SECURE QUERY PROCESSING in CLOUD NoSQL Mohammad Ahmadian ahmadian@knights.ucf.edu University of Central Florida April 9, 2017 Mohammad Ahmadian (UCF) Secure NoSQL April 9, 2017 1 / 42
Goal Research goal is to find an answer to: Is it possible to delegate processing of a private data to third-party without getting revealed? Mohammad Ahmadian (UCF) Secure NoSQL April 9, 2017 2 / 42
Outline Introduction & motivation 1 NoSQL data models Cryptosystems for outsourced data 2 Threat Model 3 RELATED WORK 4 JSON And BSON 5 SecureNoSQL-contributions 6 Future work 7 References 8 Mohammad Ahmadian (UCF) Secure NoSQL April 9, 2017 3 / 42
Introduction DBaaS is a cloud-based approach to the storage and management of structured data. DBaaS delivers all database functionality plus benefited from being cloud-based to provide: 1 Flexible, scalable, on-demand platform 2 Easy management, self-service, provisioning 3 Performance monitoring and data analytics information 4 The environmental benefits of moving to the cloud 5 Charge back for database usage Mohammad Ahmadian (UCF) Secure NoSQL April 9, 2017 4 / 42
DBaaS Cloud database a a service There are two groups of database services in the cloud DBaaS portfolio: Relational Database NoSQL (Not only SQL) That was kind of hard to imagine to have a time without relation database because of many benefits it brought such as persistence, integration, SQL, concurrent transactions. RDBMS also have some problems: Mohammad Ahmadian (UCF) Secure NoSQL April 9, 2017 5 / 42
DBaaS - RDBMS cons I 1- Impedance mismatch Mapping logical objects to tables and vice versa creates a performance disadvantage when you have complex data Mapping objects to tables. Mohammad Ahmadian (UCF) Secure NoSQL April 9, 2017 6 / 42
DBaaS - RDBMS cons II 2- Scalability Scale up vs scale out Scale up (Vertical) Expensive Reliability Hard to maintain Easy to grow Technical limits Easy to maintain Single Point Of Flexible Failure Scale out (Horizontal) Mohammad Ahmadian (UCF) Secure NoSQL April 9, 2017 7 / 42
Introduction- Cons of DBaaS According to 2016 report of Cloud Security Alliance (CSA), data security is the main preventative reason for organizations to avoid cloud computing. Mohammad Ahmadian (UCF) Secure NoSQL April 9, 2017 8 / 42
Introduction- Data Models For NoSQL Data Models For NoSQL Databases: 1 Key-value stores: A dictionary DS where a key uniquely identifies the value. 2 Column-family stores: Data are stored in rows and each row has a unique key and set of columns. Mohammad Ahmadian (UCF) Secure NoSQL April 9, 2017 9 / 42
Introduction- Data Models For NoSQL Data Models For NoSQL Databases: 1 Key-value stores: A dictionary DS where a key uniquely identifies the value. 2 Column-family stores: Data are stored in rows and each row has a unique key and set of columns. Mohammad Ahmadian (UCF) Secure NoSQL April 9, 2017 9 / 42
Introduction- Data models for NoSQL 3 Document stores: Data are stored in internal structure (Document) to offer higher level of granularity. Each document has a unique key to identify. 4 Graph Databases: This model is based on graph and can used to represent complex structures and highly connected data. Mohammad Ahmadian (UCF) Secure NoSQL April 9, 2017 10 / 42
Introduction- Data models for NoSQL 3 Document stores: Data are stored in internal structure (Document) to offer higher level of granularity. Each document has a unique key to identify. 4 Graph Databases: This model is based on graph and can used to represent complex structures and highly connected data. Mohammad Ahmadian (UCF) Secure NoSQL April 9, 2017 10 / 42
Cryptosystems for outsourced data Data in the cloud can be in one of three states: 1 Store : Encryption of data before uploading to the Cloud. 2 Transit : Communication channels can be secured by using the standard HTTP over Secure Socket Layer (SSL). In addition, the endpoint authentication feature of the SSL protocol makes it possible to ensure clients are communicating with an authentic cloud server. 3 Process : Data owner should disclose decryption key to the server in order to decrypt the data before performing any required operation. The problem is when the decryption key is compromised, the data confidentiality would be affected. Therefore, in the cloud computing model, new set of cryptosystems is required. Mohammad Ahmadian (UCF) Secure NoSQL April 9, 2017 11 / 42
