SemCrypt - Ensuring Privacy of Electronic Documents Through Semantic-Based Encrypted Query Processing

The trend towards outsourcing increases the number of documents stored at external service providers. This storage model, however, raises privacy and security concerns because the service providers cannot be trusted with respect to maintaining the privacy of the documents. The research project SemCrypt^1 explores techniques for processing queries and updates over encrypted XML documents stored at untrusted servers. By performing encryption and decryption only on the client and not on the server, SemCrypt guarantees that neither the document structure nor the document content are disclosed on the server. Filtering query results and processing as much as possible of the query/update statement on the server does not depend on special encryption techniques. Instead, the chosen approach exploits the structural semantics of XML documents and uses standard, well-proven encryption techniques. SemCrypt thus enables to query and update encrypted XML documents on untrusted servers while ensuring data privacy.

[1]  Matt Blaze,et al.  A cryptographic file system for UNIX , 1993, CCS '93.

[2]  Awais Rashid,et al.  XML Data Management: Native XML and XML-Enabled Database Systems , 2003 .

[3]  Luc Bouganim,et al.  Chip-Secured Data Access: Confidential Data on Untrusted Servers , 2002, VLDB.

[4]  Sushil Jajodia,et al.  Balancing confidentiality and efficiency in untrusted relational DBMSs , 2003, CCS '03.

[5]  Ramakrishnan Srikant,et al.  Order preserving encryption for numeric data , 2004, SIGMOD '04.

[6]  Forouzan Golshani,et al.  Proceedings of the Eighth International Conference on Data Engineering , 1992 .

[7]  Pieter H. Hartel,et al.  Efficient Tree Search in Encrypted Data , 2004, Inf. Secur. J. A Glob. Perspect..

[8]  Sharad Mehrotra,et al.  Querying Encrypted XML Documents , 2006, 2006 10th International Database Engineering and Applications Symposium (IDEAS'06).

[9]  Elisa Bertino,et al.  Securing XML Documents with Author-X , 2001, IEEE Internet Comput..

[10]  Johann-Christoph Freytag,et al.  Almost Optimal Private Information Retrieval , 2002, Privacy Enhancing Technologies.

[11]  Hakan Hacigümüs,et al.  Executing SQL over encrypted data in the database-service-provider model , 2002, SIGMOD '02.

[12]  Georg Gottlob,et al.  XPath processing in a nutshell , 2003, SGMD.

[13]  Kenny Fong,et al.  Potential Security Holes in Hacıgümüş ’ Scheme of Executing SQL over Encrypted Data , 2003 .

[14]  Dan Suciu,et al.  Index Structures for Path Expressions , 1999, ICDT.

[15]  Cong Yu,et al.  TIMBER: A native XML database , 2002, The VLDB Journal.

[16]  Michael J. Franklin,et al.  A Fast Index for Semistructured Data , 2001, VLDB.

[17]  Beng Chin Ooi,et al.  XR-tree: indexing XML data for efficient structural joins , 2003, Proceedings 19th International Conference on Data Engineering (Cat. No.03CH37405).

[18]  Gene Tsudik,et al.  Authentication and integrity in outsourced databases , 2006, TOS.

[19]  Dawn Xiaodong Song,et al.  Practical techniques for searches on encrypted data , 2000, Proceeding 2000 IEEE Symposium on Security and Privacy. S&P 2000.

[20]  Torsten Grust,et al.  Accelerating XPath evaluation in any RDBMS , 2004, TODS.

[21]  Georg Gottlob,et al.  Efficient Algorithms for Processing XPath Queries , 2002, VLDB.

[22]  Gerhard Weikum,et al.  Integrated document caching and prefetching in storage hierarchies based on Markov-chain predictions , 1998, The VLDB Journal.

[23]  Luc Bouganim,et al.  Chip-Secured Data Access: Reconciling Access Rights with Data Encryption , 2003, VLDB.

[24]  Bruce Schneier,et al.  Practical cryptography , 2003 .

[25]  Georg Gottlob,et al.  XPath query evaluation: improving time and space efficiency , 2003, Proceedings 19th International Conference on Data Engineering (Cat. No.03CH37405).