Database security in the cloud
Independent thesis Basic level (university diploma), 10 credits / 15 HE creditsStudent thesisAlternative title
Databassäkerhet i molnet (Swedish)
The aim of the thesis is to get an overview of the database services available in cloud computing environment, investigate the security risks associated with it and propose the possible countermeasures to minimize the risks. The thesis also analyzes two cloud database service providers namely; Amazon RDS and Xeround. The reason behind choosing these two providers is because they are currently amongst the leading cloud database providers and both provide relational cloud databases which makes the comparison useful. The focus of the analysis has been to provide an overview of their database services as well as the available security measurements. A guide has been appended at the end of the report to help with technical configurations of database migration and connecting applications to the databases for the two mentioned cloud database providers.
The thesis has been conducted on behalf of the Swedish Armed Forces and after reviewing the security risks associated with cloud databases, it is recommended that the Armed Forces should refrain from public cloud database services. Security deficiencies such as vague physical security and access control procedures, unavailability of preferred monitoring tools and most importantly the absence of proper encryption and key management schemes make the public database services useless for an authority such as the Armed Forces. The recommended solutions are therefore to either use a jointly-owned community cloud database solution for less confidential data only or to use on-premise private cloud database solution for all but the TOP SECRET classified data.
Keywords: Cloud computing, cloud database services, Swedish Armed Forces, security risks, Xeround, Amazon RDS
Place, publisher, year, edition, pages
2012. , 63 p.
Database security, security in cloud, cloud security
databassäkerhet, molnet, moln
IdentifiersURN: urn:nbn:se:kth:diva-102955OAI: oai:DiVA.org:kth-102955DiVA: diva2:557762
Subject / course
Computer Technology, Networks and Security
Bachelor of Science in Engineering - Computer Engineering