research-article

RASP: efficient multidimensional range query on attack-resilient encrypted databases

Authors:

Ramakanth Kavuluru,

Shumin GuoAuthors Info & Claims

CODASPY '11: Proceedings of the first ACM conference on Data and application security and privacy

Pages 249 - 260

https://doi.org/10.1145/1943513.1943547

Published: 21 February 2011 Publication History

Abstract

Range query is one of the most frequently used queries for online data analytics. Providing such a query service could be expensive for the data owner. With the development of services computing and cloud computing, it has become possible to outsource large databases to database service providers and let the providers maintain the range-query service. With outsourced services, the data owner can greatly reduce the cost in maintaining computing infrastructure and data-rich applications. However, the service provider, although honestly processing queries, may be curious about the hosted data and received queries. Most existing encryption based approaches require linear scan over the entire database, which is inappropriate for online data analytics on large databases. While a few encryption solutions are more focused on efficiency side, they are vulnerable to attackers equipped with certain prior knowledge. We propose the Random Space Encryption (RASP) approach that allows efficient range search with stronger attack resilience than existing efficiency-focused approaches. We use RASP to generate indexable auxiliary data that is resilient to prior knowledge enhanced attacks. Range queries are securely transformed to the encrypted data space and then efficiently processed with a two-stage processing algorithm. We thoroughly studied the potential attacks on the encrypted data and queries at three different levels of prior knowledge available to an attacker. Experimental results on synthetic and real datasets show that this encryption approach allows efficient processing of range queries with high resilience to attacks.

References

[1]

R. Agrawal, J. Kiernan, R. Srikant, and Y. Xu, "Order preserving encryption for numeric data," in Proceedings of ACM SIGMOD Conference, 2004.

Digital Library

[2]

R. Agrawal and R. Srikant, "Privacy-preserving data mining," in Proceedings of ACM SIGMOD Conference. Dallas, Texas: ACM, 2000.

Digital Library

[3]

A. Boldyreva, N. Chenette, Y. Lee, and A. O'Neill, "Order preserving symmetric encryption," in Proceedings of EUROCRYPT conference, 2009.

Digital Library

[4]

D. Boneh, G. D. Crescenzo, R. Ostrovsky, and G. Persiano, "Public-key encryption with keyword search," in Proceedings of Advances in Cryptology, (EUROCRYPT0) Springer, 2004.

[5]

D. Boneh and B. Waters, "Conjunctive, subset, and range queries on encrypted data," in the Theory of Cryptography Conference (TCC). Springer, 2007, pp. 535--554.

Digital Library

[6]

S. Boyd and L. Vandenberghe, Convex Optimization. Cambridge University Press, 2004.

Digital Library

[7]

K. Chen and L. Liu, "A random rotation perturbation approach to privacy preserving data classification," in Proceedings of International Conference on Data Mining (ICDM). Houston, TX: IEEE, 2005.

[8]

K. Chen and L. Liu, "A survey of multiplicative data perturbation for privacy preserving data mining," Privacy-Preserving Data Mining: Models and Algorithms, Edited by Charu C. Aggarwal and Philip S. Yu, 2008.

[9]

K. Chen, L. Liu, and G. Sun, "Towards attack-resilient geometric data perturbation," in SIAM Data Mining Conference, 2007.

[10]

B. Chor, E. Kushilevitz, O. Goldreich, and M. Sudan, "Private information retrieval," ACM Computer Survey, vol. 45, no. 6, pp. 965--981, 1998.

Digital Library

[11]

R. Curtmola, J. Garay, S. Kamara, and R. Ostrovsky, "Searchable symmetric encryption: improved definitions and efficient constructions," in Proceedings of the 13th ACM conference on Computer and communications security. New York, NY, USA: ACM, 2006, pp. 79--88.

Digital Library

[12]

I. Gartner, "Server storage and raid worldwide," Technical Report, 1999.

[13]

C. Gentry, "Fully homomorphic encryption using ideal lattices," in STOC '09: Proceedings of the 41st annual ACM symposium on Theory of computing. New York, NY, USA: ACM, 2009, pp. 169--178.

Digital Library

[14]

E.-J. Goh, "Secure indexes," Cryptology ePrint Archive, Report 2003/216, 2003, http://eprint.iacr.org/2003/216/.

[15]

O. Goldreich, Foundations of Cryptography. Cambridge University Press, 2001.

Digital Library

[16]

O. Goldreich and R. Ostrovsky, "Software protection and simulation on oblivious ram," Journal of the ACM, vol. 43, pp. 431--473, 1996.

Digital Library

[17]

P. Golle, J. Staddon, and B. Waters, "Secure conjunctive keyword search over encrypted data," in ACNS 04: 2nd International Conference on Applied Cryptography and Network Security. Springer-Verlag, 2004, pp. 31--45.

