Database Fragmentation with Confidentiality Constraints: A Graph Search Approach

Database fragmentation is a promising approach that can be used in combination with encryption to achieve secure data outsourcing which allows clients to securely outsource their data to remote untrusted server(s) while enabling query support using the outsourced data. Given a set of confidentiality constraints, it vertically partitions the database into fragments such that the set of attributes in each constraint do not appear together in any one fragment. The optimal fragmentation problem is to find a fragmentation with minimum cost for query support. In this paper, we propose an efficient graph search based approach which obtains near optimal fragmentation. We model the fragmentation search space as a graph and propose efficient search algorithms on the graph. We present static and dynamic search strategies as well as a novel level-wise graph expansion technique which dramatically reduces the search time. Extensive experiments showed that our method significantly outperforms other state-of-the-art methods.

[1]  Scott Kirkpatrick,et al.  Optimization by Simmulated Annealing , 1983, Sci..

[2]  Cynthia Dwork,et al.  Differential Privacy: A Survey of Results , 2008, TAMC.

[3]  Patrick Valduriez,et al.  Principles of Distributed Database Systems , 1990 .

[4]  Hakan Hacigümüs,et al.  Executing SQL over encrypted data in the database-service-provider model , 2002, SIGMOD '02.

[5]  Joachim Biskup,et al.  Database Fragmentation with Encryption: Under Which Semantic Constraints and A Priori Knowledge Can Two Keep a Secret? , 2013, DBSec.

[6]  Craig Gentry,et al.  Computing arbitrary functions of encrypted data , 2010, CACM.

[7]  Edward P. K. Tsang,et al.  Guided local search and its application to the traveling salesman problem , 1999, Eur. J. Oper. Res..

[8]  Philip S. Yu,et al.  Privacy-preserving data publishing: A survey of recent developments , 2010, CSUR.

[9]  Yves Crama,et al.  Local Search in Combinatorial Optimization , 2018, Artificial Neural Networks.

[10]  Pierangela Samarati,et al.  Protecting Respondents' Identities in Microdata Release , 2001, IEEE Trans. Knowl. Data Eng..

[11]  Craig Gentry,et al.  Fully homomorphic encryption using ideal lattices , 2009, STOC '09.

[12]  Hari Balakrishnan,et al.  CryptDB: processing queries on an encrypted database , 2012, CACM.

[13]  Craig Gentry,et al.  Fully Homomorphic Encryption over the Integers , 2010, EUROCRYPT.

[14]  Rafail Ostrovsky,et al.  Public Key Encryption with Keyword Search , 2004, EUROCRYPT.

[15]  Claire Cardie,et al.  Clustering with Instance-Level Constraints , 2000, AAAI/IAAI.

[16]  Hari Balakrishnan,et al.  CryptDB: protecting confidentiality with encrypted query processing , 2011, SOSP.

[17]  Joshua Zhexue Huang,et al.  Rating: Privacy Preservation for Multiple Attributes with Different Sensitivity Requirements , 2011, 2011 IEEE 11th International Conference on Data Mining Workshops.

[18]  Yücel Saygin,et al.  Recent advances in preserving privacy when mining data , 2008, Data Knowl. Eng..

[19]  Patrick Valduriez,et al.  Principles of Distributed Database Systems, Third Edition , 2011 .

[20]  Dawn Xiaodong Song,et al.  Practical techniques for searches on encrypted data , 2000, Proceeding 2000 IEEE Symposium on Security and Privacy. S&P 2000.

[21]  Ramakrishnan Srikant,et al.  Fast Algorithms for Mining Association Rules in Large Databases , 1994, VLDB.

[22]  Sushil Jajodia,et al.  Fragmentation Design for Efficient Query Execution over Sensitive Distributed Databases , 2009, 2009 29th IEEE International Conference on Distributed Computing Systems.

[23]  Sushil Jajodia,et al.  Combining fragmentation and encryption to protect privacy in data storage , 2010, TSEC.

[24]  ASHWIN MACHANAVAJJHALA,et al.  L-diversity: privacy beyond k-anonymity , 2006, 22nd International Conference on Data Engineering (ICDE'06).

[25]  Jian Pei,et al.  Privacy-aware data management in information networks , 2011, SIGMOD '11.

[26]  C. D. Gelatt,et al.  Optimization by Simulated Annealing , 1983, Science.

[27]  Ashwin Machanavajjhala,et al.  A SPARSI: Partitioning Sensitive Data amongst Multiple Adversaries , 2013, Proc. VLDB Endow..

[28]  Joachim Biskup,et al.  On the Inference-Proofness of Database Fragmentation Satisfying Confidentiality Constraints , 2011, ISC.

[29]  Divesh Srivastava,et al.  Efficient Table Anonymization for Aggregate Query Answering , 2009, 2009 IEEE 25th International Conference on Data Engineering.