research-article

Secure query processing with data interoperability in a cloud database environment

Authors:

David Wai Lok Cheung,

Siu Ming YiuAuthors Info & Claims

SIGMOD '14: Proceedings of the 2014 ACM SIGMOD International Conference on Management of Data

Pages 1395 - 1406

https://doi.org/10.1145/2588555.2588572

Published: 18 June 2014 Publication History

Abstract

We address security issues in a cloud database system which employs the DBaaS model. In such a model, a data owner (DO) exports its data to a cloud database service provider (SP). To provide data security, sensitive data is encrypted by the DO before it is uploaded to the SP. Existing encryption schemes, however, are only partially homomorphic in the sense that each of them was designed to allow one specific type of computation to be done on encrypted data. These existing schemes cannot be integrated to answer real practical queries that involve operations of different kinds. We propose and analyze a secure query processing system (SDB) on relational tables and a set of elementary operators on encrypted data that allow data interoperability, which allows a wide range of SQL queries to be processed by the SP on encrypted information. We prove that our encryption scheme is secure against two types of threats and that it is practically efficient.

References

[1]

R. Agrawal and J. Kiernan et al. Order-preserving encryption for numeric data. In SIGMOD, 2004.

Digital Library

[2]

A. Arasu et al. Secure database-as-a-service with cipherbase. In SIGMOD, 2013.

Digital Library

[3]

S. Bajaj et al. Trusteddb: a trusted hardware based database with privacy and data confidentiality. In SIGMOD, 2011.

Digital Library

[4]

D. Bogdanov et al. A universal toolkit for cryptographically secure privacy-preserving data mining. In PAISI, 2012.

Digital Library

[5]

A. Boldyreva et al. Order-preserving encryption revisited: Improved security analysis and alternative solutions. In CRYPTO, 2011.

Digital Library

[6]

D. Boneh et al. Public key encryption with keyword search. In EUROCRYPT, 2004.

[7]

E. Damiani et al. Balancing confidentiality and efficiency in untrusted relational dbmss. In CCS, 2003.

Digital Library

[8]

S. Das and D. Agrawal et al. Elastras: An elastic transactional data store in the cloud. CoRR, 2010.

[9]

S. Das, V. Narasayya, and F. Li et al. CPU sharing techniques for performance isolation in multi-tenant relational database-as-a-service. PVLDB, 2014.

[10]

A. J. Elmore, S. Das, D. Agrawal, and A. El Abbadi. Zephyr: live migration in shared nothing databases for elastic cloud platforms. In SIGMOD, 2011.

Digital Library

[11]

F. Emekçi, D. Agrawal, and A. El Abbadi. Privacy preserving query processing using third parties. In ICDE, 2006.

Digital Library

[12]

C. Gentry. Fully homomorphic encryption using ideal lattices. In STOC, 2009.

Digital Library

[13]

C. Gentry et al. Fully homomorphic encryption with polylog overhead. In EUROCRYPT, 2012.

Digital Library

[14]

O. Goldreich, S. Micali, and A. Wigderson. How to play any mental game. In STOC, 1987.

Digital Library

[15]

H. Hacigümüs, S. Mehrotra, and B. R. Iyer. Providing database as a service. In ICDE, 2002.

[16]

H. Hacigümüs et al.and B. R. Iyer, C. Li, and S. Mehrotra. Executing sql over encrypted data in the database-service-provider model. In SIGMOD, 2002.

Digital Library

[17]

B. Hore, S. Mehrotra, and G. Tsudik. A privacy preserving index for range queries. In VLDB, 2004.

Digital Library

[18]

M. Kantarcioglu and C. Chris. Privacy-preserving distributed mining of association rules on horizontally partitioned data. TKDE, 2004.

