政大機構典藏-National Chengchi University Institutional Repository(NCCUR):Item 140.119/128990
English  |  正體中文  |  简体中文  |  Post-Print筆數 : 27 |  全文筆數/總筆數 : 113648/144635 (79%)
造訪人次 : 51595835      線上人數 : 930
RC Version 6.0 © Powered By DSPACE, MIT. Enhanced by NTU Library IR team.
搜尋範圍 查詢小技巧:
  • 您可在西文檢索詞彙前後加上"雙引號",以獲取較精準的檢索結果
  • 若欲以作者姓名搜尋,建議至進階搜尋限定作者欄位,可獲得較完整資料
  • 進階搜尋
    請使用永久網址來引用或連結此文件: https://nccur.lib.nccu.edu.tw/handle/140.119/128990


    題名: 公有雲資料庫委外安全保護機制:CryptDB與Fragmentation的比較
    Public Cloud Database Outsourcing Security Protection Mechanism:Comparison of CryptDB with Fragmentation
    作者: 陳柏廷
    Chen, Bo-Ting
    貢獻者: 胡毓忠
    Hu, Yuh-Jong
    陳柏廷
    Chen, Bo-Ting
    關鍵詞: 雲端
    隱私
    Cloud
    Privacy
    CryptDB
    Fragmentation
    日期: 2020
    上傳時間: 2020-03-02 11:37:49 (UTC+8)
    摘要: 雲端服務是近年各企業相當重視的資訊系統應用,現今的網路環境,為了更方便、快速分享佈署資料、應用服務和同時兼顧儲存成本和提升效率,從個人到企業逐漸選擇把資料移往雲端存放,利用雲端服務協助完成工作。現在一般使用者在操作電腦時,大多數會額外安裝防毒軟體和防火牆,原因是使用者已經了解到保護資料對個人隱私的重要,同樣當把資料上傳至雲端後,因資料不再受到使用者的管控,而是由雲端平台服務商全權管理,對安全的顧慮更加提高,系統服務商該如何保護客戶的資料完整、隱私和可用性,是每位雲端服務使用者最重視的部分。

    本研究將透過兩種公有雲資料庫保護方式:CryptDB與Fragmentation,探討企業如何在雲端環境保護委外資料的運作,同時能符合機密、完整、可用性的資安三要條件,以及在儲存管理、數據操作、使用流程上的差異比較,給予建置資料庫時的建議與選擇判斷,藉此提供具體貢獻。
    During the past few years, cloud service is an information system application that enterprises pay great attention to. In today`s network environment, to make it easier and faster to share deployed data, application services, and to balance storage costs and efficiency, individuals and businesses are choosing to move data to the cloud and use cloud services to help you get the job done. Store and use the cloud service to assist with the work. Nowadays, the general public use computers and most of them will install anti-virus software and firewalls. The reason is that users have learned that protecting data is important to personal privacy. Similarly, when data is uploaded to the cloud, data is no longer controlled by users. It is managed by the cloud platform service provider and the security concerns are further enhanced. How the system service provider can protect the customer`s data integrity, privacy and availability is the most important part of every cloud service user.

    In this study will use two public cloud database protection methods: CryptDB and Fragmentation to explore how companies can operate outsourced data in the cloud while meeting the three essential conditions of confidentiality, integrity, and availability, as well as the comparison of differences in storage management, data operation, and usage processes. Give specific contributions by giving advice and choice to build a database.
    參考文獻: [1] “Cisco Visual Networking Index: Forecast and Trends, 2017–2022 White Paper,” https://www.cisco.com/c/en/us/solutions/collateral/service-provider/visual-networking-index-vni/white-paper-c11-741490.html, accessed: 2019-10-10.

    [2] R. A. Popa et al., “Cryptdb: Protecting confidentiality with encrypted query processing,” in Proceedings of the Twenty-Third ACM Symposium on Operating Systems Principles, ser. SOSP ’11. New York, NY, USA: ACM, 2011, pp. 85–100. [Online]. Available: http://doi.acm.org/10.1145/2043556.2043566

    [3] S. D. C. di Vimercati et al., “Encryption and fragmentation for data confidentiality in the cloud,” Lecture Notes in Computer Science, vol. 8604, pp.212–243, 2012.

    [4] S. De Capitani di Vimercati et al., “Fragmentation in presence of data dependencies,” IEEE Transactions on Dependable and Secure Computing (TDSC), vol. 11, no. 6, pp. 510–523, November/December 2014.

    [5] M. Almorsy, J. C. Grundy, and I. Müller, “An analysis of the cloud
    computing security problem,” CoRR, vol. abs/1609.01107, 2016. [Online]. Available: http://arxiv.org/abs/1609.01107

    [6] M. Pearce, M. Pearce, and M. Pearce, “Virtualization: Issues, security threats, and solutions,” ACM Computing Surveys (CSUR), vol. 45, no. 2, 2013.

