Jinfei Liu,Juncheng Yang,Li Xiong,Jian Pei

DOI: https://doi.org/10.1109/icde.2017.117

2017-01-01

Abstract:Outsourcing data and computation to cloud server provides a cost-e ective way to support large scale data storage and query processing. However, due to security and privacy concerns, sensitive data (e.g., medical records) need to be protected from the cloud server and other unauthorized users. One approach is to outsource encrypted data to the cloud server and have the cloud server perform query processing on the encrypted data only. It remains a challenging task to support various queries over encrypted data in a secure and e cient way such that the cloud server does not gain any knowledge about the data, query, and query result. In this paper, we study the problem of secure skyline queries over encrypted data. The skyline query is particularly important for multicriteria decision making but also presents significant challenges due to its complex computations. We propose a fully secure skyline query protocol on data encrypted using semanticallysecure encryption. As a key subroutine, we present a new secure dominance protocol, which can be also used as a building block for other queries. Finally, we provide both serial and parallelized implementations and empirically study the protocols in terms of e ciency and scalability under di erent parameter settings, verifying the feasibility of our proposed solutions.

Zhiqiang Yang,Sheng Zhong,Rebecca N. Wright

DOI: https://doi.org/10.1007/11863908_29

2006-01-01

Abstract:Data confidentiality is a major concern in database systems. Encryption is a useful tool for protecting the confidentiality of sensitive data. However, when data is encrypted, performing queries becomes more challenging. In this paper, we study efficient and provably secure methods for queries on encrypted data stored in an outsourced database that may be susceptible to compromise. Specifically, we show that, in our system, even if an intruder breaks into the database and observes some interactions between the database and its users, he only learns very little about the data stored in the database and the queries performed on the data.Our work consists of several components. First, we consider databases in which each attribute has a finite domain and give a basic solution for certain kinds of queries on such databases. Then, we present two enhanced solutions, one with a stronger security guarantee and the other with accelerated queries. In addition to providing proofs of our security guarantees, we provide empirical performance evaluations. Our experiments demonstrate that our solutions are fast on large-sized real data.

Bo Sun,Sen Zhao,Guohua Tian

DOI: https://doi.org/10.1080/09540091.2024.2323059

2024-03-07

Connection Science

Abstract:Limited by the local storage resource, data users have to encrypt their data and outsource the encrypted databases to cloud servers to enjoy low-cost, professional data management services, which promotes the rapid development of outsourcing database technology. Despite this, the complex underlying setting and loosely coupled database architecture lead to various security risks and performance bottlenecks, while there is currently no work to achieve a comprehensive evaluation of existing encrypted database solutions from the aspects of underlying settings, security levels, functions, etc. In this work, we first propose an evaluation model to assess SQL functionalities and security from multiple dimensions. Secondly, we categorise the existing SQL query schemes into three categories: software-based construction, hardware-based construction, and hybrid-based construction, that is, a combination of software and hardware components. On this basis, we analyse the framework, advantages, and limitations of classic and state-of-the-art schemes. Finally, we summarise the software-based and hardware-based approaches from dimensions of SQL functionality, security, and efficiency, thus clarifying their ideal application scenarios. Notably, SQL query schemes that exhibit minimal equality of pair leakage and support strong obliviousness can achieve higher levels of security. In addition, hardware-based solutions can achieve more complex SQL queries and superior performance without designing complex and functionally-limited cryptographic tools.

computer science, artificial intelligence, theory & methods

Jamie Cui,Chaochao Chen,Alex X. Liu,Li Wang

2021-01-01

Abstract:With the emerging popularity of cloud computing, the problem of how to query over cryptographically-protected data has been widely studied. However, most existing works focus on querying protected relational databases, few work has shown interests in graph databases. In this paper, we first investigate and summarize two single-instruction queries, namely Graph Pattern Matching (GPM) and Graph Navigation (GN). Then we follow their design intuitions and leverage secure Multi-Party Computation (MPC) to implement their functionalities in a privacy-preserving manner. Moreover, we propose a general framework for processing multi-instruction query on secret-shared graph databases and present a novel cryptographic primitive Oblivious Filter (OF) as a core building block. Nevertheless, we formalize the problem of OF and present its constructions using homomorphic encryption. Finally, we conduct an empirical study to evaluate the efficiency of our proposed OF protocol.