Cryptosystems for outsourced data Data in the cloud can be in one of three states: 1 Store : Encryption of data before uploading to the Cloud. 2 Transit : Communication channels can be secured by using the standard HTTP over Secure Socket Layer (SSL). In addition, the endpoint authentication feature of the SSL protocol makes it possible to ensure clients are communicating with an authentic cloud server. 3 Process : Data owner should disclose decryption key to the server in order to decrypt the data before performing any required operation. The problem is when the decryption key is compromised, the data confidentiality would be affected. Therefore, in the cloud computing model, new set of cryptosystems is required. Mohammad Ahmadian (UCF) Secure NoSQL April 9, 2017 11 / 42
Cryptosystems for outsourced data Data in the cloud can be in one of three states: 1 Store : Encryption of data before uploading to the Cloud. 2 Transit : Communication channels can be secured by using the standard HTTP over Secure Socket Layer (SSL). In addition, the endpoint authentication feature of the SSL protocol makes it possible to ensure clients are communicating with an authentic cloud server. 3 Process : Data owner should disclose decryption key to the server in order to decrypt the data before performing any required operation. The problem is when the decryption key is compromised, the data confidentiality would be affected. Therefore, in the cloud computing model, new set of cryptosystems is required. Mohammad Ahmadian (UCF) Secure NoSQL April 9, 2017 11 / 42
Threat models Threat Model : We investigate cloud threat model from the adversarial prospective which is a holistic process based on end-to-end security. The model identifies two classes of threats. External attacker :An attacker from the outside of cloud environment might obtain unauthorized access to the data. Cloud malicious insiders : Unauthorized access to data by the cloud internals Mohammad Ahmadian (UCF) Secure NoSQL April 9, 2017 12 / 42
Threat models Threat Model : We investigate cloud threat model from the adversarial prospective which is a holistic process based on end-to-end security. The model identifies two classes of threats. External attacker :An attacker from the outside of cloud environment might obtain unauthorized access to the data. Cloud malicious insiders : Unauthorized access to data by the cloud internals Mohammad Ahmadian (UCF) Secure NoSQL April 9, 2017 12 / 42
Cryptosystems- Deterministic (DET) DET scheme always produces the same ciphertext for an identical pair of given plaintext and key. 1 DET leaks information about ciphertext of same plaintext. DET enables server to process pipeline aggregation stages such as group, count, retrieving distinct values and equality match 2 on the fields within an embedded document. The embedded document can maintain the link with the primary document through application of DET encryption. See Equation 1. Deterministic Encryption for j = 1 . . . n ; C j = E k ( P j ); P j = D k ( C j ) (1) 1 Block ciphers in Electronic Code Book (ECB) mode with a constant IV are DET. 2 Equality matches over common fields in an embedded document will select documents in the collection containing fields with specified values. Mohammad Ahmadian (UCF) Secure NoSQL April 9, 2017 13 / 42
Cryptosystems- Random (RND) RND scheme (probabilistic) encryption, the same message with the same key yields different ciphertext.This randomness provides the highest level of security and different encryption algorithms provide RND property. 3 RND type schemes are semantically secure against chosen plaintext attacks and hides all kind of information about ciphertext. RND scheme does not allow any efficient computation on the ciphertext. 4 Random Encryption C 1 = E k ( P 1 ⊕ IV ) , P 1 = IV ⊕ D k ( C 1 ) (2) for j = 2 . . . n ; C j = E k ( P j ⊕ C j − 1 ) , P j = C j − 1 ⊕ D k ( C j ) 3 AES in Cipher Block Chaining (CBC) mode is used for RND. AES with a key size of 128,192 or 256 bits and with a block size of 128 bits. 4 Where: E k is the Enc., D k is the Dec., k is secret key P is plaintext and C is ciphertext. Mohammad Ahmadian (UCF) Secure NoSQL April 9, 2017 14 / 42
Cryptosystems- Order-Preserving Encryption (OPE) OPE projects the order relation between plaintext data elements to their ciphertext values. OPE leaks the order of ciphertext, so it supports a lower degree of security. Order-Preserving Encryption ∀ x , y | x , y ∈ Data Domain (3) x < y = ⇒ OPE k ( x ) < OPE k ( y ) An efficient inequality comparisons on the encrypted data elements can be performed by applying OPE which supports range queries, comparison, Min(), Max() on the ciphertext. Mohammad Ahmadian (UCF) Secure NoSQL April 9, 2017 15 / 42
Recommend
More recommend