[18]

S. Guo and X. Wu, "Deriving private information from arbitrarily projected data," in Proceedings of the 11th European Conference on Principles and Practice of Knowledge Discovery in Databases (PKDD07), Warsaw, Poland, Sept 2007.

[19]

A. Guttman, "R-trees: A dynamic index structure for spatial searching," in SIGMOD'84, Proceedings of Annual Meeting, Boston, Massachusetts, June 18-21, 1984, B. Yormark, Ed. ACM Press, 1984, pp. 47--57.

Digital Library

[20]

H. Hacigumus, B. Iyer, C. Li, and S. Mehrotra, "Executing sql over encrypted data in the database-service-provider model," in Proceedings of ACM SIGMOD Conference, 2002.

Digital Library

[21]

B. Hore, S. Mehrotra, and G. Tsudik, "A privacy-preserving index for range queries," in Proceedings of Very Large Databases Conference (VLDB), 2004.

Digital Library

[22]

Z. Huang, W. Du, and B. Chen, "Deriving private information from randomized data," in Proceedings of ACM SIGMOD Conference, 2005.

Digital Library

[23]

A. Hyvarinen, J. Karhunen, and E. Oja, Independent Component Analysis. Wiley, 2001.

Digital Library

[24]

E. Kushilevitz and R. Ostrovsky, "Replication is not needed: Single database, computationally-private information retrieval," in In Proc. of the 38th Annu. IEEE Symp. on Foundations of Computer Science, 1997, pp. 364--373.

Digital Library

[25]

E. L. Lehmann and G. Casella, Theory of Point Estimation. Springer-Verlag, 1998.

[26]

K. Liu, C. Giannella, and H. Kargupta, "An attacker's view of distance preserving maps for privacy preserving data mining," in European Conference on Principles and Practice of Knowledge Discovery in Databases (PKDD), Berlin, Germany, September 2006.

Digital Library

[27]

K. Liu, H. Kargupta, and J. Ryan, "Random projection-based multiplicative data perturbation for privacy preserving distributed data mining," IEEE Transactions on Knowledge and Data Engineering (TKDE), vol. 18, no. 1, pp. 92--106, 2006.

Digital Library

[28]

Y. Manolopoulos, A. Nanopoulos, A. Papadopoulos, and Y. Theodoridis, R-trees: Theory and Applications. Springer-Verlag, 2005.

Digital Library

[29]

E. Shi, J. Bethencourt, T.-H. H. Chan, D. Song, and A. Perrig, "Multi-dimensional range query over encrypted data," in IEEE Symposium on Security and Privacy, 2007.

Digital Library

[30]

D. X. Song, D. Wagner, and A. Perrig, "Practical techniques for searches on encrypted data," in IEEE Symposium on Security and Privacy. Washington, DC, USA: IEEE Computer Society, 2000, p. 44.

Digital Library

[31]

H. Wang and L. V. S. Lakshmanan, "Efficient secure query evaluation over encrypted xml databases," in VLDB '06: Proceedings of the 32nd international conference on Very large data bases. VLDB Endowment, 2006, pp. 127--138.

Digital Library

[32]

P. Williams, R. Sion, and B. Carbunar, "Building castles out of mud: Practical access pattern privacy and correctness on untrusted storage," in ACM Conference on Computer and Communications Security, 2008.

Digital Library

[33]

W. Wong, D. W. Cheung, B. Kao, and N. Mamoulis, "Secure knn computation on encrypted databases," in Proceedings of ACM SIGMOD Conference, 2009.

Digital Library

Cited By

Hayata JSchuldt JHanaoka GMatsuura K(2023)On private information retrieval supporting range queriesInternational Journal of Information Security10.1007/s10207-023-00743-623:1(629-647)Online publication date: 26-Sep-2023
https://doi.org/10.1007/s10207-023-00743-6
Lopes CCesário-Times VMatwin SCiferri CCiferri R(2020)An Encryption Methodology for Enabling the Use of Data Warehouses on the CloudResearch Anthology on Artificial Intelligence Applications in Security10.4018/978-1-7998-7705-9.ch026(528-559)Online publication date: 27-Nov-2020
https://doi.org/10.4018/978-1-7998-7705-9.ch026
Hayata JSchuldt JHanaoka GMatsuura K(2020)On Private Information Retrieval Supporting Range QueriesComputer Security – ESORICS 202010.1007/978-3-030-59013-0_33(674-694)Online publication date: 13-Sep-2020
https://doi.org/10.1007/978-3-030-59013-0_33
Show More Cited By

Index Terms

RASP: efficient multidimensional range query on attack-resilient encrypted databases

Recommendations

Authentication and integrity in outsourced databases

In the Outsourced Database (ODB) model, entities outsource their data management needs to a third-party service provider. Such a service provider offers mechanisms for its clients to create, store, update, and access (query) their databases. This work ...
Towards secure outsourcing of collaborative sensing and analytic applications to the cloud - the pCloud approach
MCS '13: Proceedings of the First International Workshop on Middleware for Cloud-enabled Sensing

The advent of cloud computing is driving a paradigm shift in the computing landscape. An increasing number of businesses and individuals are moving their data and computation to the cloud. While the benefits of cloud computing are numerous, security ...
An improved timestamp-based password authentication scheme: comments, cryptanalysis, and improvement

In 2003, Shen et al. proposed a timestamp-based password authentication scheme by using smart card. Later, in 2005 and 2008, this scheme was found susceptible to forged login attacks by some researchers, and improved schemes were proposed. In 2011, ...

