Enhancing a Database Security Model for Cloud Computing by Nour Saad

Abstract

This thesis provides a set of techniques that can preserve large Data sets. These techniques deal with large data set independent on where data is stored, also can prove copyright, ownership, and integrity. Data can be stored on entire database engines inside a given business borders or even in a data ser- vice over the cloud. This thesis introduce namely (1)Watermarking Rational Database with Non Repudiation (WRDN) ,(2)Enhanced Watermarking Tech- nique for Rational Database with non-repudiation (EWRDN), (3)Enhanced Watermarking Approach for Secure Database Service. WRDN protect the ownership of relational database by adding only one hidden column. The calculation of this formula is based on the values of other numeric and textual columns. Moreover, it traces the updated data made by each users. It survives by 100% against insertion and deletion attacks. At the same time, it fails in case of alternation attacks. So, some changes needed to be made in order to save data over traditional DBMS engine and Cloud environment. EWRDN is based on a set of enhancements for the WRDN approach. It improves space complexity by 56% of original WRDN system with the same time complexity. Moreover, EWRDN as a di erentiated quality service has been proven to provide two di erent data compression qualities. It has been proven that the arithmetic encoding has a xed recovery ratio equal to one. At the same time, the transform encoding saves space and consumed less time to recover data. EWRDN service works as a trusted third party between clients and service providers. It guarantees data integrity and non repudiation. It recovers data to its origin in case of errors or unauthorized changes happened. Moreover, it gives data owner more controlling capabilities for their data, by tracing user's activities. Security for data exchange and Trust between the service providers and clients re very important concerns in cloud environments. EWRDN service provides data security means as integrity, secrecy, non repudiation and pri- vacy using data watermarking and compression techniques. As a service, it iii consider exchanging data through many could services. Moreover, it gives the users the ability to recover data, if suspected changes happened using a Digital Signature Standard (DSS). It is proposed to be a part of the Service Oriented Architecture (SOA) of a Trusted Third Party (TTP). Until now and to the best of our knowledge, EWRDN service is not realized in a real cloud environment. A real implementation for EWRDN Service inside a TTP SOA is elaborated. The results have shown that, the proposed service coordina- tion can provide protection against all of the experienced database security threats. Nevertheless, other performance issues like the required time and space of handling data have been analyzed showing a high achieved perfor- mance of the proposed service.