A middleware approach for outsourcing data securely

Businesses that provide data storage facilities on the internet (IDP) have exploded recently. Such businesses provide the following benefits to end users: a) anytime, anywhere access to data; b) low cost; and c) good quality of service. Examples of data storage providers include Amazon S3 service, Windows SkyDrive, Nirvarnix, etc. Users face two challenges in utilizing the storage infrastructures of the IDPs: a) Heterogeneity: Different IDPs provide different interfaces to application developers to store and fetch data with them due to lack of accepted standards; and b) Security: Data outsourced to IDPs is vulnerable to attacks from the internet thieves and from malicious employees of IDPs. In this paper, we present the design of iDataGuard, which is a client side interoperable security middleware that adapts to the heterogeneity of interfaces of IDPs and enforces security constraints on outsourced data. This significantly simplifies the effort for application development. To combat heterogeneity, iDataGuard incorporates an abstract service model that can be easily customized to individual IDPs. To address the security challenges, iDataGuard supports a security model that protects the confidentiality and integrity of outsourced data. We propose a novel indexing technique that allows search on the encrypted data stored at the IDPs. We illustrate the feasibility/efficacy of iDataGuard by implementing the middleware and executing it on two of the popular IDPs, Amazon S3 service and Gmail.com.