Complex Queries in a Shared Multi User Relational Cloud Database

While DaaS is becoming more and more popular enterprises start considering it as an option to reduce IT maintenance costs. But data privacy and security issues keep most of them from moving to the cloud. Existing schemes of encrypting the database usually either provide a very basic search only (e.g., SELECT * FROM t WHERE t.a = 5) and nothing more or give users more flexibility at a cost of data security. In this paper we try to introduce a highly secure and flexible database encryption scheme allowing multiple users to perform more complex queries, including cross-table joins and still achieve acceptable performance by utilizing database's built-in indexing capabilities. Several dedicated proxy servers in between the user and the database server help to achieve this and make it all transparent for the user. Developed solution shows acceptable performance level in most of the testing cases.

[1]  Hakan Hacigümüs,et al.  Search on Encrypted Data , 2007, Secure Data Management in Decentralized Systems.

[2]  Eu-Jin Goh,et al.  Secure Indexes , 2003, IACR Cryptol. ePrint Arch..

[3]  Naranker Dulay,et al.  Shared and Searchable Encrypted Data for Untrusted Servers , 2008 .

[4]  Huafei Zhu,et al.  Cloud-enabled data sharing model , 2012, 2012 IEEE International Conference on Intelligence and Security Informatics.

[5]  Robert H. Deng,et al.  Multiuser private queries over encrypted databases , 2009, Int. J. Appl. Cryptogr..

[6]  Robert H. Deng,et al.  Private Query on Encrypted Data in Multi-user Settings , 2008, ISPEC.

[7]  Sushil Jajodia,et al.  Secure Data Management in Decentralized Systems , 2014, Secure Data Management in Decentralized Systems.

[8]  Robert W. Shirey,et al.  Internet Security Glossary, Version 2 , 2007, RFC.

[9]  Dawn Xiaodong Song,et al.  Practical techniques for searches on encrypted data , 2000, Proceeding 2000 IEEE Symposium on Security and Privacy. S&P 2000.

[10]  Hari Balakrishnan,et al.  CryptDB: processing queries on an encrypted database , 2012, CACM.

[11]  Sheng Zhong,et al.  Privacy-Preserving Queries on Encrypted Data , 2006, ESORICS.

[12]  Hakan Hacigümüs,et al.  Executing SQL over encrypted data in the database-service-provider model , 2002, SIGMOD '02.

[13]  Maarten van Steen,et al.  Providing data confidentiality against malicious hosts in Shared Data Spaces , 2010, Sci. Comput. Program..