论文信息 - Query log perturbation method for privacy preserving query

Query log perturbation method for privacy preserving query

Database as a Service (DaaS), a form of cloud computing, has recently attracted considerable attention. Users require their sensitive data to be protected from a database administrator that serves as a third party managing the data. We have proposed a secure query execution model for such an environment [10, 11]. Key features of our approach are to represent each tuple of each scheme as a plaintext table with one bloom filter index and to replace queries with keyword searches of the bloom filter index. In [12], we have defined an attack model in which attackers guess features of a plaintext table by observing bit patterns of the bloom filter index: further, we considered a defense against such as attack. We must also assume in this model that attackers can access query logs and may infer features of a plaintext table using such query logs. In this paper, we define an attack model by using query logs and propose a method to defend against the attack by executing fake queries.

Chiemi Watanabe | Yuko Arai

[1] Sushil Jajodia,et al. Secure Data Management in Decentralized Systems , 2014, Secure Data Management in Decentralized Systems.

[2] Hakan Hacigümüs,et al. Executing SQL over encrypted data in the database-service-provider model , 2002, SIGMOD '02.

[3] Chiemi Watanabe,et al. Privacy-Preserving Queries for a DAS Model Using Encrypted Bloom Filter , 2009, DASFAA.

[4] Gene Tsudik,et al. A Privacy-Preserving Index for Range Queries , 2004, VLDB.

[5] Ramakrishnan Srikant,et al. Order preserving encryption for numeric data , 2004, SIGMOD '04.

[6] Stanley B. Zdonik,et al. Answering Aggregation Queries in a Secure System Model , 2007, VLDB.

[7] Peter J. Haas,et al. Improved histograms for selectivity estimation of range predicates , 1996, SIGMOD '96.

[8] Rafail Ostrovsky,et al. Public Key Encryption with Keyword Search , 2004, EUROCRYPT.

[9] Laks V. S. Lakshmanan,et al. Preservation Of Patterns and Input-Output Privacy , 2007, 2007 IEEE 23rd International Conference on Data Engineering.