Tikaram Sanyashi,Bernard Menezes

2023-08-05

Abstract:Sensitive applications running on the cloud often require data to be stored in an encrypted domain. To run data mining algorithms on such data, partially homomorphic encryption schemes (allowing certain operations in the ciphertext domain) have been devised. One such line of work yields schemes for secure \textit{k-nearest neighbors} computation that is designed to provide both \textit{Data Privacy} and \textit{Query Privacy}. Enhancements in this area further ensure that the data owner approves each query issued by a query user before the cloud server processes it. In this work, we describe an attack that invalidates the \textit{key confidentiality} claim, which further invalidates the \textit{Data Privacy} claim for these schemes. We show that a query user can specially tailor a query to extract information about the secret key used to encrypt the data points. Furthermore, the recovered secret information can be used to derive all the plaintext data points breaking \textit{data privacy}. We then suggest enhanced encryption schemes that make such attacks on \textit{data privacy} impossible while incurring meager additional costs in performance.

Cryptography and Security

Jinfei Liu,Juncheng Yang,Li Xiong,Jian Pei

DOI: https://doi.org/10.1109/TKDE.2018.2857471

Abstract:Outsourcing data and computation to cloud server provides a cost-effective way to support large scale data storage and query processing. However, due to security and privacy concerns, sensitive data (e.g., medical records) need to be protected from the cloud server and other unauthorized users. One approach is to outsource encrypted data to the cloud server and have the cloud server perform query processing on the encrypted data only. It remains a challenging task to support various queries over encrypted data in a secure and efficient way such that the cloud server does not gain any knowledge about the data, query, and query result. In this paper, we study the problem of secure skyline queries over encrypted data. The skyline query is particularly important for multi-criteria decision making but also presents significant challenges due to its complex computations. We propose a fully secure skyline query protocol on data encrypted using semantically-secure encryption. As a key subroutine, we present a new secure dominance protocol, which can be also used as a building block for other queries. Furthermore, we demonstrate two optimizations, data partitioning and lazy merging, to further reduce the computation load. Finally, we provide both serial and parallelized implementations and empirically study the protocols in terms of efficiency and scalability under different parameter settings, verifying the feasibility of our proposed solutions.

Praveen Sivadasan,P. Sojan Lal

DOI: https://doi.org/10.48550/arXiv.1205.4813

2012-05-22

Cryptography and Security

Abstract:Information security is protecting information from unauthorized access, use, disclosure, disruption, modification, perusal and destruction. CAIN model suggest maintaining the Confidentiality, Authenticity, Integrity and Non-repudiation (CAIN) of information. Oracle 8i, 9i and 11g Databases support SQLJ framework allowing embedding of SQL statements in Java Programs and providing programmer friendly means to access the Oracle database. As cloud computing technology is becoming popular, SQLJ is considered as a flexible and user friendly language for developing distributed applications in grid architectures. SQLJ source codes are translated to java byte codes and decompilation is generation of source codes from intermediate byte codes. The intermediate SQLJ application byte codes are open to decompilation, allowing a malicious reader to forcefully decompile it for understanding confidential business logic or data from the codes. To the best of our knowledge, strong and cost effective techniques exist for Oracle Database security, but still data security techniques are lacking for client side applications, giving possibility for revelation of confidential business data. Data obfuscation is hiding the data in codes and we suggest enhancing the data security in SQLJ source codes by data hiding, to mitigate disclosure of confidential business data, especially integers in distributed applications.

Yaxing Chen,Qinghua Zheng,Dan Liu,Zheng Yan,Wenhai Sun,Ning Zhang,Wenjing Lou,Y. Thomas Hou

DOI: https://doi.org/10.48550/arxiv.1912.08454

2019-01-01

Abstract:While the security of the cloud remains a concern, a common practice is to encrypt data before outsourcing them for utilization. One key challenging issue is how to efficiently perform queries over the ciphertext. Conventional crypto-based solutions, e.g. partially/fully homomorphic encryption and searchable encryption, suffer from low performance, poor expressiveness and weak compatibility. An alternative method that utilizes hardware-assisted trusted execution environment, i.e., Intel SGX, has emerged recently. On one hand, such work lacks of supporting scalable access control over multiple data users. On the other hand, existing solutions are subjected to the key revocation problem and knowledge extractor vulnerability. In this work, we leverage the newly hardware-assisted methodology and propose a secure, scalable and efficient SQL-like query framework named QShield. Building upon Intel SGX, QShield can guarantee the confidentiality and integrity of sensitive data when being processed on an untrusted cloud platform. Moreover, we present a novel lightweight secret sharing method to enable multi-user access control in QShield, while tackling the key revocation problem. Furthermore, with an additional trust proof mechanism, QShield guarantees the correctness of queries and significantly alleviates the possibility to build a knowledge extractor. We implemented a prototype for QShield and show that QShield incurs minimum performance cost.

