/Software is not the largest in total cost of ownership User Operations 46% Technical Support24% Capital Cost (HW/SW) 21%(Source: Gartner Group) Hardware, software, network costs have been decreasing more sharply than personnel cost

5 ICS214BNotes 175 Software as a Service Already in the market as storage services, disaster recovery services, e-mail services, rent- a-spreadsheet services etc. Sun ONE, Oracle Online Services, Microsoft.NET My Services etc. Why not Database as a Service ?

6 ICS214BNotes 176 Database as a Service - Why? Organizations need data management DBMSs are complex systems to deploy, setup, maintain requires highly skilled people (DBAs etc.) with high cost

7 ICS214BNotes 177 Database as a Service - Offerings Inherits all advantages of software as a service, plus … Service provider allows mechanisms to create, store, access databases DB management transferred to service provider for backup, administration, restoration, space management, upgrades Clients use the services providers HW, SW, personnel instead of their own

8 ICS214BNotes 178 NetDB2 - Database Service Provision Developed in collaboration with University of California, Irvine and IBM Deployed on the Internet over a year ago Been used by 15 universities and more than 2500 students to help teaching database classes Currently offered through IBM Scholars Program

9 ICS214BNotes 179 NetDB2 System Architecture User (Web Browser) HTTP ServerDatabase (User Data) Backup/Recovery Standby System Servlet Engine Warm Standby Three tier architecture Client - as thin as possible - just a browser Java based implementation Backed by fail-over solutions Allows expansions and user driven integration for application development

10 ICS214BNotes 1710 Database as a Service - Issues Issues to address: User Interface Performance Data Privacy

11 ICS214BNotes 1711 User Interface Simple yet powerful supports SQL queries, scripts, UDFs, stored procedures, metadata, data upload Consistent Region-based composition Expansion/Integration User defined interfaces 4 2 3 1

12 ICS214BNotes 1712 Performance Interaction in a different medium - network Performance should -at least- match what we have already Experimented with TPC-H database and queries

13 ICS214BNotes 1713 Data Privacy Users give control of their data to service provider Attacks on stored data is a well known problem So, they need data security in place Security of data over the network is well studied SSL,TSL Establish security for stored data even it is stolen should not make sense  Encryption !

14 ICS214BNotes 1714 950007Sarah Brown50 850003Bob Drake43 900003Linda Cone41 400002John White20 SALARYDEPTIDNAMEID Encryption Alternatives Implementation Level Software v.s. Hardware encryption Granularity of Data Field (Attribute) level Row (Record) level (Disk) Page level ? 950007Dadsf$&%!Aq50 8500032We??#@$&&43 900003%25>LWe?#@41 400002Fg4$$xX@<+-20 SALARYDEPTIDNAMEID 950007Sarah Brown50 850003Bob Drake43 900003Linda Cone41 400002John White20 SALARYDEPTIDNAMEID 950007Sarah Brown50 850003Bob Drake43 %&*((@sFDdw?~$@33<?.%d(*##!@<<&&=+ 400002John White20 SALARYDEPTIDNAMEID 950007Sarah Brown50 850003Bob Drake43 900003Linda Cone41 400002John White20 SALARYDEPTIDNAMEID 0000000000 0000000000 0000000000 0000000000 00000000 <?.%d(*##!@%&*((@ <<&&=+sFDdw?~$@33 SALARYDEPTIDNAMEID $Sfsdf@_))#$dw?~$@33<?.%*##!@<<&&=+ %&*((@sFDdw? @<<&&=+~$@33<? ((@sFD ?~$<&&=+@33<?.% %&*((@sFDdwd(*##!@< iiiiiiiiiiiiiiiiiiiiiiiii iiiiiiiiiiiiiiiiiiiiiiiii iiiiiiiiiiiiiiiiiiiiiiiii iiiiiiiiiiiiiiiiiiiiiiiii iiiiiiiiiiiiiiiiiiii

15 ICS214BNotes 1715 Encryption Alternatives (2) Field level encryption Pros: Easier to implement and integrate Flexible Allows selective encryption, reduces number of bytes to encrypt/decrypt Cons: Increases encryption overhead significantly due to invocation cost Data size expansion (for block cipher algorithms) Current optimization technologies do not handle foreign functions well

16 ICS214BNotes 1716 Encryption Alternatives (3) Row level encryption Pros: Reduces the data size expansion problem Reduces invocation cost Better security because of total encryption Cons: Does not allow selective encryption, increases the number of bytes to encrypt/decrypt Implementation and integration can be hard when row functions are not supported

17 ICS214BNotes 1717 Encryption Alternatives (4) Page level encryption Pros: Significantly reduces encryption/decryption overhead due to reduced invocation cost Eliminates data size expansion problem (for block ciphers) Better security because of total encryption Cons: Implementation and integration is not straightforward Increases the number of bytes to encrypt/decrypt each time Higher update/delete cost, requires re-encryption of all affected pages

18 ICS214BNotes 1718 Experimented with TPC-H database and queries Encryption scheme alternatives (V: evaluated, ×: not evaluated) Encryption Alternatives Experiments Data Granularity ImplementationField LevelRow Level Page Level Software Encryption V × × Hardware Encryption × V V

19 ICS214BNotes 1719 Software - Field Level Encryption Block Cipher Algorithm - Blowfish Implemented as foreign function (UDF) Sample insert insert into lineitem (discount) values (encrypt(10,key)); Sample select select decrypt(discount,key) from lineitem where custid = 300;

20 ICS214BNotes 1720 Software - Field Level Encryption (2) Creator supplies the key Unauthorized person can not get hold of the key protection even from the service provider at some level User can easily implement different encryption algorithm and check that into the system different encryption algorithm/key can be used for different fields

