CryptNoSQL – A Methodology for Secure Querying and Processing of Encrypted NoSQL Data on the Cloud Environment

International Journal of Electronics and Communication Engineering
© 2023 by SSRG - IJECE Journal
Volume 10 Issue 5
Year of Publication : 2023
Authors : Sridhar Vemula, Ram Mohan Rao Kovvur, Dyna Marneni
pdf
How to Cite?

Sridhar Vemula, Ram Mohan Rao Kovvur, Dyna Marneni, "CryptNoSQL – A Methodology for Secure Querying and Processing of Encrypted NoSQL Data on the Cloud Environment," SSRG International Journal of Electronics and Communication Engineering, vol. 10,  no. 5, pp. 14-27, 2023. Crossref, https://doi.org/10.14445/23488549/IJECE-V10I5P102

Abstract:

Businesses today use modern computing technologies such as Big Data and Machine Learning in their daily operations, which require effective management of large amounts of data. Relational data formats are no longer suitable for these applications, and NoSQL data formats are preferred. The use of cloud infrastructure offers advantages such as scalability, availability, and resource maintenance, but data security remains a challenge. Although cloud vendors provide encryption features, they may not be sufficient for sensitive data. To address this, some businesses use their encryption methods, but retrieving data from an encrypted form may not be possible. While specific encryption methods support the processing of encrypted data without decryption, there is no complete implementation of secure processing for NoSQL data from MongoDB or other databases. The proposed methodology, called CryptNoSQL, provides a secure way to query and process NoSQL data, including updates on encrypted data. We introduce a customized database design model that selects an appropriate encryption method during the insertion of a document based on the type of field and the operation it will be involved in. Our experimental results demonstrate that our approach is suitable for organizations with sensitive data hosted on the cloud and that require frequent query operations on this data.

Keywords:

Secure data processing, Cloud security, Homomorphic, Order processing encryption, NoSQL.

References:

