Research On Privacy Protection Mechanism Of Non-relational Database For SaaS

With the rapid development of cloud computing technology,SaaS(Software as a Service)applications have been widely used.In order to use the SaaS application,tenants need to upload their data to the database of the cloud service provider.Therefore,the data is out of the tenant's direct control and the data privacy security can't be guaranteed.With the enhancement of people's awareness of privacy protection,data security in SaaS applications has attracted more and more attention.Therefore,how to ensure the security of data privacy in SaaS applications has become an urgent problem.In order to protect the privacy of data,by using the concept of trusted third party,the previous works establish a privacy protection model based on three parts(tenants,service providers,trusted third party).By splitting the sensitive attributes of relational database into different data chunks,this model hides the data privacy.In order to meet the needs of tenants,SaaS applications have a variety of forms for the underlying data storage(relational and non-relational databases).For the document non-relational database,the data storage mode is free and there is a nested relationship between the attributes of the record.Different records may have different attributes and the same record may exist in the same name of the fields.Therefore,the data organization form of the non-relational database is different from the relational databases',which leads to the fact that the proposed data partitioning strategy is no longer applicable.At the same time,a series of data chunks are obtained after the data partition for the document non-relational database.In order to enhance the effect of privacy protection,the data chunks can be placed in different data nodes as much as possible,which may lead to the decline of data access efficiency.Therefore,we need a balance between privacy protection and data access efficiency.At the same time,the tenant's data may have an impact on the application of other tenants.Therefore,we should take full account of the privacy protection requirements,the application performance requirements and the load of nodes to place the tenant data chunks.At the same time,after we split the data and the data chunks are placed in different data nodes,the time costing for the data transfer and reconstruction may be much.In view of the above problems,this paper studies from two aspects:1.This paper proposes a privacy preserving strategy based on attribute structure tree,which implements the partition mechanism for the document non-relational database and enhances the generality of privacy preserving mechanism based on data chunks.According to the structure of data,an attribute structure tree is constructed.And then the nodes of the attribute structure tree are recombined according to the privacy constraints and the degree of attribute association.When the nodes are recombined,we should combine the attributes together that are often used together.2.This paper proposes data placement strategy based on data chunks association graph and realizes the reasonable storage of the data chunks for the document oriented non-relational database.Firstly,according to the historical records of the tenants,the association graph of the data chunks is constructed,and then the data blocks are grouped by the association graph.The data chunks in the same group can be placed in the same data node.Finally,according to the requirements of the application performance,the node load,selecting the appropriate node to place data chunks.3.This paper proposes data reconstruction optimization mechanism based on cache.First of all,the relationship between attributes is calculated by the tenant's history access record.Then the attributes and their attribute values are encoded,finally they are stored in the memory.Through caching the data coding,we not only protect the data privacy,but also improve the access efficiency of the cloud data.Through above study,this paper implements the attribute partition,data chunks placement and data reconstruction optimization and verifies the feasibility and effectiveness of the proposed algorithms through experiments.