21 ICS214BNotes 1721 Software - Field Level Encryption (3) Q#1 excluded TPC-H queries, except Q#1 * Only one field ( l_discount of lineitem table) encrypted Introduced very large overhead

22 ICS214BNotes 1722 TPC-H Query # 1 Problem: Multiple decryption on same field select l_returnflag, l_linestatus, sum(l_quantity) as sum_qty, sum(l_extendedprice) as sum_base_price, sum(l_extendedprice * (1 - l_discount)) as sum_disc_price, sum(l_extendedprice * (1 - l_discount) * (1 + l_tax)) as sum_charge, avg(l_quantity) as avg_qty, avg(l_extendedprice) as avg_price, avg(l_discount) as avg_disc, count(*) as count_order from tpcd.lineitem where l_shipdate <= date ('1998-12-01') - 90 day group by l_returnflag, l_linestatus order by l_returnflag, l_linestatus;

23 ICS214BNotes 1723 Query Rewrite to Improve Performance Problem: Multiple decryption on same field (e.g., TPC-H Q#1) CSE based algorithm to eliminate redundant decryptions Use temporary view

24 ICS214BNotes 1724 Hardware - Row Level Encryption Specialized hardware IBM S/390 Cryptographic Coprocessor under IBM OS/390 “editproc” facility invoked for “whole row” upon read/write request, encrypt/decrypt is invoked from hardware for the row

25 ICS214BNotes 1725 SW Field Level v.s. HW Row Level Experimented on TPC-H Q#1 Software Field Level: Only one field is encrypted Hardware Row Level: All fields are encrypted

26 ICS214BNotes 1726 Hardware - Page Level Encryption Page level encryption is simulated It gives significant improvement due to reduction in start-up cost

27 ICS214BNotes 1727 Conclusion Database as a Service is a new model to alleviates the need to hire professionals purchase expensive hardware/software deal with administrative and maintenance tasks It is viable model and can emerge as a successful offering Encryption is a solution for privacy -the most important issue- Hardware encryption has a clear superiority over software Hardware makes encryption practical for databases There are trade-offs for granularity of data

Download ppt "Based on slides developed by Hakan Hacigumus, Bala Iyer, and Sharad Mehrotra ICDE 2002, San Jose, CA, USA Lecture 17: Providing Database as a Service Professor."

Similar presentations

The Lucernex Cloud: A software-as-a-service solution delivered via the Cloud What is the Cloud? Cloud Computing is the future of all software applications,

The Lucernex Cloud: A software-as-a-service solution delivered via the Cloud What is the Cloud? Cloud Computing is the future of all software applications,
Database Architectures and the Web

Database Architectures and the Web
Database Administration and Security Transparencies 1.

Database Administration and Security Transparencies 1.
Transaction.

Transaction.
Adding scalability to legacy PHP web applications Overview Mario A. Valdez-Ramirez.

Adding scalability to legacy PHP web applications Overview Mario A. Valdez-Ramirez.
Technical Architectures

Technical Architectures
Monday, 08 June 2015Dr. Mohamed Osman1 What is Database Administration A high level function (technical Function) that is responsible for ► physical DB.

Monday, 08 June 2015Dr. Mohamed Osman1 What is Database Administration A high level function (technical Function) that is responsible for ► physical DB.
Integration of Applications MIS3502: Application Integration and Evaluation Paul Weinberg Adapted from material by Arnold Kurtz, David.

Integration of Applications MIS3502: Application Integration and Evaluation Paul Weinberg Adapted from material by Arnold Kurtz, David.
Jun Peng Stanford University – Department of Civil and Environmental Engineering Nov 17, 2000 DISSERTATION PROPOSAL A Software Framework for Collaborative.

Jun Peng Stanford University – Department of Civil and Environmental Engineering Nov 17, 2000 DISSERTATION PROPOSAL A Software Framework for Collaborative.
Copyright © 2007 Ramez Elmasri and Shamkant B. Navathe Slide 1- 1.

Copyright © 2007 Ramez Elmasri and Shamkant B. Navathe Slide 1- 1.
Oracle Database Administration. Rana Almurshed 2 course objective After completing this course you should be able to: install, create and administrate.

Oracle Database Administration. Rana Almurshed 2 course objective After completing this course you should be able to: install, create and administrate.
Chapter 1: The Database Environment

Chapter 1: The Database Environment
Greg Pierce| Concerto Cloud Services Which Cloud is Right for Microsoft CRM?

Greg Pierce| Concerto Cloud Services Which Cloud is Right for Microsoft CRM?
Introduction to Databases Transparencies 1. ©Pearson Education 2009 Objectives Common uses of database systems. Meaning of the term database. Meaning.

Introduction to Databases Transparencies 1. ©Pearson Education 2009 Objectives Common uses of database systems. Meaning of the term database. Meaning.
Database Design and Introduction to SQL

Database Design and Introduction to SQL
JVM Tehnologic Company profile & core business Founded: February 1992; –Core business: design and implementation of large software applications mainly.

JVM Tehnologic Company profile & core business Founded: February 1992; –Core business: design and implementation of large software applications mainly.
November 2009 Network Disaster Recovery October 2014.

November 2009 Network Disaster Recovery October 2014.
Cloud Computing for the Enterprise November 18th, 2011. This work is licensed under a Creative Commons.

Cloud Computing for the Enterprise November 18th, This work is licensed under a Creative Commons.
Chapter 10 : Designing a SQL Server 2005 Solution for High Availability MCITP Administrator: Microsoft SQL Server 2005 Database Server Infrastructure Design.

Chapter 10 : Designing a SQL Server 2005 Solution for High Availability MCITP Administrator: Microsoft SQL Server 2005 Database Server Infrastructure Design.
Data and Database Administration

Data and Database Administration

Similar presentations

Ads by Google