Sudha K,Dr. Umarani C

DOI: https://doi.org/10.22214/ijraset.2022.41550

2022-04-30

International Journal for Research in Applied Science and Engineering Technology

Abstract:Abstract: The ongoing headlines or broadcast shows the strong goon, that damages the instruction or details secrecy in obtaining cryptographic keys, through pressure in secure communication programming technique When the instruction key or details is open, one major suitable option is to safeguard the privacy of the details. All things considered, assuming that the data is covered with past facilities, a goon spotted with the encoded key, will think twice about disclosing the ciphertext blocks. The major advantage of implementing key transparency in this paper is to information secrecy over a foe which identifies the encryption key and has an aspiration to get over an enormous part of the ciphertext blocks. Keywords: Cloud Storage, Security, Auditing Mechanism, Key Transparency, Data Confidentiality, MySQL.

Kui Ren

DOI: https://doi.org/10.1145/3433210.3434067

2021-01-01

Abstract:In recent years, we have witnessed an upsurge in cyber-attacks and data breach incidents that put tremendous data at risk, affect millions of users, and cause severe economic losses. As an in-depth defence to counter the persistent and pervasive security threats, maintaining data in always encrypted form is becoming a trend and even a regulatory requirement. Satisfying the demand is particularly challenging in the context of databases, which, as a pillar in modern computing infrastructure, provide indispensable means to organize, store and retrieve data at different scales. The difficulty lies in how to perform the database query processing over encrypted data while meeting the requirements of security, performance, and complex query functions. This field has grown tremendously over the past two decades, though there is no dominant solution that is universally applicable. Solutions based on cryptographic techniques, e.g., searchable encryption or property-preserving encryption, can efficiently provide certain primitive operations for database queries. But studies have shown that their allowed leakage profiles can be (sometimes highly) exploitable. The recent advent of secure hardware enclaves opens up new opportunities. Yet, the first few enclave-based proposals mostly explore extreme design points that rest on strong assumptions (e.g., huge enclave) or result in weak security (e.g., leaking relations of ciphertexts). In this talk, we will overview these latest advancements and the potential challenges, respectively, and discuss the possible roadmap ahead towards practically more secure, efficient and functional encrypted databases.

Bai Wen-yang

2010-01-01

Abstract:This paper proposed a distributed architecture for secure database service which could provide both efficient privacy protection and query processing. Based on the algorithms of automatic quasi-identifiers detection,partitioned the client data across many logically independent database servers vertically,while only encrypted few sensitive data. The client executed queries by transmitting appropriate sub-queries to different databases based on metadata. The experimental results show that this method is well-balanced on dealing with the contradiction between data privacy protection and efficient query processing.

Zheli Liu,Jingwei Li,Jin Li,Chunfu Jia,Jun Yang,Ke Yuan

DOI: https://doi.org/10.4018/ijdwm.2014100104

2014-01-01

International Journal of Data Warehousing and Mining

Abstract:With the development of cloud computing and big data, data privacy protection has become an urgent problem to solve. Data encryption is the most effective way to protect privacy; however, it will change the data format and result in: 1. database structure and application software will be changed; 2. structured query language (SQL) operations cannot work properly, especially in SQL-based fuzzy query. As a result, it is necessary to provide an SQL-based fuzzy query mechanism over encrypted databases, including traditional databases and cloud outsourced databases. This paper establishes a secure database system using format-preserving encryption (FPE) as the underlying primitive to protect the data privacy while not change the database structure. It further proposes a new SQL-based fuzzy query mechanism supporting directly query over encrypted data, which is constructed by FPE and universal hash function (UHF). The security of the proposed mechanism is analyzed as well. In the end, it makes extensive experiments on the system to demonstrate its practical performance.

