|
 ABSTRACT
Rapid advances in networking and Internet technologies have fueled the emergence of the "software as a service" model for enterprise computing. Successful examples of commercially viable software services include rent-a-spreadsheet, electronic mail services, general storage services, disaster protection services. "Database as a Service" model provides users power to create, store, modify, and retrieve data from anywhere in the world, as long as they have access to the Internet. It introduces several challenges, an important issue being data privacy. It is in this context that we specifically address the issue of data privacy.There are two main privacy issues. First, the owner of the data needs to be assured that the data stored on the service-provider site is protected against data thefts from outsiders. Second, data needs to be protected even from the service providers, if the providers themselves cannot be trusted. In this paper, we focus on the second challenge. Specifically, we explore techniques to execute SQL queries over encrypted data. Our strategy is to process as much of the query as possible at the service providers' site, without having to decrypt the data. Decryption and the remainder of the query processing are performed at the client site. The paper explores an algebraic framework to split the query to minimize the computation at the client site. Results of experiments validating our approach are also presented.
REFERENCES
Note: OCR errors may be found in this Reference List extracted from the full text article. ACM has opted to expose the complete List rather than only correct and linked references.
| |
1
|
AES. Advanced Encryption Standard. National Institute of Science and Technology, FIPS 197, 2001.
|
| |
2
|
D. Song and D. Wagner and A. Perrig. Search on encrypted data. In Proc. of IEEE SRSP, 2000.
|
| |
3
|
DES. Data Encryption Standard. FIPS PUB 46, Federal Information Processing Standards Publication, 1977.
|
| |
4
|
|
| |
5
|
H. Hacigümüş, B. Iyer, C. Li, and S. Mehrotra. Executing SQL over Encrypted Data in Database-Service-Provider Model. Technical Report TR-DB-02-02, Database Research Group at University of California, Irvine, 2002.
|
| |
6
|
H. Hacigümüş, B. Iyer, and S. Mehrotra. Providing Database as a Service. In Proc. of ICDE, 2002.
|
| |
7
|
|
 |
8
|
H. V. Jagadish , Hui Jin , Beng Chin Ooi , Kian-Lee Tan, Global optimization of histograms, Proceedings of the 2001 ACM SIGMOD international conference on Management of data, p.223-234, May 21-24, 2001, Santa Barbara, California, United States
|
| |
9
|
|
| |
10
|
R. L. Rivest and L. M. Adleman and M. L. Dertouzos. On Data Banks and Privacy Homomorphisms. In Foundations of Secure Computation, pages 169-178, 1978.
|
| |
11
|
|
| |
12
|
|
| |
13
|
|
| |
14
|
TPC-H. Benchmark Specification. http://www.tpc.org.
|
| |
15
|
M. Winslett and J. D. Ullman. Jeffrey D. Ullman speaks out on the future of higher education, startups, database theory, and more. SIGMOD Record, 30(3), 2001.
|
CITED BY 65
|
|
|
|
|
Claus Boyens , Oliver Günther , Maximilian Teltzrow, Privacy conflicts in CRM services for online shops: a case study, Proceedings of the IEEE international conference on Privacy, security and data mining, p.27-35, December 01, 2002, Maebashi City, Japan
|
|
|
|
|
|
|
|
|
Ernesto Damiani , S. De Capitani Vimercati , Sushil Jajodia , Stefano Paraboschi , Pierangela Samarati, Balancing confidentiality and efficiency in untrusted relational DBMSs, Proceedings of the 10th ACM conference on Computer and communications security, October 27-30, 2003, Washington D.C., USA
|
|
|
|
|
|
Guy Bernard , Jalel Ben-othman , Luc Bouganim , Gérôme Canals , Sophie Chabridon , Bruno Defude , Jean Ferrié , Stéphane Gançarski , Rachid Guerraoui , Pascal Molli , Philippe Pucheral , Claudia Roncancio , Patricia Serrano-Alvarado , Patrick Valduriez, Mobile databases: a selection of open issues and research directions, ACM SIGMOD Record, v.33 n.2, June 2004
|
|
|
|
|
|
Alberto Ceselli , Ernesto Damiani , Sabrina De Capitani Di Vimercati , Sushil Jajodia , Stefano Paraboschi , Pierangela Samarati, Modeling and assessing inference exposure in encrypted databases, ACM Transactions on Information and System Security (TISSEC), v.8 n.1, p.119-152, February 2005
|
|
|
Luc Bouganim , Cosmin Cremarenco , François Dang Ngoc , Nicolas Dieu , Philippe Pucheral, Safe data sharing and data dissemination on smart devices, Proceedings of the 2005 ACM SIGMOD international conference on Management of data, June 14-16, 2005, Baltimore, Maryland
|
|
|
|
|
|
|
|
|
Ernesto Damiani , S. De Capitani di Vimercati , Sara Foresti , Sushil Jajodia , Stefano Paraboschi , Pierangela Samarati, Key management for multi-user encrypted databases, Proceedings of the 2005 ACM workshop on Storage security and survivability, November 11-11, 2005, Fairfax, VA, USA
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Prasenjit Mitra , Chi-Chun Pan , Peng Liu , Vijayalakshmi Atluri, Privacy-preserving semantic interoperation and access control of heterogeneous databases, Proceedings of the 2006 ACM Symposium on Information, computer and communications security, March 21-24, 2006, Taipei, Taiwan
