Database security in private database clouds

Çınar, Onur
Cloud computing and systems are very popular in today’s Information Technology and Systems and have grown extremely. Cloud computing helps organizations solve increasing IT costs such as their licenses,power consumption,physical protection,by providing better standardization,higher benefit,greater performance,and quick responses of information services. This thesis presents the study of ensuring database security in cloud computing, protecting data especially from internal attacks, and managing high volumes of log data. Security requirements of a network system differ from each other according to the system which you are using. Carrying vital importance for our private and secret information, cloud systems must provide extra security solutions for database systems with the organizations. While using firewalls, intrusion detection systems on the network for external attacks, improved access controls must be thought for internal attacks. Using database actions logs and audit can be very helpful on developing a database protection system. However, storing these logs will cause a storage and performance problem. The other problem is to manage many databases at the same time. This system provides managing many databases at the same time from the same place. Logs from each database is transmitting to the central point asynchronously. Administrating database protection solution from a central point in cloud helps us to manage security of databases and handling huge volumes of data.The performance of our proposed system has been evaluated against one of the most commonly used products on the market, Oracle audit Vault Server and better results have been obtained on some topics in this thesis.


Cinar, Onur; Guncer, R. Haluk; Yazıcı, Adnan (2016-12-22)
Cloud computing and cloud systems are very popular in today's Information Technology (IT) and systems and have grown very quickly. Cloud computing helps organizations solve increasing IT costs such as their licenses, power consumption, physical protection, by providing better standardization, higher benefit, greater performance, and quicker responses of information services. Carrying vital importance for our private and secret information, cloud systems must provide extra security solutions for database sys...
Homomorphic encryption for data security in cloud computing
Wainakh, Asndar; Akyıldız, Ersan; Cenk, Murat; Department of Cryptography (2018)
Recently, cloud computing has grown into a popular aspect of the IT industry. Cloud computing provides a range of hardware and software resources to its customers,which they can access through the internet. With the rapid development of cloud computing, various security issues related to confidentiality, and integrity are appearing. Traditional encryption techniques provide security to data while it is stored and transmitted, but not while it is processed. Hence traditional encryption techniques are not enou...
EPICS: A Framework for Enforcing Security Policies in Composite Web Services
Ranchal, Rohit; Bhargava, Bharat; Angın, Pelin; ben Othmane, Lotfi (Institute of Electrical and Electronics Engineers (IEEE), 2019-05-01)
With advances in cloud computing and the emergence of service marketplaces, the popularity of composite services marks a paradigm shift from single-domain monolithic systems to cross-domain distributed services, which raises important privacy and security concerns. Access control becomes a challenge in such systems because authentication, authorization and data disclosure may take place across endpoints that are not known to clients. The clients lack options for specifying policies to control the sharing of...
A Quality model for cloud-based enterprise information systems
Şener, Umut; Eren, Pekin Erhan; Department of Information Systems (2016)
Organizations have migrated from on-premise enterprise information systems to Cloud-based Enterprise Information Systems (Cloud-EIS) due to the benefits of cloud computing, such as flexibility, availability on demand, and interdependence in information technology infrastructure. Accordingly, enterprises perceive the significance of the quality of Cloud-EIS for improving their businesses, and they pay more attention to selecting the suitable Cloud-EIS. Having looked at the extensive literature, only a few re...
Architectural design of an access control system for enterprise networks
Kirimer, Burak; Özgit, Attila (2007-11-09)
Client computers in enterprise networks have the potential to be the source of serious security problems, especially when their hardware and software components are out of physical administrative control. Besides, services in the network may have client configuration requirements. We propose a system composed of a policy management and enforcement server and client agents, which authenticates the client users and checks their computer configurations before allowing their access to services. The information ...
Citation Formats
O. Çınar, “Database security in private database clouds,” M.S. - Master of Science, Middle East Technical University, 2015.