Netinfo Security ›› 2018, Vol. 18 ›› Issue (7): 60-68.doi: 10.3969/j.issn.1671-1122.2018.07.008

• Orginal Article • Previous Articles     Next Articles

Scheme of Cloud Database Oriented Multi-tenant Attribute-based Security Isolation and Data Protection

Qinghe DONG1,2, Qian HE1,2(), Bingcheng JIANG1,2, Peng LIU1,2   

  1. 1. Guangxi Key Laboratory of Cryptography and Information Security, Guilin University of Electronic Technology, Guilin Guangxi 541004, China
    2. Guangxi Collaborative Innovation Center of Cloud Computing and Big Data, Guilin University of Electronic Technology, Guilin Guangxi 541004, China
  • Received:2018-04-27 Online:2018-07-15 Published:2020-05-11

Abstract:

As a new cloud computing application, cloud database has been widely concerned, but data security has become the difficulty of further development of cloud database. Targeting the problem of data protection and QoS of muitl-tanant cloud database in large data center, a multi-tenant cloud database security isolation and data protection based on attribute based encryption scheme is proposed. Firstly, the multi-tenant cloud database management system is designed and implemented to guarantee the data isolation between tenants. Secondly, a middleware based on attribute based encryption is proposed to encrypt the tenant data to ensure the security of the data and realize the fine grainen rank control. Finally, a QoS system based on SDN is designed and implemented to ensure the service bandwidth of the cloud database service. The experimental results show that the proposed system can meet the security requirements of multi-tenant. When the network is congested, the QoS system can protect the business bandwidth of the encrypted database system and ensure the service experience of the tenant.

Key words: multi-tenant, cloud database, attribute-based encryption, QoS, SDN

CLC Number: