In an outsourced XML database service model, organizations rely upon the premises of external service providers for the storage and retrieval management of their XML data. Since, typically, service providers are not fully trusted; this model introduces numerous interesting research challenges. Among them, the most crucial security research questions relate to data confidentiality, user and data privacy, queryassurance, secure auditing, and secure and efficient storage model. Although there exists a large number of related research works on these topics, the authors are still at the initial stage and the research results are still far from practical maturity. In this chapter, they extensively discuss all potential security issues mentioned above and the existing solutions, and present open research issues relevant to security requirements in outsourced XML databases.
In the early days of ubiquitous computing and up through the late 1990s, owning and operating a sophisticated database was a strategic advantage for an organization (Bostick, 2008). Nowadays, however, nearly every organization possesses some sort of database containing different valuable information, which is considered the lifeblood of the organization. The ability to store data is therefore no longer a strategic advantage in and of itself. Recent investigations also report that storage capacity and security requirements will soon become a big problem for organizations if they still want to manage large in-house databases (Gantz, 2007). The management of the database infrastructure and the data needs has become much more of a commodity (IBM, 2008a; DBADirect, 2008). As a result, the value is not in owning a database but in how it is used and what can be got from it.
Recently, with rapid developments of the Internet and advances in the networking technologies, outsourcing database services has been emerging as a promising trend to overcome the limitations of the in-house database storage model (Hacigümüs et.al., 2002b; Bouganim & Pucheral, 2002). Basically, there are two kinds of database outsourcing models: housing-based and hosting-based. With the housing-based database outsourcing model, the server and data are the property of the outsourcer (i.e., the data owner as illustrated in Figure 1a) and the outsourcer installs the servers. In this case, the outsourcing service provider provides the physical security of machines and data, and monitors (and if necessary restores) the operating condition of the server. Of course, the service provider protects the outsourced data against physical attacks both from outside and inside. Notwithstanding, the access rights of the service provider depend on a particular contract with its client (i.e., the outsourcer). Basically, the service provider only gets a special account with the server for special managerial purposes, but the outsourcer can determine the necessary access rights of that account. As for the hosting-based database outsourcing model, instead of keeping data in local servers, accommodated internally inside an organization, and having a professional technical team to manage the relevant database services such as software and hardware updates, server performance tuning, or security and authorization management, etc., now all data management needs can be outsourced to outside database service providers (see Figure 1b). In this case, the service provider provides all needed facilities, such as hardware, operating system, etc. to host and manage the outsourced data. In particular, it is different from the housing-based model in that the database administrator in this hosting-based model belongs to the service provider, but not the outsourcer’s. By employing this hosting-service outsourcing model, usually called the outsourced database service (ODBS) model (Dang, 2005; Hacigümüs et. al., 2002b), organizations have more freedom to concentrate on and invest in their core business activities. The ODBS model is obviously preferable to the housing-based one. In both models, however, a service provider is typically not fully trusted, and thus they raise numerous interesting research challenges related to security issues (Hacigümüs et.al., 2002a; Smith & Safford, 2001; Dang, 2008; Damiani et al., 2003; Dang, 2006a; Dang, 2006b; Narasimha & Tsudik, 2006; Sion, 2005; Du & Atallah, 2000; Pang & Tan, 2004; Thuraisingham, 2005; etc.). To make the outsourcing model full-fledged and practically applicable, security-related issues must be addressed radically.