Private data indexes for selective access to outsourced data

Cloud storage services have recently emerged as a successful approach for making resources conveniently available to large communities of users. Several techniques have been investigated for enabling such services, including encryption for ensuring data protection, as well as indexing for enabling efficient query execution on encrypted data. When data are to be made available selectively, the combined use of the two techniques must be handled with care, since indexes can put the confidentiality protection guaranteed by encryption at risk. In this paper, we investigate this issue and propose an indexing technique for supporting efficient access to encrypted data while preventing possible disclosure of data to users not authorized to access them. Intuitively, our indexing technique accounts for authorizations when producing indexes so to ensure that different occurrences of the same plaintext value, but accessible by different sets of users, be not recognizable from their indexes. We show that our solution exhibits a limited performance overhead in query evaluation, while preventing leakage of information.

[1]  Cong Wang,et al.  Achieving Secure, Scalable, and Fine-grained Data Access Control in Cloud Computing , 2010, 2010 Proceedings IEEE INFOCOM.

[2]  Marco Gamassi,et al.  Robust fingerprint detection for access control , 2005 .

[3]  Dan Suciu,et al.  Controlling Access to Published Data Using Cryptography , 2003, VLDB.

[4]  Feifei Li,et al.  Dynamic authenticated index structures for outsourced databases , 2006, SIGMOD Conference.

[5]  Roberto Sassi,et al.  A fuzzy approach to multimodal biometric continuous authentication , 2008, Fuzzy Optim. Decis. Mak..

[6]  Stelvio Cimato,et al.  Privacy-Aware Biometrics: Design and Implementation of a Multimodal Verification System , 2008, 2008 Annual Computer Security Applications Conference (ACSAC).

[7]  Hakan Hacigümüs,et al.  Ensuring the Integrity of Encrypted Databases in the Database-as-a-Service Model , 2003, DBSec.

[8]  Sushil Jajodia,et al.  Encryption policies for regulating access to outsourced data , 2010, TODS.

[9]  Sushil Jajodia,et al.  Balancing confidentiality and efficiency in untrusted relational DBMSs , 2003, CCS '03.

[10]  Ramakrishnan Srikant,et al.  Order preserving encryption for numeric data , 2004, SIGMOD '04.

[11]  Ken Huang,et al.  ST&E Is the Most Cost Effective Measure for Comply with Payment Card Industry (PCI) Data Security Standard , 2008, Financial Cryptography.

[12]  Hakan Hacigümüs,et al.  Executing SQL over encrypted data in the database-service-provider model , 2002, SIGMOD '02.

[13]  M. Gamassi,et al.  Accuracy and performance of biometric systems , 2004, Proceedings of the 21st IEEE Instrumentation and Measurement Technology Conference (IEEE Cat. No.04CH37510).

[14]  Sabrina De Capitani di Vimercati,et al.  Privacy of Outsourced Data , 2009, PrimeLife.

[15]  Alberto Ceselli,et al.  Modeling and assessing inference exposure in encrypted databases , 2005, TSEC.

[16]  Vincenzo Piuri,et al.  Privacy-preserving fingercode authentication , 2010, MM&Sec '10.

[17]  Marina Blanton,et al.  Dynamic and Efficient Key Management for Access Hierarchies , 2009, TSEC.

[18]  A. Meyer The Health Insurance Portability and Accountability Act. , 1997, Tennessee medicine : journal of the Tennessee Medical Association.

[19]  Ehud Gudes,et al.  Designing Secure Indexes for Encrypted Databases , 2005, DBSec.

[20]  Sushil Jajodia,et al.  Fragments and loose associations , 2010, Proc. VLDB Endow..

[21]  Laks V. S. Lakshmanan,et al.  Efficient secure query evaluation over encrypted XML databases , 2006, VLDB.

[22]  Sabrina De Capitani di Vimercati,et al.  Data protection in outsourcing scenarios: issues and directions , 2010, ASIACCS '10.

[23]  Xiaofeng Meng,et al.  Integrity Auditing of Outsourced Data , 2007, VLDB.