Digital Library

[19]

A. J. Menezes, P. C. Oorschot, and S. A. Vanstone. Handbook of Applied Cryptography. CRC Press, 1996.

Digital Library

[20]

P. Paillier. Public-key cryptosystems based on composite degree residuosity classes. In EUROCRYPT, 1999.

Digital Library

[21]

S. Papadopoulos et al. Secure and efficient in-network processing of exact sum queries. In ICDE, 2011.

Digital Library

[22]

R. A. Popa et al. Cryptdb: processing queries on an encrypted database. CACM, 2012.

Digital Library

[23]

R. L. Rivest et al.and A. Shamir and L. M. Adleman. A method for obtaining digital signatures and public-key cryptosystems. CACM, 1978.

Digital Library

[24]

A. Soror et al. Automatic virtual machine configuration for database workloads. In SIGMOD, 2008.

Digital Library

[25]

S. Tu and M. F. Kaashoek et al. Processing analytical queries over encrypted data. In PVLDB, 2013.

Digital Library

[26]

J. Vaidya et al. Secure set intersection cardinality with application to association rule mining. JCS, 2005.

Digital Library

[27]

S. Wang, D. Agrawal, and A. El Abbadi. A comprehensive framework for secure query processing on relational data in the cloud. In SDM, 2011.

Digital Library

[28]

P. Wong, Z. He, and E. Lo. Parallel analytics as a service. In SIGMOD, 2013.

Digital Library

[29]

W. K. Wong et al. Secure query processing with data interoperability in a cloud database environment. Technical Report TR-2014-03, Department of Computer Science, University of Hong Kong, 2014.

Digital Library

[30]

A. C. Yao. Protocols for secure computations (extended abstract). In FOCS, 1982.

Digital Library

Cited By

Wang QLuo QWang Y(2024)Relational Algorithms for Top-k Query EvaluationProceedings of the ACM on Management of Data10.1145/36549712:3(1-27)Online publication date: 30-May-2024
https://dl.acm.org/doi/10.1145/3654971
Chang ZXie DWang SLi FShen Y(2024)Towards Practical Oblivious Join ProcessingIEEE Transactions on Knowledge and Data Engineering10.1109/TKDE.2023.331003836:4(1829-1842)Online publication date: Apr-2024
https://doi.org/10.1109/TKDE.2023.3310038
Cao XLi YBogatov DLiu JRen K(2024)Secure and Practical Functional Dependency Discovery in Outsourced Databases2024 IEEE 40th International Conference on Data Engineering (ICDE)10.1109/ICDE60146.2024.00134(1645-1658)Online publication date: 13-May-2024
https://doi.org/10.1109/ICDE60146.2024.00134
Show More Cited By

Index Terms

Secure query processing with data interoperability in a cloud database environment
1. Security and privacy
  1. Database and storage security
2. Theory of computation
  1. Theory and algorithms for application domains
    1. Database theory
      1. Theory of database privacy and security

Recommendations

A study of secure DBaaS with encrypted data transactions
ICCIP '16: Proceedings of the 2nd International Conference on Communication and Information Processing

The emergence of cloud computing allowed different IT services to be outsourced to cloud service providers (CSP). This includes the management and storage of user's structured data called Database as a Service (DBaaS). However, DBaaS requires users to ...
Symmetric searchable encryption with efficient range query using multi-layered linked chains

Searchable encryption is an encryption system which provides confidentiality of stored documents and usability of document search at the same time. Remote cloud storage is the most typical application for searchable encryption. By applying searchable ...
A Survey on Querying Encrypted Data for Database as a Service
CYBERC '13: Proceedings of the 2013 International Conference on Cyber-Enabled Distributed Computing and Knowledge Discovery

Using database encryption to protect data in some situations where access control is not solely enough is inevitable. Database encryption provides an additional layer of protection to conventional access control techniques. It prevents unauthorized ...

