Logo PTI
Polish Information Processing Society
Logo FedCSIS

Annals of Computer Science and Information Systems, Volume 6

Position Papers of the 2015 Federated Conference on Computer Science and Information Systems

An Architecture for Secure Web Resource with Outsourced Database

Kirill Shatilov, Sergey Krendelev, Diana Anisutina, Artem Sumaneev, Evgeny Ogurtsov

DOI: http://dx.doi.org/10.15439201559

Citation: Position Papers of the 2015 Federated Conference on Computer Science and Information Systems, M. Ganzha, L. Maciaszek, M. Paprzycki (eds). ACSIS, Vol. 6, pages 133–139 (2015)

Full text

Abstract. Security of outsourced data is crucial for businesses. To protect and secure outsourced database, as a part of dynamic web resource while maintaining site's work, we propose a solution featuring following key ideas. Firstly, we suggest to encrypt database content granularly with order preserving and homomorphic encryptions in order to conduct operation inside unmodified DBMS. Secondly, proposed solution implies presence of trusted intermediate component, responsible for SQL query precessing and site hosting tasks. Our approach has been validated through the implementation of complete web resource infrastructure with encrypted database. While web resource, using currently most popular content management system - WordPress, was functioning in normal mode, content of DMBS was secured. In this paper basic ideas of creating secure web resource will be discussed, as long as practical aspects. In addition proposed solution analysis using different metrics will be provided.