Saleh, Eyad; Sianipar, Johannes; Takouna, Ibrahim; Meinel, Christoph
2014 IEEE 11th Intl Conf on Ubiquitous Intelligence and Computing and 2014 IEEE 11th Intl Conf on Autonomic and Trusted Computing and 2014 IEEE 14th Intl Conf on Scalable Computing and Communications and Its Associated Workshops, Bali, Indonesia, December 9-12, 2014
IEEE Computer Society
Software-as-a-Service (SaaS) is emerging as a new software delivery model, where the application and its associated data are hosted in the cloud. Due to the nature of SaaS and the cloud in general, where the data and the computation are beyond the control of the user, data privacy and security becomes a vital factor in this new paradigm. In multi-tenant SaaS applications, the tenants (i.e., companies) become concerned about the confidentiality of their data since several tenants are consolidated onto a shared infrastructure (i.e., databases). Consequently, two main questions raise. First, how to prohibit a tenant from accessing other’s data? Second, how to avoid the security threats from co-located competing tenants? In this paper, we address the second question. We present SecPlace, a resource allocation model designed to increase the level of security for tenants sharing the same infrastructure. SecPlace avoids hosting competing companies on the same database instance. We minimize the risk of co-resident tenants by preventing any two tenants of the same business type to be hosted on the same database server. SecPlace utilizes the usage of tenant subscription data, such as business type and tenant size and place the tenant accordingly. We conduct extensive experiments to validate our approach. The results show that our approach is practical, achieves its goal, and have a moderate complexity.