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences

SIGMOD '14: Proceedings of the 2014 ACM SIGMOD International Conference on Management of Data

June 2014

1645 pages

ISBN:9781450323765

DOI:10.1145/2588555

General Chairs:
Curtis Dyreson
Utah State University, USA
,
Feifei Li
University of Utah, USA
,
Program Chair:
M. Tamer Özsu
University of Waterloo, Canada

Copyright © 2014 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

SIGMOD: ACM Special Interest Group on Management of Data

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 18 June 2014

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Conference

SIGMOD/PODS'14

Sponsor:

SIGMOD

SIGMOD/PODS'14: International Conference on Management of Data

June 22 - 27, 2014

Utah, Snowbird, USA

Acceptance Rates

SIGMOD '14 Paper Acceptance Rate 107 of 421 submissions, 25%;

Overall Acceptance Rate 785 of 4,003 submissions, 20%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

57
Total Citations
View Citations
1,163
Total Downloads

Downloads (Last 12 months)39
Downloads (Last 6 weeks)6

Reflects downloads up to 12 Aug 2024

Other Metrics

View Author Metrics

Citations

Cited By

Wang QLuo QWang Y(2024)Relational Algorithms for Top-k Query EvaluationProceedings of the ACM on Management of Data10.1145/36549712:3(1-27)Online publication date: 30-May-2024
https://dl.acm.org/doi/10.1145/3654971
Chang ZXie DWang SLi FShen Y(2024)Towards Practical Oblivious Join ProcessingIEEE Transactions on Knowledge and Data Engineering10.1109/TKDE.2023.331003836:4(1829-1842)Online publication date: Apr-2024
https://doi.org/10.1109/TKDE.2023.3310038
Cao XLi YBogatov DLiu JRen K(2024)Secure and Practical Functional Dependency Discovery in Outsourced Databases2024 IEEE 40th International Conference on Data Engineering (ICDE)10.1109/ICDE60146.2024.00134(1645-1658)Online publication date: 13-May-2024
https://doi.org/10.1109/ICDE60146.2024.00134
Shi GWang GSun SGu D(2024)Efficient cryptanalysis of an encrypted database supporting data interoperabilityThe VLDB Journal10.1007/s00778-024-00852-133:5(1357-1375)Online publication date: 23-May-2024
https://doi.org/10.1007/s00778-024-00852-1
Tian PGuo CChoo KTang XYao L(2023)A Privacy-Preserving Hybrid Range Search Scheme Over Encrypted Electronic Medical Data in IoT SystemsIEEE Internet of Things Journal10.1109/JIOT.2023.326279510:17(15314-15324)Online publication date: 1-Sep-2023
https://doi.org/10.1109/JIOT.2023.3262795
Zhang JLi C(2023)A practical privacy-preserving nearest neighbor searching method over encrypted spatial dataThe Journal of Supercomputing10.1007/s11227-023-05170-x79:13(14146-14171)Online publication date: 4-Apr-2023
https://doi.org/10.1007/s11227-023-05170-x
Ahmad IAgrawal DAbbadi AGupta T(2022)PantheonProceedings of the VLDB Endowment10.14778/3574245.357425116:4(643-656)Online publication date: 1-Dec-2022
https://dl.acm.org/doi/10.14778/3574245.3574251
Bai SYang GLiu GDai HRong C(2022)NttpFL: Privacy-Preserving Oriented No Trusted Third Party Federated Learning System Based on BlockchainIEEE Transactions on Network and Service Management10.1109/TNSM.2022.318499219:4(3750-3763)Online publication date: Dec-2022
https://doi.org/10.1109/TNSM.2022.3184992
Chang ZXie DLi FPhillips JBalasubramonian R(2022)Efficient Oblivious Query Processing for Range and kNN QueriesIEEE Transactions on Knowledge and Data Engineering10.1109/TKDE.2021.306075734:12(5741-5754)Online publication date: 1-Dec-2022
https://doi.org/10.1109/TKDE.2021.3060757
Tian PGuo CChoo KLiu YLi LYao L(2022)EAFS: An Efficient, Accurate, and Forward Secure Searchable Encryption Scheme Supporting Range SearchIEEE Systems Journal10.1109/JSYST.2021.307132716:2(3450-3460)Online publication date: Jun-2022
https://doi.org/10.1109/JSYST.2021.3071327
Show More Cited By

View Options

Get Access

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Media

Figures

Other

Tables

View Table of Contents