Updating derived relations: detecting irrelevant and autonomously computable updates
ACM Transactions on Database Systems (TODS)
Using partial information to update materialized views
Information Systems
Making views self-maintainable for data warehousing
DIS '96 Proceedings of the fourth international conference on on Parallel and distributed information systems
Executing SQL over encrypted data in the database-service-provider model
Proceedings of the 2002 ACM SIGMOD international conference on Management of data
Middle-tier database caching for e-business
Proceedings of the 2002 ACM SIGMOD international conference on Management of data
Globally Distributed Content Delivery
IEEE Internet Computing
Queries Independent of Updates
VLDB '93 Proceedings of the 19th International Conference on Very Large Data Bases
Providing Database as a Service
ICDE '02 Proceedings of the 18th International Conference on Data Engineering
Order preserving encryption for numeric data
SIGMOD '04 Proceedings of the 2004 ACM SIGMOD international conference on Management of data
An integrated experimental environment for distributed systems and networks
OSDI '02 Proceedings of the 5th symposium on Operating systems design and implementationCopyright restrictions prevent ACM from being able to make the PDFs for this conference available for downloading
View invalidation for dynamic content caching in multitiered architectures
VLDB '02 Proceedings of the 28th international conference on Very Large Data Bases
Cache tables: paving the way for an adaptive database cache
VLDB '03 Proceedings of the 29th international conference on Very large data bases - Volume 29
CachePortal II: acceleration of very large scale data center-hosted database-driven web applications
VLDB '03 Proceedings of the 29th international conference on Very large data bases - Volume 29
Consistency-preserving caching of dynamic database content
Proceedings of the 16th international conference on World Wide Web
POEMS: Peer-Based Overload Management
WISE '08 Proceedings of the 9th international conference on Web Information Systems Engineering
Scalable query result caching for web applications
Proceedings of the VLDB Endowment
A survey on dynamic Web content generation and delivery techniques
Journal of Network and Computer Applications
| Hi-index | 0.00 |
For Web applications in which the database component is the bottleneck, scalability can be provided by a third-party Database Scalability Service Provider (DSSP) that caches application data and supplies query answers on behalf of the application. Cost-effective DSSPs will need to cache data from many applications, inevitably raising concerns about security. However, if all data passing through a DSSP is encrypted to enhance security, then data updates trigger invalidation of large regions of cache. Consequently, achieving good scalability becomes virtually impossible. There is a tradeoff between security and scalability, which requires careful consideration.In this paper we study the security-scalability tradeoff, both formally and empirically. We begin by providing a method for statically identifying segments of the database that can be encrypted without impacting scalability. Experiments over a prototype DSSP system show the effectiveness of our static analysis method--for all three realistic bench-mark applications that we study, our method enables a significant fraction of the database to be encrypted without impacting scalability. Moreover, most of the data that can be encrypted without impacting scalability is of the type that application designers will want to encrypt, all other things being equal. Based on our static analysis method, we propose a new scalability-conscious security design methodology that features: (a) compulsory encryption of highly sensitive data like credit card information, and (b) encryption of data for which encryption does not impair scalability. As a result, the security-scalability tradeoff needs to be considered only over data for which encryption impacts scalability, thus greatly simplifying the task of managing the tradeoff.