A Distributed Approach to Privacy on the Cloud

TL;DR

This paper proposes a novel distributed database approach for cloud privacy, combining client and cloud storage with fine-grained access control, demonstrated through a proof-of-concept implementation and benchmarks.

Contribution

It introduces a new distributed, partitioned database model with secure sharing and fine-grained access control tailored for cloud privacy challenges.

Findings

The approach effectively preserves data privacy in cloud environments.

The proof-of-concept demonstrates practical feasibility and performance benefits.

Benchmarks show the method overcomes key privacy and access control issues.

Abstract

The increasing adoption of Cloud-based data processing and storage poses a number of privacy issues. Users wish to preserve full control over their sensitive data and cannot accept it to be fully accessible to an external storage provider. Previous research in this area was mostly addressed at techniques to protect data stored on untrusted database servers; however, I argue that the Cloud architecture presents a number of specific problems and issues. This dissertation contains a detailed analysis of open issues. To handle them, I present a novel approach where confidential data is stored in a highly distributed partitioned database, partly located on the Cloud and partly on the clients. In my approach, data can be either private or shared; the latter is shared in a secure manner by means of simple grant-and-revoke permissions. I have developed a proof-of-concept implementation using an in-memory RDBMS with row-level data encryption in order to achieve fine-grained data access control. This type of approach is rarely adopted in conventional outsourced RDBMSs because it requires several complex steps. Benchmarks of my proofof-concept implementation show that my approach overcomes most of the problems.