There are several limiting factors halting the spread of Service-oriented Architectures (SOA), an IT-paradigm used to connect heterogeneous systems. Such factors are industry-specific compliance rules (e.g. HIPAA), the general lack of trust in outsourced, so-called cloud providers that host and manage these systems, and recent information gathering scandals like the operations codenamed BULLRUN (USA) and Edgehill (UK). These factors made it obvious that protecting the communication channel (TLS) is a necessary, but not satisfactory solution for protecting services that use public networks and are hosted in third-party data centers. To mitigate these risks, stored and active information (Data at Rest and Data in Use, respectively) should also be protected from unauthorized access.
Sevaral transparent encryption protocols are availabe to provide security services for active and stored records, such as format-preserving encryption that protects information without changing the data type (e.g. positive integers or credit card numbers), searchable encryption that enables queries on secret keywords without data leak, order-preserving encryption to evaluate relations on numerical data and partially homomophic cryptosystems to evaluate operations and simple statistical functions on encrypted records. The goal of this thesis is the implementation and assessment of these protocols, with regard to their security level, computational and storage overhead, and their transparent integration into an existing SOA framework.
A significant requirement during the integration phase is that application developers using our API should be able to declare security rules at the meta-level of the business model, without the need for functional code changes and any knowledge of cryptography. Semantic rules for these contracts should be checked by the framework in compilation time, instead of throwing cumbersome and costly runtime exceptions (an example for these semantic rules is the fact that order-preserving encryption is not applicable for textual or binary data). Helper attributes (at the database schema level) or properties (at the object level) that are needed for security services must be generated automatically and should remain hidden for the clients of the SOA application to conform to the original interface declaration. Encryption, decryption and key management functions must be generated alongside the SOA clients, but business developers should be able to override our providers if necessary (e.g. when a new block cipher is standardized). Loose coupling and easy extensibility are also important requirements, but the system must also operate securely and properly with the default configuration.
The main goal of the thesis is to demonstrate the implementation details of the aforementioned security and integration solutions, and to evaluate their maturity and industrial applicability by writing and profiling a test application.