|
|
|
|
|
|
|
|
|
E. Damiani , S. De Capitani di Vimercati , S. Foresti , S. Jajodia , S. Paraboschi , P. Samarati, Selective Data Encryption in Outsourced Dynamic Environments, Electronic Notes in Theoretical Computer Science (ENTCS), 168, p.127-142, February, 2007
|
|
|
|
|
|
|
|
|
Sabrina De Capitani di Vimercati , Sara Foresti , Sushil Jajodia , Stefano Paraboschi , Pierangela Samarati, Over-encryption: management of access control evolution on outsourced data, Proceedings of the 33rd international conference on Very large data bases, September 23-27, 2007, Vienna, Austria
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Mayank Bawa , Roberto J. Bayardo, Jr. , Rakesh Agrawal, Privacy-preserving indexing of documents on the network, Proceedings of the 29th international conference on Very large data bases, p.922-933, September 09-12, 2003, Berlin, Germany
|
|
|
Luc Bouganim , François Dang Ngoc , Philippe Pucheral , Lilan Wu, Chip-secured data access: reconciling access rights with data encryption, Proceedings of the 29th international conference on Very large data bases, p.1133-1136, September 09-12, 2003, Berlin, Germany
|
|
|
Rakesh Agrawal , Jerry Kiernan , Ramakrishnan Srikant , Yirong Xu, Hippocratic databases, Proceedings of the 28th international conference on Very Large Data Bases, p.143-154, August 20-23, 2002, Hong Kong, China
|
|
|
|
|
|
Nicolas Anciaux , Mehdi Benzine , Luc Bouganim , Philippe Pucheral , Dennis Shasha, GhostDB: querying visible and hidden data without leaks, Proceedings of the 2007 ACM SIGMOD international conference on Management of data, June 11-14, 2007, Beijing, China
|
|
|
Feifei Li , Marios Hadjieleftheriou , George Kollios , Leonid Reyzin, Dynamic authenticated index structures for outsourced databases, Proceedings of the 2006 ACM SIGMOD international conference on Management of data, June 27-29, 2006, Chicago, IL, USA
|
|
|
Amit Manjhi , Anastassia Ailamaki , Bruce M. Maggs , Todd C. Mowry , Christopher Olston , Anthony Tomasic, Simultaneous scalability and security for data-intensive web applications, Proceedings of the 2006 ACM SIGMOD international conference on Management of data, June 27-29, 2006, Chicago, IL, USA
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Ravi Chandra Jammalamadaka , Roberto Gamboni , Sharad Mehrotra , Kent E. Seamons , Nalini Venkatasubramanian, iDataGuard: middleware providing a secure network drive interface to untrusted internet data storage, Proceedings of the 11th international conference on Extending database technology: Advances in database technology, March 25-29, 2008, Nantes, France
|
|
|
Christophe Salperwyck , Nicolas Anciaux , Mehdi Benzine , Luc Bouganim , Philippe Pucheral , Dennis Shasha, GhostDB: hiding data from prying eyes, Proceedings of the 33rd international conference on Very large data bases, September 23-27, 2007, Vienna, Austria
|
|
|
Sabrina De Capitani di Vimercati , Sara Foresti , Sushil Jajodia , Stefano Paraboschi , Pierangela Samarati, A data outsourcing architecture combining cryptography and access control, Proceedings of the 2007 ACM workshop on Computer security architecture, November 02-02, 2007, Fairfax, Virginia, USA
|
|
|
Sergej Zerr , Elena Demidova , Daniel Olmedilla , Wolfgang Nejdl , Marianne Winslett , Soumyadeb Mitra, Zerber: r-confidential indexing for distributed documents, Proceedings of the 11th international conference on Extending database technology: Advances in database technology, March 25-29, 2008, Nantes, France
|
|
|
|
|
|
|
|
|
Haixun Wang , Jian Yin , Chang-shing Perng , Philip S. Yu, Dual encryption for query integrity assurance, Proceeding of the 17th ACM conference on Information and knowledge management, October 26-30, 2008, Napa Valley, California, USA
|
|
|
|
|
|
|
|
|
Ravi Chandra Jammalamadaka , Roberto Gamboni , Sharad Mehrotra , Kent Seamons , Nalini Venkatasubramanian, iDataGuard: an interoperable security middleware for untrusted internet data storage, Proceedings of the ACM/IFIP/USENIX Middleware '08 Conference Companion, December 01-05, 2008, Leuven, Belgium
|
|
|
Sabrina De Capitani di Vimercati , Sara Foresti , Sushil Jajodia , Stefano Paraboschi , Gerardo Pelosi , Pierangela Samarati, Preserving confidentiality of security policies in data outsourcing, Proceedings of the 7th ACM workshop on Privacy in the electronic society, October 27-27, 2008, Alexandria, Virginia, USA
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Wai Kit Wong , David Wai-lok Cheung , Ben Kao , Nikos Mamoulis, Secure kNN computation on encrypted databases, Proceedings of the 35th SIGMOD international conference on Management of data, June 29-July 02, 2009, Providence, Rhode Island, USA
|
|
|
Zhao Wei , Zhao Dan-Feng , Gao Feng , Liu Guo-Hua, On indexing and information disclosure measure for efficient cryptograph query, Proceedings of the WSEAES 13th international conference on Computers, p.476-480, July 23-25, 2009, Rodos, Greece
|
|
|
|
|
Adobe Acrobat
QuickTime
Windows Media Player
Real Player
Pdf
H.3