Abstract
With the fast-increasing prevalence of mobile devices, mobile cloud computing has emerged as an important computing paradigm. Storing databases in the cloud server has been one significant application of mobile cloud computing. However, there is one severe security problem: the protection of most database system relies on the security schemes of the operating system or the hard drive of the server. If an attacker successfully hacks into a cloud server and accesses the database files, then the attacker is able to recover the database and get information about every attribute of a tuple in the database. Encrypting the database does not fully address the problem as seen in the continued incidents of large-scale database breaches. In this paper, we propose a novel and practical database shuffling approach that breaks the original relations between the value of the attributes while keeping the ostensible integrity. It protects the database storage by storing shuffled relations in data files instead of putting shuffled relations in memory only. For semantically or statistically associated attributes, we shuffle them together as a bundle to ensure that the shuffled database appears deceptively genuine to the attacker. We show that our algorithm is compatible with the current relational database design and can be used to provide an extra layer of protection in addition to encryption.