ABSTRACT
For Web applications in which the database component is the bottleneck, scalability can be provided by a third-party Database Scalability Service Provider (DSSP) that caches application data and supplies query answers on behalf of the application. Cost-effective DSSPs will need to cache data from many applications, inevitably raising concerns about security. However, if all data passing through a DSSP is encrypted to enhance security, then data updates trigger invalidation of large regions of cache. Consequently, achieving good scalability becomes virtually impossible. There is a tradeoff between security and scalability, which requires careful consideration.In this paper we study the security-scalability tradeoff, both formally and empirically. We begin by providing a method for statically identifying segments of the database that can be encrypted without impacting scalability. Experiments over a prototype DSSP system show the effectiveness of our static analysis method--for all three realistic bench-mark applications that we study, our method enables a significant fraction of the database to be encrypted without impacting scalability. Moreover, most of the data that can be encrypted without impacting scalability is of the type that application designers will want to encrypt, all other things being equal. Based on our static analysis method, we propose a new scalability-conscious security design methodology that features: (a) compulsory encryption of highly sensitive data like credit card information, and (b) encryption of data for which encryption does not impair scalability. As a result, the security-scalability tradeoff needs to be considered only over data for which encryption impacts scalability, thus greatly simplifying the task of managing the tradeoff.
- {1} G. Aggarwal, M. Bawa, P. Ganesan, H. Garcia-Molina, K. Kenthapadi, R. Motwani, U. Srivastava, D. Thomas, and Y. Xu. Two can keep a secret: A distributed architecture for secure database services. In Proc. CIDR, 2005.Google Scholar
- {2} R. Agrawal, J. Kiernan, R. Srikant, and Y. Xu. Order preserving encryption for numeric data. In Proc. SIGMOD, 2004. Google ScholarDigital Library
- {3} M. Altinel, C. Bornhvd, S. Krishnamurthy, C. Mohan, H. Pirahesh, and B. Reinwald. Cache tables: Paving the way for an adaptive database cache. In Proc. VLDB, 2003. Google ScholarDigital Library
- {4} K. Amiri, S. Park, R. Tewari, and S. Padmanabhan. DBProxy: A dynamic data cache for Web applications. In Proc. ICDE, 2003.Google ScholarCross Ref
- {5} J. A. Blakeley, N. Coburn, and P. Larson. Updating derived relations: Detecting irrelevant and autonomously computable updates. ACM TODS, 14(3):369-400, 1989. Google ScholarDigital Library
- {6} E. Brynojolfsson, M. Smith, and Y. Hu. Consumer surplus in the digital economy: Estimating the value of increased product variety. 2002. http://www.heinz.cmu.edu/~mds/cs.pdf.Google Scholar
- {7} California Senate. Bill SB 1386. http://info.sen.ca. gov/pub/01-02/bill/sen/sb_1351-1400/sb_1386_ bill_200%20926_chaptered.html, 2002.Google Scholar
- {8} K. Candan, D. Agrawal, W. Li, O. Po, and W. Hsiung. View invalidation for dynamic content caching in multitiered architectures. In Proc. VLDB, 2002. Google ScholarDigital Library
- {9} J. Dilley, B. Maggs, J. Parikh, H. Prokop, R. Sitaraman, and B. Weihl. Globally distributed content delivery. IEEE Internet Computing, 6(5):50-58, 2002. Google ScholarDigital Library
- {10} A. Gupta and J. A. Blakeley. Using partial information to update materialized views. Information Systems, 20(9):641-662, 1995. Google ScholarDigital Library
- {11} H. Hacigumus, B. Iyer, C. Li, and S. Mehrotra. Executing SQL over encrypted data in the database service provider model. In Proc. SIGMOD, 2002. Google ScholarDigital Library
- {12} H. Hacigumus, B. Iyer, and S. Mehrotra. Providing database as a service. In Proc. ICDE, 2002. Google ScholarDigital Library
- {13} H. Hacigumus, B. Iyer, and S. Mehrotra. Efficient execution of aggregation queries over encrypted relational databases. In 9th International Conference on Database Systems for Advanced Applications, 2004.Google ScholarCross Ref
- {14} Jakarta Project. Apache Tomcat.Google Scholar
- {15} M. Kantarcioglu and C. Clifton. Security issues in querying encrypted data. Technical Report TR-04-013, Purdue University, 2004.Google Scholar
- {16} A. Y. Levy and Y. Sagiv. Queries independent of updates. In Proc. VLDB, 1993. Google ScholarDigital Library
- {17} W. Li, O. Po, W. Hsiung, K. S. Candan, D. Agrawal, Y. Akca, and K. Taniguchi. CachePortal II: Acceleration of very large scale data center-hosted database-driven web applications. In Proc. VLDB, 2003. Google ScholarDigital Library
- {18} Q. Luo, S. Krishnamurthy, C. Mohan, H. Pirahesh, H. Woo, B. G. Lindsay, and J. F. Naughton. Middle-tier database caching for e-business. In Proc. SIGMOD, 2002. Google ScholarDigital Library
- {19} A. Manjhi, A. Ailamaki, B. M. Maggs, T. C. Mowry, C. Olston, and A. Tomasic. Simultaneous scalability and security for data-intensive Web applications. Technical Report CMU-CS-06-116, Carnegie Mellon University, March 2006, http://www.cs.cmu.edu/ ~manjhi/scalabilitySecurity.pdf.Google ScholarDigital Library
- {20} MySQL AB. MySQL database server.Google Scholar
- {21} ObjectWeb Consortium. Rice University bidding system. http://rubis.objectweb.org/.Google Scholar
- {22} Object Web Consortium. Rice University bulletin board system. http://rubbos.objectweb.org/.Google Scholar
- {23} C. Olston, A. Manjhi, C. Garrod, A. Ailamaki, B. M. Maggs, and T. C. Mowry. A scalability service for dynamic web applications. In Proc. CIDR, 2005.Google Scholar
- {24} D. Quass, A. Gupta, I. S. Mumick, and J. Widom. Making views self-maintainable for data warehousing. In Proc. Fourth International Conference on Parallel and Distributed Information Systems, 1996. Google ScholarDigital Library
- {25} The Washington Post. Advertiser charged in massive database theft. http://www.washingtonpost.com/ wp-dyn/articles/A4364-2004Jul21.html, July, 2004.Google Scholar
- {26} Transaction Processing Council. TPC-W, version 1.7.Google Scholar
- {27} B. White, J. Lepreau, L. Stoller, R. Ricci, S. Guruprasad, M. Newbold, M. Hibler, C. Barb, and A. Joglekar. An integrated experimental environment for distributed systems and networks. In Proc. OSDI, 2002. Google ScholarDigital Library
Index Terms
- Simultaneous scalability and security for data-intensive web applications
Recommendations
Enhanced Chosen-Ciphertext Security and Applications
Proceedings of the 17th International Conference on Public-Key Cryptography --- PKC 2014 - Volume 8383We introduce and study a new notion of enhanced chosen-ciphertext security ECCA for public-key encryption. Loosely speaking, in the ECCA security experiment, the decryption oracle provided to the adversary is augmented to return not only the output of ...
Comments