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences

CODASPY '11: Proceedings of the first ACM conference on Data and application security and privacy

February 2011

294 pages

ISBN:9781450304665

DOI:10.1145/1943513

General Chair:
Ravi Sandhu
University of Texas at San Antonio, USA
,
Program Chair:
Elisa Bertino
Purdue University, USA

Copyright © 2011 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

SIGSAC: ACM Special Interest Group on Security, Audit, and Control

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 21 February 2011

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Conference

CODASPY '11

Sponsor:

SIGSAC

CODASPY '11: First ACM Conference on Data and Application Security and Privacy

February 21 - 23, 2011

TX, San Antonio, USA

Acceptance Rates

Overall Acceptance Rate 149 of 789 submissions, 19%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

16
Total Citations
View Citations
433
Total Downloads

Downloads (Last 12 months)3
Downloads (Last 6 weeks)1

Reflects downloads up to 11 Jan 2025

Other Metrics

View Author Metrics

Citations

Cited By

Hayata JSchuldt JHanaoka GMatsuura K(2023)On private information retrieval supporting range queriesInternational Journal of Information Security10.1007/s10207-023-00743-623:1(629-647)Online publication date: 26-Sep-2023
https://doi.org/10.1007/s10207-023-00743-6
Lopes CCesário-Times VMatwin SCiferri CCiferri R(2020)An Encryption Methodology for Enabling the Use of Data Warehouses on the CloudResearch Anthology on Artificial Intelligence Applications in Security10.4018/978-1-7998-7705-9.ch026(528-559)Online publication date: 27-Nov-2020
https://doi.org/10.4018/978-1-7998-7705-9.ch026
Hayata JSchuldt JHanaoka GMatsuura K(2020)On Private Information Retrieval Supporting Range QueriesComputer Security – ESORICS 202010.1007/978-3-030-59013-0_33(674-694)Online publication date: 13-Sep-2020
https://doi.org/10.1007/978-3-030-59013-0_33
Yan KShen WJin QLu H(2019)Emerging Privacy Issues and Solutions in Cyber-Enabled Sharing Services: From Multiple PerspectivesIEEE Access10.1109/ACCESS.2019.28943447(26031-26059)Online publication date: 2019
https://doi.org/10.1109/ACCESS.2019.2894344
Lopes CCesário-Times VMatwin SCiferri CCiferri R(2018)An Encryption Methodology for Enabling the Use of Data Warehouses on the CloudInternational Journal of Data Warehousing and Mining10.4018/IJDWM.201810010314:4(38-66)Online publication date: 1-Oct-2018
https://dl.acm.org/doi/10.4018/IJDWM.2018100103
Hong JWen TGuo QYe Z(2017) Secure kNN Computation and Integrity Assurance of Data Outsourcing in the Cloud Mathematical Problems in Engineering10.1155/2017/81097302017:1Online publication date: 13-Dec-2017
https://doi.org/10.1155/2017/8109730
Yuchuan Luo Shaojing Fu Wang DXu MJia X(2017)Efficient and generalized geometric range search on encrypted spatial data in the cloud2017 IEEE/ACM 25th International Symposium on Quality of Service (IWQoS)10.1109/IWQoS.2017.7969108(1-10)Online publication date: Jun-2017
https://doi.org/10.1109/IWQoS.2017.7969108
Cuzzocrea A(2017)Effectively and Efficiently Supporting Encrypted OLAP Queries over Big Data: Models, Issues, ChallengesProceedings of the 7th International Conference on Emerging Databases10.1007/978-981-10-6520-0_36(329-336)Online publication date: 14-Oct-2017
https://doi.org/10.1007/978-981-10-6520-0_36
J NM P(2016)PROVIDING SECURITY TO THE USER DATA IN CLOUDi-manager’s Journal on Cloud Computing10.26634/jcc.3.2.81663:2(17)Online publication date: 2016
https://doi.org/10.26634/jcc.3.2.8166
Sunitha JSermakani M(2015)Building an Authentication and Quality of Query Services in the CloudProcedia Computer Science10.1016/j.procs.2015.04.07350(122-127)Online publication date: 2015
https://doi.org/10.1016/j.procs.2015.04.073
Show More Cited By

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Media

Figures

Other

Tables

View Table of Contents