Using different encryption schemes for secure deletion while supporting queries

As more and more private and confidential data is stored in databases and in the wake of cloud computing services hosted by third parties, the privacyaware and secure handling of such sensitive data is important. The security of such data needs not only be guaranteed during the actual life, but also at the point where they should be deleted. However, current common database management systems to not provide the means for secure deletion. As a consequence, in this paper we propose several means to tackle this challenge by means of encryption and how to handle the resulting shortcomings with regards to still allowing queries on encrypted data. We discuss a general approach on how to combine homomorphic encryption, order preserving encryption and partial encryption as means of depersonalization, as well as their use on client-side or server-side as system extensions.

[1]  Peter Gutmann,et al.  Secure deletion of data from magnetic and solid-state memory , 1996 .

[2]  Moni Naor,et al.  Nonmalleable Cryptography , 2000, SIAM Rev..

[3]  Gunter Saake,et al.  Privacy-Aware Multidimensional Indexing , 2013, BTW.

[4]  Hari Balakrishnan,et al.  CryptDB: protecting confidentiality with encrypted query processing , 2011, SOSP.

[5]  Michael Naehrig,et al.  A Comparison of the Homomorphic Encryption Schemes FV and YASHE , 2014, AFRICACRYPT.

[6]  Jana Dittmann,et al.  Creation of a Public Corpus of Contact-Less Acquired Latent Fingerprints without Privacy Implications , 2013, Communications and Multimedia Security.

[7]  Martin Schäler,et al.  Secure Deletion: Towards Tailor-Made Privacy in Database Systems , 2013, BTW Workshops.

[8]  Craig Gentry,et al.  Fully homomorphic encryption using ideal lattices , 2009, STOC '09.

[9]  Jana Dittmann,et al.  Advanced techniques for latent fingerprint detection and validation using a CWL device , 2012, Photonics Europe.

[10]  Pascal Paillier,et al.  Public-Key Cryptosystems Based on Composite Degree Residuosity Classes , 1999, EUROCRYPT.

[11]  Nathan Chenette,et al.  Order-Preserving Symmetric Encryption , 2009, IACR Cryptol. ePrint Arch..

[12]  Richard J. Lipton,et al.  A Revocable Backup System , 1996, USENIX Security Symposium.

[13]  Ronald L. Rivest,et al.  ON DATA BANKS AND PRIVACY HOMOMORPHISMS , 1978 .

[14]  Andreas Schaad,et al.  Privacy by Encrypted Databases , 2014, APF.

[15]  Gunter Saake,et al.  Reliable Provenance Information for Multimedia Data Using Invertible Fragile Watermarks , 2011, BNCOD.

[16]  Ronny Merkel,et al.  Reversible watermarking with digital signature chaining for privacy protection of optical contactless captured biometric fingerprints - a capacity study for forensic approaches , 2011, 2011 17th International Conference on Digital Signal Processing (DSP).

[17]  Ramakrishnan Srikant,et al.  Order preserving encryption for numeric data , 2004, SIGMOD '04.

[18]  Silvio Micali,et al.  Probabilistic Encryption , 1984, J. Comput. Syst. Sci..

[19]  Gerome Miklau,et al.  Threats to privacy in the forensic analysis of database systems , 2007, SIGMOD '07.

[20]  Claus Vielhauer,et al.  First approach for a computer-aided textile fiber type determination based on template matching using a 3D laser scanning microscope , 2012, MM&Sec '12.