English  |  正體中文  |  简体中文  |  Post-Print筆數 : 27 |  Items with full text/Total items : 94020/124474 (76%)
Visitors : 29062674      Online Users : 189
RC Version 6.0 © Powered By DSPACE, MIT. Enhanced by NTU Library IR team.
Scope Tips:
  • please add "double quotation mark" for query phrases to get precise results
  • please goto advance search for comprehansive author search
  • Adv. Search
    HomeLoginUploadHelpAboutAdminister Goto mobile version
    Please use this identifier to cite or link to this item: http://nccur.lib.nccu.edu.tw/handle/140.119/128990


    Title: 公有雲資料庫委外安全保護機制:CryptDB與Fragmentation的比較
    Public Cloud Database Outsourcing Security Protection Mechanism:Comparison of CryptDB with Fragmentation
    Authors: 陳柏廷
    Chen, Bo-Ting
    Contributors: 胡毓忠
    Hu, Yuh-Jong
    陳柏廷
    Chen, Bo-Ting
    Keywords: 雲端
    隱私
    Cloud
    Privacy
    CryptDB
    Fragmentation
    Date: 2020
    Issue Date: 2020-03-02 11:37:49 (UTC+8)
    Abstract: 雲端服務是近年各企業相當重視的資訊系統應用,現今的網路環境,為了更方便、快速分享佈署資料、應用服務和同時兼顧儲存成本和提升效率,從個人到企業逐漸選擇把資料移往雲端存放,利用雲端服務協助完成工作。現在一般使用者在操作電腦時,大多數會額外安裝防毒軟體和防火牆,原因是使用者已經了解到保護資料對個人隱私的重要,同樣當把資料上傳至雲端後,因資料不再受到使用者的管控,而是由雲端平台服務商全權管理,對安全的顧慮更加提高,系統服務商該如何保護客戶的資料完整、隱私和可用性,是每位雲端服務使用者最重視的部分。

    本研究將透過兩種公有雲資料庫保護方式:CryptDB與Fragmentation,探討企業如何在雲端環境保護委外資料的運作,同時能符合機密、完整、可用性的資安三要條件,以及在儲存管理、數據操作、使用流程上的差異比較,給予建置資料庫時的建議與選擇判斷,藉此提供具體貢獻。
    During the past few years, cloud service is an information system application that enterprises pay great attention to. In today's network environment, to make it easier and faster to share deployed data, application services, and to balance storage costs and efficiency, individuals and businesses are choosing to move data to the cloud and use cloud services to help you get the job done. Store and use the cloud service to assist with the work. Nowadays, the general public use computers and most of them will install anti-virus software and firewalls. The reason is that users have learned that protecting data is important to personal privacy. Similarly, when data is uploaded to the cloud, data is no longer controlled by users. It is managed by the cloud platform service provider and the security concerns are further enhanced. How the system service provider can protect the customer's data integrity, privacy and availability is the most important part of every cloud service user.

    In this study will use two public cloud database protection methods: CryptDB and Fragmentation to explore how companies can operate outsourced data in the cloud while meeting the three essential conditions of confidentiality, integrity, and availability, as well as the comparison of differences in storage management, data operation, and usage processes. Give specific contributions by giving advice and choice to build a database.
    Reference: [1] “Cisco Visual Networking Index: Forecast and Trends, 2017–2022 White Paper,” https://www.cisco.com/c/en/us/solutions/collateral/service-provider/visual-networking-index-vni/white-paper-c11-741490.html, accessed: 2019-10-10.

    [2] R. A. Popa et al., “Cryptdb: Protecting confidentiality with encrypted query processing,” in Proceedings of the Twenty-Third ACM Symposium on Operating Systems Principles, ser. SOSP ’11. New York, NY, USA: ACM, 2011, pp. 85–100. [Online]. Available: http://doi.acm.org/10.1145/2043556.2043566

    [3] S. D. C. di Vimercati et al., “Encryption and fragmentation for data confidentiality in the cloud,” Lecture Notes in Computer Science, vol. 8604, pp.212–243, 2012.

    [4] S. De Capitani di Vimercati et al., “Fragmentation in presence of data dependencies,” IEEE Transactions on Dependable and Secure Computing (TDSC), vol. 11, no. 6, pp. 510–523, November/December 2014.

    [5] M. Almorsy, J. C. Grundy, and I. Müller, “An analysis of the cloud
    computing security problem,” CoRR, vol. abs/1609.01107, 2016. [Online]. Available: http://arxiv.org/abs/1609.01107

    [6] M. Pearce, M. Pearce, and M. Pearce, “Virtualization: Issues, security threats, and solutions,” ACM Computing Surveys (CSUR), vol. 45, no. 2, 2013.

