Multi-tenant Data Authentication Model for SaaS

ABSTRACT

In SaaS, most tenants rely on the service provider for data maintenance and computation. As tenants no longer possess their application and data locally, it is of critical importance for the tenants to ensure that their data are being correctly stored and maintained. However, the customized multi-tenants sharing storage mode makes it hard for tenants to guarantee their data integrity because multiple tenants’ data is stored in one physical universal table and different data types may be stored into a flex column based on tenants’ customization. Meanwhile to ensure performances of query, adequate pivot table is set up. These introduce new challenges to data integrity protection for tenants. This paper presents a review of the state of the art solutions and recent patents in the fields of data authentication, and puts forward a multitenant data authentication model (MTDA). MTDA is a composite structure that constructs pivot authentication tree (PAT) on the pivot table and combines it with signature set (S-set) built on universal table to ensure that malicious insiders can't modify the data in pivot table and universal table. The main contribution of MTDA is it can guarantee the tenant query result in one tree travels and return the verification object, corresponding to the result on pivot table and universal table. We demonstrate effectiveness of our model compared with direct adoption of the MB tree based approaches on pivot table and universal table through the experiment. MTDA shows a better performance on VO verification.

Keywords: