Using the Scyther security verification tool, the authentication, authorization, and encryption components of the proposed framework are tested against possible attacks with promising results.
In this section, we will provide a detailed description of the workflow of our system, which includes the three basic security features that our system provides, i.e., authentication, authorization, and encryption.
In order to overcome these issues, we propose a database security-as-a-service (DB-SECaaS) system over document-oriented database hosted in cloud, which provides authentication, fine-grained authorization, and encryption of the database objects, while ensuring that access to the data is granted only to authorized users on a need-to-know basis.
The system works in four phases, namely policy creation phase, authentication phase, fine-grained authorization phase, and encryption phase.
The three main services at play are authentication service, fine-grained authorization service, and encryption service, which further depend on services that complete their functionality.
As a proof of concept, the core functionalities of the protocol, i.e., authorization, authentication, and encryption, are formally modeled in Scyther to formally verify that the proposed framework mitigates privacy and security concerns.
With today's authentication technologies, authorization technologies and encryption technologies, communication and protection from unauthorized data access can be guaranteed, but looking at it from an organizational view, the problem concerning data security cannot be solved.
With these motivations, we have developed the DB-SECaaS system that protects the underlying document-oriented database in cloud by providing authentication, fine-grained authorization, and data encryption services.
To overcome these limitations, we have developed a comprehensive database security-as-a-service (DB-SECaaS) system, on top of a document-oriented database in cloud, which would provide strong authentication, fine-grained authorization, and data encryption to ensure maximum security for the document-oriented database layer lying underneath.
It offers all the primarily required security services for the underlying database, specifically strong authentication, fine-grained authorization, data encryption, and data integrity.
Deploying proper encryption, authorization and authentication remain an essential foundation.