[1] N. Chandrakala, and B. Thirumala Rao, “Migration of Virtual Machine to Improve the Security in Cloud Computing,” International Journal of Electrical and Computer Engineering, vol. 8, no. 1, pp. 210-219, 2018.
[CrossRef] [Google scholar] [Publisher Link]
[2] Suraj Krishna Patil, and Suhas B. Bhagate, “Protecting Data in Relational Database Management System using Purpose and Role Based Access Control,” International Journal of Computer Engineering in Research Trends, vol. 4, no. 8, pp. 336-340, 2017.
[Publisher Link]
[3] S. Ravichandran, and R. Rajkumar, “Design and Development of Communication Salvage upon Encrypted Information in Cloud Computing,” International Journal of Recent Engineering Science, vol. 6, no. 6, pp. 17-22, 2019.
[CrossRef] [Google scholar] [Publisher Link]
[4] Raluca Ada Popa et al., “CryptDB: Protecting Confidentiality with Encrypted Query Processing,” In Proceedings of the Twenty-Third ACM Symposium on Operating Systems Principles, pp. 85-100, 2011.
[CrossRef] [Google scholar] [Publisher Link]
[5] Ameya Nayak, Anil Poriya, and Dikshay Poojary, “Type of NoSQL Databases and Its Comparison with Relational Databases,” International Journal of Applied Information Systems, vol. 5, no. 4, pp. 16-19, 2013.
[Google scholar] [Publisher Link]
[6] D. Shravani, “Review of Literature on Web Services Security Architecture extended to Cloud, Big Data and IOT,” International Journal of P2P Network Trends and Technology, vol. 6, no. 4, pp. 7-12, 2016.
[Publisher Link]
[7] Mohammad Ahmadian et al., “Secure NoSQL: An Approach for Secure Search of Encrypted NoSQL Databases in the Public Cloud,” International Journal of Information Management, vol. 37, no. 2, pp. 63-74, 2017.
[CrossRef] [Google scholar] [Publisher Link]
[8] Mamdouh Alenezi et al., “An Efficient, Secure, and Queryable Encryption for NoSQL-Based Databases Hosted on Untrusted Cloud Environments,” International Journal of Information Security and Privacy, vol. 13, no. 2, pp. 14-31, 2019.
[CrossRef] [Google scholar] [Publisher Link]
[9] G. Dumindu Samaraweera, and J. Morris Chang, “SEC-NoSQL: Towards Implementing High Performance Security-as-a-Service for NoSQL Databases,” arXiv e-prints (2021): arXiv-2107, 2021.
[CrossRef] [Google scholar] [Publisher Link]
[10] Mahesh M. Baradkar, and Bandu B. Meshram, “A Survey on Cloud Security: Infrastructure as a Service,” SSRG International Journal of Computer Science and Engineering, vol. 6, no. 6, pp. 17-21, 2019.
[CrossRef] [Publisher Link]
[11] Muhammad Ali Raza et al., “Secure NoSQL Over Cloud Using Data Decomposition and Queryable Encryption,” Intelligent Technologies and Applications: Second International Conference, vol. 1198, pp. 409-421, 2020.
[CrossRef] [Google scholar] [Publisher Link]
[12] Richa Kunal Sharma, and Nalini Kant Joshi, “Security and Privacy Problems in Cloud Computing,” International Journal of Computer and Organization Trends, vol. 9, no. 4, pp. 30-39, 2019.
[CrossRef] [Publisher Link]
[13] Rakesh Agrawal et al., “Order Preserving Encryption for Numeric Data,” Proceedings of the 2004 ACM SIGMOD International Conference on Management of Data, pp. 563-574, 2004.
[CrossRef] [Google scholar] [Publisher Link]
[14] Vemula Sridhar, and K. Ram-Mohan Rao, “Multi Keyword Search on Encrypted Text without Decryption,” Second International Conference on Computer Networks and Communication Technologies: ICCNCT 2019, vol. 44, pp. 256-263, 2020.
[Google scholar] [Publisher Link]
[15] N. Swetha, and S. Ramachandram, “A Survey: Query Processing Techniques for Secure Cloud Databases,” International Journal of Computer Engineering in Research Trends, vol. 2, no. 12, pp. 1257-1262, 2015.
[Publisher Link]
[16] K. Karuppasamy, F. Margret Sharmila, and Tharani, T., “Survey on Cloud Security and Algorithms,” SSRG International Journal of Computer Science and Engineering, vol. 6, no. 11, pp. 40-42, 2019.
[CrossRef] [Publisher Link]
[17] Payal V. Parmar et al., “Survey of Various Homomorphic Encryption Algorithms and Schemes,” International Journal of Computer Applications, vol. 91, no. 8, 2014.
[CrossRef] [Google scholar] [Publisher Link]
[18] Pascal Paillier, “Public-Key Cryptosystems based on Composite Degree Residuosity Classes,” International Conference on the Theory and Applications of Cryptographic Techniques, vol. 1592, pp. 223-238, 1999.
[Google scholar] [Publisher Link]
[19] Xin Zhou, and Xiaofei Tang, “Research and Implementation of RSA Algorithm for Encryption and Decryption,” Proceedings of 2011 6th International Forum on Strategic Technology, vol. 2, 2011.
[CrossRef] [Google scholar] [Publisher Link]
[20] T. ElGamal, “A Public Key Cryptosystem and A Signature Scheme Based on Discrete Logarithms,” IEEE Transactions on Information Theory, vol. 31, no. 4, pp. 469-472, 1985.
[CrossRef] [Google scholar] [Publisher Link]
[21] Alexandra Boldyreva et al., “Order-Preserving Symmetric Encryption,” Advances in Cryptology-EUROCRYPT 2009: 28th Annual International Conference on the Theory and Applications of Cryptographic Technique, Proceedings 28, pp. 224-241, 2009.
[Google scholar] [Publisher Link]
[22] Sridhar Vemula, Ram Mohan Rao Kovvur, and Dyna Marneni, “Algorithms for Implementing Repeated Homomorphic Operations on Restricted Data Type Ranges,” 2023 Somaiya International Conference on Technology and Information Management (SICTIM), pp. 106-111, 2023.
[CrossRef] [Google scholar] [Publisher Link]
[23] [Online]. Available: https://github.com/MoAhmadian/SecureNoSQL
[24] M. Purna Chary, Srinivasa S. P. Kumar, B., and T. RamDas Naik, “A Survey on Implementation of Column-Oriented NoSQL Data Stores (Bigtable and Cassandra), ” International Journal of Computer Engineering in Research Trends, vol. 2, no. 8, pp. 463-469, 2015.
[Google scholar] [Publisher Link]
[25] Sridhar Vemula, Ram Mohan Rao Kovvur, and Dyna Marneni, “Secure E-Voting System Implementation Using CryptDB,” SN Computer Science, vol. 2, no. 217, 2021.
[CrossRef] [Google scholar] [Publisher Link]