Jianting Ning,Jia Xu,Kaitai Liang,Fan Zhang,Ee-Chien Chang

DOI: https://doi.org/10.1109/tifs.2018.2866321

IF: 7.231

2019-01-01

IEEE Transactions on Information Forensics and Security

Abstract:Searchable encryption (SE) provides a privacy-preserving mechanism for data users to search over encrypted data stored on a remote server. Researchers have designed a number of SE schemes with high efficiency yet allowing some degree of leakage profile to the remote server. The leakage, however, should be further measured to allow us to understand what types of attacks an SE scheme would encounter. This paper considers passive attacks that make inferences based on prior knowledge and observations on queries issued by users. This is in contrast to previously studied active attacks that adaptively inject files and queries. We consider several assumptions on the types or prior knowledge the attacker possessed and propose a few passive attacks. In particular, under the "full-fledged" assumption, the keyword recovery rate of our attack is optimal in the sense that it is equal to the theoretical upper bound. We further present several enhanced attacks under other weaker assumptions on various levels of the prior knowledge that the attacker can obtain, in which the keyword recovery rates are optimal or nearly optimal (i.e., approaching the theoretical upper bound). In addition, we provide extensive experiments to show the "power" of our passive attacks. This paper highlights the importance of minimizing the prior knowledge of a server and the leakage of search queries. It also shows that simply distorting the frequency of the keyword to hold against our passive attacks may not scale well.

Zheli Liu,Haoyu Ma,Jin Li,Chunfu Jia,Jingwei Li,Ke Yuan

DOI: https://doi.org/10.1007/978-3-642-38631-2_32

2013-01-01

Abstract:Outsourcing database has attracted much attention recently due to the emergence of Cloud Computing. However, there are still two problems to solve, 1) how to encipher and protect the sensitive information before outsourcing while keeping the database structure, and 2) how to enable better utilization of the database like fuzzy queries over the encrypted information. In this paper we propose a new solution based on format-preserving encryption, which protects the privacy of the sensitive data and keeps the data structure as well in the encrypted database. We also show how to perform fuzzy queries over such enciphered data. Specially, our scheme supports fuzzy queries by simply exploiting the internal storing and query mechanism of the databases, thus the influence on both the inner relation of databases and the construction of applications are minimized. Evaluation indicates that our scheme is able to efficiently perform fuzzy query on encrypted database.

ZF Wang,W Wang,BL Shi

DOI: https://doi.org/10.1109/cit.2005.174

2005-01-01

Abstract:There is some private and sensitive data in database, which need to be protected from attacking. In order to reinforce the security of data, an effective mechanism, cryptographic support has been widely used. However, we must make a tradeoff between the performance and the security because encryption and decryption greatly degrade the query performance. To solve such a problem, a novel approach is proposed in this paper that can quickly execute SQL query on the encrypted data. For character data, it not only encrypts them, but also turns the character data into characteristic values via a characteristic function and stores them as additional fields. For numerical data, it not only encrypts them, but also creates its B+ tree index before the encryption in order to keep the ordering of each record in the index. Furthermore, we give the algorithms of querying the encrypted data based on the storage models. Results of sets of experiments validate the functionality and usability of our approach

Jing Yao,Helei Cui,Xiaolin Gui

DOI: https://doi.org/10.1109/dsc47296.2019.8937632

2019-01-01

Abstract:Searchable symmetric encryption (SSE) is a practical technique that allows a client to outsource her encrypted files while maintaining an efficient and secure keyword search ability to authorized clients. To support multi-keyword or Boolean search capability, most of the existing SSE designs inevitably reveal the intermediate single keyword search result to the remote server. Such unintended leakage could be abused to infer the valuable information of the encrypted dataset. In order to hide this kind of intermediate search result (even in some private manners), two promising directions could be adopted, one is a hardware-assisted technology, e.g., Intel SGX, and the other is a software-based approach, e.g., indistinguishability obfuscation (iO). Here, we focus on the iO approach and devise a highly-scalable SSE design for supporting Boolean queries without revealing its single keyword search results. To show the advantages of our proposed design, we conduct a theoretical comparison between some related SSE protocols and ours in terms of storage and computation costs.

