There is a growing trend to subscribe to software services in the cloud. An example is a large corporation that creates, views, and manages massive amounts of invoices in the cloud through a SaaS service (Software as a Service). However, in general such services don’t offer many possibilities to restrict queries based on e.g. security or privacy considerations. And without such restrictions, an individual account manager, for example, can query and see all the invoices, irrespective of his role, assigned customers, or region. In addition, the SaaS provider cannot easily make its database multitenant, i.e. shared by a number of its customers.
A common way to solve this problem today is for the SaaS providers to set up separate installations per customer and to program the security logic in the application, a solution that is most often not efficient, error-prone, difficult to audit and expensive to adapt.
With SEQUOIA, we aimed to develop a generic solution for SaaS providers. A solution that allows them to set up one multitenant database while giving each of their customers the possibility to define fine-grained, attribute-based security rules. In the invoice example, the corporation using SaaS would then be able to set restrictions on viewing and modifying invoices based on e.g. region, responsibility, or account management.
Koen Handekyn, project lead and CEO of UP-nxt, says: “The solution we came up with in a real innovation compared to the state-of-the-art. In essence, it tailors the queries before they are executed, instead of having the application filter the results after a database search. This rewriting and compacting of queries is done by an add-on module, at the level of the data access middleware, and thus separated from the database or customer applications. This allows SaaS providers like us to add value to our service without having to install new databases or middleware, or reprogram the applications. And each of our customers can add its own rules, in a declarative language that is easy to use and to audit.”
- A security solution to enforce complex, custom authorization rules in search queries, with guarantees for safety, correctness and performance
- Security middleware for SaaS, generic and application-independent
- Validated in multiple storage and query architectures, with proof-of-concept in state-of-the-art data access middleware
- Demonstrators in the three application domains of the partners