On information leakage by indexes over data fragments

Data fragmentation has recently emerged as a complementary approach to encryption for protecting confidentiality of sensitive associations when storing data at external parties. In this paper, we discuss how the use of indexes, typically associated with the encrypted portion of the data, while desirable for providing effectiveness and efficiency in query execution, can - combined with fragmentation - cause potential leakage of confidential (encrypted or fragmented) information. We illustrate how the exposure to leakage varies depending on the kind of indexes. Such observations can result useful for the design of approaches assessing information exposure and for the definition of safe (free from inferences) indexes in fragmented data.

[1]  Rajeev Motwani,et al.  Two Can Keep A Secret: A Distributed Architecture for Secure Database Services , 2005, CIDR.

[2]  Sabrina De Capitani di Vimercati,et al.  Data protection in outsourcing scenarios: issues and directions , 2010, ASIACCS '10.

[3]  Hakan Hacigümüs,et al.  Executing SQL over encrypted data in the database-service-provider model , 2002, SIGMOD '02.

[4]  Sushil Jajodia,et al.  Encryption policies for regulating access to outsourced data , 2010, TODS.

[5]  Sushil Jajodia,et al.  Balancing confidentiality and efficiency in untrusted relational DBMSs , 2003, CCS '03.

[6]  Gerardo Pelosi,et al.  Supporting Concurrency in Private Data Outsourcing , 2011, ESORICS.

[7]  Laks V. S. Lakshmanan,et al.  Efficient secure query evaluation over encrypted XML databases , 2006, VLDB.

[8]  Sushil Jajodia,et al.  Combining fragmentation and encryption to protect privacy in data storage , 2010, TSEC.

[9]  Alberto Ceselli,et al.  Modeling and assessing inference exposure in encrypted databases , 2005, TSEC.

[10]  George Havas,et al.  Perfect Hashing , 1997, Theor. Comput. Sci..

[11]  Ramakrishnan Srikant,et al.  Order preserving encryption for numeric data , 2004, SIGMOD '04.

[12]  JajodiaSushil,et al.  Encryption policies for regulating access to outsourced data , 2010 .

[13]  Sushil Jajodia,et al.  Selective data outsourcing for enforcing privacy , 2011, J. Comput. Secur..

[14]  Gerardo Pelosi,et al.  Efficient and Private Access to Outsourced Data , 2011, 2011 31st International Conference on Distributed Computing Systems.

[15]  Cong Wang,et al.  Enabling Secure and Efficient Ranked Keyword Search over Outsourced Cloud Data , 2012, IEEE Transactions on Parallel and Distributed Systems.

[16]  Keith B. Frikken,et al.  An Index Structure for Private Data Outsourcing , 2011, DBSec.

[17]  Murat Kantarcioglu,et al.  Secure multidimensional range queries over outsourced data , 2012, The VLDB Journal.