    [7] R. L. Rivest and A. T. Sherman, “Randomized encryption techniques,” in Advances in Cryptology, D. Chaum, R. L. Rivest, and A. T. Sherman, Eds. Boston, MA: Springer US, 1983, pp. 145–163.

    [8] A. Boldyreva, N. Chenette, Y. Lee, and A. O'neill, “Order-preserving symmetric encryption,” in Annual International Conference on the Theory and Applications of Cryptographic Techniques. Springer, 2009, pp. 224–241.

    [9] C. Gentry et al., “Fully homomorphic encryption using ideal lattices.” in Stoc, vol. 9, no. 2009, 2009, pp. 169–178.

    [10] K. Krombholz et al., “Advanced social engineering attacks,” J. Inf. Secur. Appl., vol. 22, no. C, pp. 113–122, Jun. 2015. [Online]. Available:http://dx.doi.org/10.1016/j.jisa.2014.09.005

    [11] B. H. Bloom, “Space/time trade-offs in hash coding with allowable errors,” Commun. ACM, vol. 13, no. 7, pp. 422–426, Jul. 1970. [Online]. Available:http://doi.acm.org/10.1145/362686.362692

    [12] H. Hacigumus, B. Iyer, and S. Mehrotra, “Providing database as a service,” 02 2002, pp. 29 – 38.

    [13] S. D. C. di Vimercati, S. Foresti, and P. Samarati, Selective and Fine-Grained Access to Data in the Cloud. New York, NY: Springer New York, 2014, pp. 123–148. [Online]. Available: https://doi.org/10.1007/978-1-4614-9278-8_6

    [14] S. Jajodia et al., Secure Cloud Computing. Springer-Verlag New York, 2014.

    [15] E. Damiani et al., “Balancing confidentiality and efficiency in untrusted relational dbmss,” in Proceedings of the 10th ACM Conference on Computer and Communications Security, ser. CCS ’03. New York, NY, USA: ACM, 2003, pp. 93–102. [Online]. Available: http://doi.acm.org/10.1145/948109.948124

    [16] G. Aggarwal et al., “Two can keep a secret: A distributed architecture for secure database services,” in CIDR, 2005.

    [17] V. Ciriani et al., “Fragmentation and encryption to enforce privacy in data storage,” in Computer Security – ESORICS 2007, J. Biskup and J. López, Eds. Berlin, Heidelberg: Springer Berlin Heidelberg, 2007, pp. 171–186.

    [18] ——, “Combining fragmentation and encryption to protect privacy in data storage,” ACM Trans. Inf. Syst. Secur., vol. 13, 07 2010.

    [19] ——, “Keep a few: Outsourcing data while maintaining confidentiality,” vol. 5789, 09 2009, pp. 440–455.

    [20] ——, “Selective data outsourcing for enforcing privacy,” Journal of Computer Security, vol. 19, pp. 531–566, 01 2011.

    [21] S. Tu, M. F. Kaashoek, S. Madden, and N. Zeldovich, “Processing analytical queries over encrypted data,” Proc. VLDB Endow., vol. 6, no. 5, pp. 289–300, Mar. 2013. [Online]. Available: http://dx.doi.org/10.14778/2535573.2488336
    Description: 碩士
    國立政治大學
    資訊科學系碩士在職專班
    103971018
    Source URI: http://thesis.lib.nccu.edu.tw/record/#G0103971018
    Data Type: thesis
    DOI: 10.6814/NCCU202000271
    Appears in Collections:[資訊科學系碩士在職專班] 學位論文

    Files in This Item:

    File SizeFormat
    101801.pdf1223KbAdobe PDF0View/Open


    All items in 政大典藏 are protected by copyright, with all rights reserved.


    社群 sharing

    著作權政策宣告
    1.本網站之數位內容為國立政治大學所收錄之機構典藏,無償提供學術研究與公眾教育等公益性使用,惟仍請適度,合理使用本網站之內容,以尊重著作權人之權益。商業上之利用,則請先取得著作權人之授權。
    2.本網站之製作,已盡力防止侵害著作權人之權益,如仍發現本網站之數位內容有侵害著作權人權益情事者,請權利人通知本網站維護人員(nccur@nccu.edu.tw),維護人員將立即採取移除該數位著作等補救措施。
    DSpace Software Copyright © 2002-2004  MIT &  Hewlett-Packard  /   Enhanced by   NTU Library IR team Copyright ©   - Feedback