Andreas Fischer,Benny Fuhry,Florian Kerschbaum,Eric Bodden

DOI: https://doi.org/10.48550/arXiv.1710.00390

2017-10-02

Abstract:Encrypting data before sending it to the cloud protects it against hackers and malicious insiders, but requires the cloud to compute on encrypted data. Trusted (hardware) modules, e.g., secure enclaves like Intel's SGX, can very efficiently run entire programs in encrypted memory. However, it already has been demonstrated that software vulnerabilities give an attacker ample opportunity to insert arbitrary code into the program. This code can then modify the data flow of the program and leak any secret in the program to an observer in the cloud via SGX side-channels. Since any larger program is rife with software vulnerabilities, it is not a good idea to outsource entire programs to an SGX enclave. A secure alternative with a small trusted code base would be fully homomorphic encryption (FHE) -- the holy grail of encrypted computation. However, due to its high computational complexity it is unlikely to be adopted in the near future. As a result researchers have made several proposals for transforming programs to perform encrypted computations on less powerful encryption schemes. Yet, current approaches fail on programs that make control-flow decisions based on encrypted data. In this paper, we introduce the concept of data flow authentication (DFAuth). DFAuth prevents an adversary from arbitrarily deviating from the data flow of a program. Hence, an attacker cannot perform an attack as outlined before on SGX. This enables that all programs, even those including operations on control-flow decision variables, can be computed on encrypted data. We implemented DFAuth using a novel authenticated homomorphic encryption scheme, a Java bytecode-to-bytecode compiler producing fully executable programs, and SGX enclaves. A transformed neural network that performs machine learning on sensitive medical data can be evaluated on encrypted inputs and encrypted weights in 0.86 seconds.

Cryptography and Security

Anselme Tueno,Florian Kerschbaum

DOI: https://doi.org/10.48550/arXiv.1802.01138

2018-02-04

Cryptography and Security

Abstract:Order-preserving encryption allows encrypting data, while still enabling efficient range queries on the encrypted data. Moreover, it does not require any change to the database management system, because comparison operates on ciphertexts as on plaintexts. This makes order-preserving encryption schemes very suitable for data outsourcing in cloud computing scenarios. However, all order-preserving encryption schemes are necessarily symmetric limiting the use case to one client and one server. Imagine a scenario where a Data Owner encrypts its data before outsourcing it to the Cloud Service Provider and a Data Analyst wants to execute private range queries on this data. This scenario occurs in many cases of collaborative machine learning where data source and processor are different entities. Then either the Data Owner must reveal its encryption key or the Data Analyst must reveal the private queries. In this paper, we overcome this limitation by allowing the equivalent of a public-key order-preserving encryption. We present a secure multiparty protocol that enables secure range queries for multiple users. In this scheme, the Data Analyst cooperates with the Data Owner and the Cloud Service Provider in order to order-preserving encrypt the private range queries without revealing any other information to the parties. We implemented our scheme and observed that if the database size of the Data Owner has 1 million entries it takes only about 0.3 s on average via a loopback interface (1.3 s via a LAN) to encrypt an input of the Data Analyst.

Alexander Brodsky,Csilla Farkas,Duminda Wijesekera,X. Sean Wang

DOI: https://doi.org/10.1007/3-540-45349-0_9

2000-01-01

Abstract:This paper investigates the problem of confidentiality violations via illegal data inferences that occur when arithmetic constraints are combined with non-confidential numeric data to infer confidential information. The database is represented as a point in an ( n + k )-dimensional constraint space, where n is the number of numerical data items stored in the database (extensional database) and k is the number of derivable attributes (intensional database). Database constraints over both extensional and intensional databases form an ( n+ k )-dimensional constraint object. A query answer over a data item x is an interval I of values along the x axis of the database such that I is correct (i.e., the actual data value is within I ) and safe (i.e., users cannot infer which point within I is the actual data value). The security requirements are expressed by the accuracy with which users are allowed to disclose data items. More specifically, we develop two classification methods: (1) volume-based classification, where the entire volume of the disclosed constraint object that contains the data item is considered and (2) interval based classification, where the length of the interval that contains the data item is considered. We develop correct and safe inference algorithms for both cases.

Lihua Yu,Gang Chen,Ke Chen,Jinxiang Dong

DOI: https://doi.org/10.1109/cscwd.2006.253101

2006-01-01

Abstract:Collaborative design and application integration emphasize the demand for database security. Database encryption is widely adopted to ensure data privacy, which can prevent attacks from both outside intruders and inside malicious users. Current researches on this area are mainly focusing on encryption algorithms, key management and encryption efficiency. However, data sharing nature of database system is usually neglected. In this paper, we propose an access control model, 3S-RBAC, which enables data sharing while guaranteeing privacy. The model has many features: the novel concept of strong permission and weak permission; the hierarchy of database objects and keys; the permission and key inheritance; the binding of keys and permissions. Implementation in OSCAR Secure DBMS shows that the model is flexible, secure, practical, and can be integrated easily into existing enterprise applications.