Secure query processing against encrypted XML data using Query-Aware Decryption

Dissemination of XML data on the internet could breach the privacy of data providers unless access to the disseminated XML data is carefully controlled. Recently, the methods using encryption have been proposed for such access control. However, in these methods, the performance of processing queries has not been addressed. A query processor cannot identify the contents of encrypted XML data unless the data are decrypted. This limitation incurs overhead of decrypting the parts of the XML data that would not contribute to the query result. In this paper, we propose the notion of Query-Aware Decryption for efficient processing of queries against encrypted XML data. Query-Aware Decryption allows us to decrypt only those parts that would contribute to the query result. For this purpose, we disseminate an encrypted XML index along with the encrypted XML data. This index, when decrypted, informs us where the query results are located in the encrypted XML data, thus preventing unnecessary decryption for other parts of the data. Since the size of this index is much smaller than that of the encrypted XML data, the cost of decrypting this index is negligible compared with that for unnecessary decryption of the data itself. The experimental results show that our method improves the performance of query processing by up to six times compared with those of existing methods. Finally, we formally prove that dissemination of the encrypted XML index does not compromise security.

[1]  Dan Suciu,et al.  Controlling Access to Published Data Using Cryptography , 2003, VLDB.

[2]  Ioana Manolescu,et al.  XMark: A Benchmark for XML Data Management , 2002, VLDB.

[3]  Steven J. DeRose,et al.  XML Path Language (XPath) Version 1.0 , 1999 .

[4]  Richard J. Lipton,et al.  Secure databases: protection against user influence , 1979, TODS.

[5]  Elisa Bertino,et al.  Secure and selective dissemination of XML documents , 2002, TSEC.

[6]  D. Eastlake,et al.  XML Encryption Syntax and Processing , 2003 .

[7]  Lois Mai Chan Dewey Decimal Classification: A Practical Guide , 1994 .

[8]  David M. Booth,et al.  Web Services Architecture , 2004 .

[9]  S. Boag,et al.  XQuery 1.0 : An XML query language, W3C Working Draft 12 November 2003 , 2003 .

[10]  Dawn Xiaodong Song,et al.  Practical techniques for searches on encrypted data , 2000, Proceeding 2000 IEEE Symposium on Security and Privacy. S&P 2000.

[11]  Christos Faloutsos,et al.  Access methods for text , 1985, CSUR.

[12]  Dan Suciu,et al.  A formal analysis of information disclosure in data exchange , 2004, SIGMOD '04.

[13]  Divesh Srivastava,et al.  Holistic twig joins: optimal XML pattern matching , 2002, SIGMOD '02.

[14]  Niv Ahituv,et al.  Processing encrypted data , 1987, CACM.

[15]  David J. DeWitt,et al.  On supporting containment queries in relational database management systems , 2001, SIGMOD '01.

[16]  Andrew B. Whinston,et al.  P2P Networking: An Information-Sharing Alternative , 2001, Computer.