ARCHITECTURE AND FUNCTIONAL FEATURES OF THE NEXT-GENERATION SECURE DATABASE MANAGEMENT SYSTEMS WITH SUPPORT FOR SERVERLESS AND EDGE COMPUTING
Abstract
This paper presents a comprehensive study of modern database management systems (DBMSs) designed to operate within serverless and edge computing architectures. The analysis focuses on recent DBMSs such as SurrealDB, Xata, Turso, Dolt, and EdgeDB, which implement innovative approaches to data storage, processing, and protection in decentralized environments.These systems have emerged in response to the growing demand for scalable, secure, and resilient data management solutions, especially in the context of increased data generation, the proliferation of IoT devices, and rising requirements for data privacy and integrity.The study examines the architectural and functional characteristics of the mentioned DBMSs, identifying their advantages, limitations, and application potential in security-sensitive domains. Particular attention is paid to the integration of access control policies, support for data encryption, replication mechanisms, fault tolerance, and auditing capabilities. Based on the analysis, the authors propose a generalized architecture for a secure edge-oriented DBMS, which consists of a client tier, edge nodes, access policy engine, audit and logging service, centralized cloud storage, and key management service (KMS).Each component plays a distinct role in ensuring end-to-end data protection, context-aware authorization, local data processing, and synchronization with a centralized repository. To assess system resilience and identify vulnerable components, a formal risk evaluation model is developed. The model calculates risk levels for each architectural component based on three parameters: the probability of threat realization, the degree of vulnerability, and the criticality of impact. The resulting weighted risk scores allow for a quantitative comparison of different architectural configurations and help prioritize protection measures in systems operating under varying threat conditions.The paper also identifies a set of architectural and security design principles that have proven effective in critical distrib- uted systems. These include layered isolation of processing levels, data localization at the edge, attribute-based access control (ABAC), end-to-end encryption (both at rest and in transit), and real-time distributed logging. The combination of these principles is shown to enhance security without compromising scalability or system performance, making them highly suitable for applications in healthcare, industrial automation, energy systems, and critical infrastructure.The results of this study can serve as a foundation for further improvement of secure DBMS design, offering practical insights for developers, system architects, and researchers working on the next generation of distributed and edge-integrated data platforms.
References
2. Xie R., Tang Q., Qiao S., Zhu H., Yu F. R., Huang T. When serverless computing meets edge computing: Architecture, challenges, and open issues. IEEE Wireless Communications. 2021. Vol. 28, No. 5. P. 126–133.
3. Wang S., Zhao Y., Xie Y., Liu Z., Hou X., Zou Q., Wang H. Towards Reliable Vector Database Management Systems: A Software Testing Roadmap for 2030. arXiv preprint. 2025. arXiv:2502.20812.
4. Sabbioni A., Rosa L., Bujari A., Foschini L., Corradi A. DIFFUSE: A DIstributed and decentralized platForm enabling Function composition in Serverless Environments. Computer Networks. 2022. Vol. 210. Article ID: 108993.
5. Magham R. K. Cloud-native distributed databases: a comprehensive overview. Management. 2024. Vol. 15, No. 2. P. 60–74.
6. De Heus M., Psarakis K., Fragkoulis M., Katsifodimos A. Distributed transactions on serverless stateful functions. Proceedings of the 15th ACM International Conference on Distributed and Event-based Systems. 2021. P. 31–42.
7. Lengweiler D., Vogt M., Schuldt H. MMSBench-Net: Scenario-Based Evaluation of Multi-Model Database Systems. International Journal of Data Management and Analytics. 2023. Vol. 8, No. 3. P. 145–158.
8. Kim J., Kim C., Son B., Ryu J., Kim S. A study on Time-series DBMS Application for EdgeX-based lightweight edge gateway. 2020 International Conference on Information and Communication Technology Convergence (ICTC). IEEE, 2020. P. 1795–1798.
9. Huang H., Zhang J., Hu J., Fu Y., Qin C. Research on distributed dynamic trusted access control based on security subsystem. IEEE Transactions on Information Forensics and Security. 2022. Vol. 17. P. 3306–3320.
10. Mansouri Y., Prokhorenko V., Babar M. A. An automated implementation of hybrid cloud for performance evaluation of distributed databases. Journal of Network and Computer Applications. 2020. Vol. 167. Article ID: 102740.
11. Zhang L., Pang K., Xu J., Niu B. JSON-based control model for SQL and NoSQL data conversion in hybrid cloud database. Journal of Cloud Computing. 2022. Vol. 11, No. 1. P. 23.
12. Goriparthi S. Streamlining API development: a comparative analysis of GraphQL and RESTful web services. Journal of Web Engineering and Services. 2023. Vol. 12, No. 4. P. 4587.
13. Enberg P., Tarkoma S., Rao A. Towards Database and Serverless Runtime Co-Design. Proceedings of the CoNEXT Student Workshop 2023. 2023. P. 9–10.
14. Katikeri R., Pepakayala A. N. R., Kuncham L., Barla R., Tarun K., Charan S., Vaid A. EVOLVE: Evaluation of Language-to-SQL Validity and Effectiveness – A Detailed Review Framework for Complex Text-to- SQL Queries. 2024 IEEE International Conference on Big Data (BigData). 2024. P. 1999–2004.
15. Voievodin Y., Rozlomii I., Yarmilko A. Approach to Evaluate Scheduling Strategies in Container Orchestration Systems. Modeling, Control and Information Technologies: Proceedings of the International Scientific and Practical Conference. 2023. No. 6. P. 292–295.
16. Voievodin Y. V., Rozlomii I. O. Advanced software framework for comparing balancing strategies in container orchestration systems. Proceedings of the International Scientific Conference «DOORS». 2024. April. P. 60–69.