Incorporation of Secure Channel Communications Over Multi-tenant Database

The Enterprise IT industry is undergoing a paradigm shift—with the help of cloud computing which is one of the main reasons. The popular IT giants such as Google, IBM, Microsoft, and Amazon have started their cloud computing infrastructure. Software as a Service (SaaS) has been one of the major business models to provide cost saving Enterprise services to small and medium enterprises (SME). In SaaS cloud provider provides their services to their customer’s on rental basis which is usually very less as compared as paying for licensed applications. Multi-tenancy which is an important feature of cloud computing provides a concept named multi-tenant database; is a relational model-based database architecture where single instance of the database servers multiple customers called Tenants. The application is planned to virtually partition its data and configuration and tenant is provided with a customized virtual application. However, the customers are often reluctant to store their highly confidential data using multi-tenant database in the fear of their information being exposed to other tenants either due to some application bug or any passive or active attack on the database. So, here we define a highly secured model of a multi-tenant database protected by different encryption algorithms. Every stream of data that travels through the channel is encrypted using AES encryption and is stored in database in encrypted form. Further, the key generated by AES algorithm has been encrypted using RSA encryption and stored in database data. The particular key corresponds to a particular User ID, So, even if the data if exposed to some unauthorized user due to some application bug that will not be decrypted. Further, role-based access control (RBAC) defines the roles of different tenants and sub-tenants using the application.