Abstract—With proper data fragmentation and distribution of data chunks to different computer clouds, data owners may stay protected from unauthorized access or data breach even in cases when some of the involved computer clouds get compromised. To reduce the number of cloud providers needed to store fragmented data, we propose an outsourcing model for relational databases that uses a combination of data fragmentation, encryption, and hashing. Since client-side encrypted or cryptographically hashed data significantly limits the ability to process them in the cloud, we propose an algorithm to select the most appropriate data protection method that still enables their processing inside the DBMS without converting them into a plaintext. TPC-H benchmark shows that the proposed algorithm successfully processes all 22 types of reference queries, at the same time being able to reduce the necessary number of cloud storage sites up to 80 percent.
Index Terms—Data outsourcing, multi-cloud database, fragmentation, encryption, hashing.
The authors are with the University of Zagreb, Faculty of Electrical Engineering and Computing, Zagreb, Croatia.
Cite: Iva Jurkovic*, Dejan Skvorc, and Rudolf Lovrencic, "Protection of Sensitive Data in a Multi-Cloud Database Based on Fragmentation, Encryption, and Hashing," International Journal of Machine Learning vol. 13, no. 1, pp. 31-38, 2023.Copyright @ 2023 by the authors. This is an open access article distributed under the Creative Commons Attribution License which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited (CC BY 4.0).