    [7] R. L. Rivest and A. T. Sherman, “Randomized encryption techniques,” in Advances in Cryptology, D. Chaum, R. L. Rivest, and A. T. Sherman, Eds. Boston, MA: Springer US, 1983, pp. 145–163.

    [8] A. Boldyreva, N. Chenette, Y. Lee, and A. O'neill, “Order-preserving symmetric encryption,” in Annual International Conference on the Theory and Applications of Cryptographic Techniques. Springer, 2009, pp. 224–241.

    [9] C. Gentry et al., “Fully homomorphic encryption using ideal lattices.” in Stoc, vol. 9, no. 2009, 2009, pp. 169–178.

    [10] K. Krombholz et al., “Advanced social engineering attacks,” J. Inf. Secur. Appl., vol. 22, no. C, pp. 113–122, Jun. 2015. [Online]. Available:http://dx.doi.org/10.1016/j.jisa.2014.09.005

    [11] B. H. Bloom, “Space/time trade-offs in hash coding with allowable errors,” Commun. ACM, vol. 13, no. 7, pp. 422–426, Jul. 1970. [Online]. Available:http://doi.acm.org/10.1145/362686.362692

    [12] H. Hacigumus, B. Iyer, and S. Mehrotra, “Providing database as a service,” 02 2002, pp. 29 – 38.

    [13] S. D. C. di Vimercati, S. Foresti, and P. Samarati, Selective and Fine-Grained Access to Data in the Cloud. New York, NY: Springer New York, 2014, pp. 123–148. [Online]. Available: https://doi.org/10.1007/978-1-4614-9278-8_6

    [14] S. Jajodia et al., Secure Cloud Computing. Springer-Verlag New York, 2014.

    [15] E. Damiani et al., “Balancing confidentiality and efficiency in untrusted relational dbmss,” in Proceedings of the 10th ACM Conference on Computer and Communications Security, ser. CCS ’03. New York, NY, USA: ACM, 2003, pp. 93–102. [Online]. Available: http://doi.acm.org/10.1145/948109.948124

    [16] G. Aggarwal et al., “Two can keep a secret: A distributed architecture for secure database services,” in CIDR, 2005.

    [17] V. Ciriani et al., “Fragmentation and encryption to enforce privacy in data storage,” in Computer Security – ESORICS 2007, J. Biskup and J. López, Eds. Berlin, Heidelberg: Springer Berlin Heidelberg, 2007, pp. 171–186.

    [18] ——, “Combining fragmentation and encryption to protect privacy in data storage,” ACM Trans. Inf. Syst. Secur., vol. 13, 07 2010.

    [19] ——, “Keep a few: Outsourcing data while maintaining confidentiality,” vol. 5789, 09 2009, pp. 440–455.

    [20] ——, “Selective data outsourcing for enforcing privacy,” Journal of Computer Security, vol. 19, pp. 531–566, 01 2011.

    [21] S. Tu, M. F. Kaashoek, S. Madden, and N. Zeldovich, “Processing analytical queries over encrypted data,” Proc. VLDB Endow., vol. 6, no. 5, pp. 289–300, Mar. 2013. [Online]. Available: http://dx.doi.org/10.14778/2535573.2488336
    描述: 碩士
    國立政治大學
    資訊科學系碩士在職專班
    103971018
    資料來源: http://thesis.lib.nccu.edu.tw/record/#G0103971018
    資料類型: thesis
    DOI: 10.6814/NCCU202000271
    顯示於類別:[資訊科學系碩士在職專班] 學位論文

    文件中的檔案:

    檔案 大小格式瀏覽次數
    101801.pdf1223KbAdobe PDF20檢視/開啟


    在政大典藏中所有的資料項目都受到原著作權保護.


    社群 sharing

    著作權政策宣告 Copyright Announcement
    1.本網站之數位內容為國立政治大學所收錄之機構典藏,無償提供學術研究與公眾教育等公益性使用,惟仍請適度,合理使用本網站之內容,以尊重著作權人之權益。商業上之利用,則請先取得著作權人之授權。
    The digital content of this website is part of National Chengchi University Institutional Repository. It provides free access to academic research and public education for non-commercial use. Please utilize it in a proper and reasonable manner and respect the rights of copyright owners. For commercial use, please obtain authorization from the copyright owner in advance.

    2.本網站之製作,已盡力防止侵害著作權人之權益,如仍發現本網站之數位內容有侵害著作權人權益情事者,請權利人通知本網站維護人員(nccur@nccu.edu.tw),維護人員將立即採取移除該數位著作等補救措施。
    NCCU Institutional Repository is made to protect the interests of copyright owners. If you believe that any material on the website infringes copyright, please contact our staff(nccur@nccu.edu.tw). We will remove the work from the repository and investigate your claim.
    DSpace Software Copyright © 2002-2004  MIT &  Hewlett-Packard  /   Enhanced by   NTU Library IR team Copyright ©   - 回饋