Dividing secrets to secure data outsourcing

Data outsourcing or database as a service is a new paradigm for data management. The third party service provider hosts databases as a service. These parties provide efficient and cheap data management by obviating the need to purchase expensive hardware and software, deal with software upgrades and hire professionals for administrative and maintenance tasks. However, due to recent governmental legislations, competition among companies and database thefts, companies cannot use database service providers directly. They need secure and privacy preserving data management techniques to be able to use them in practice. Since data is remotely stored in a privacy preserving manner, there are efficiency related problems such as poor query response time. We propose a new framework that provides efficient and scalable query response times by reducing the computation and communication costs. Furthermore, the proposed technique uses several service providers to guarantee the availability of the services while detecting the dishonest or faulty service providers without introducing additional overhead on the query response time. The evaluations demonstrate that our data outsourcing framework is scalable and practical.

[1]  Adi Shamir,et al.  How to share a secret , 1979, CACM.

[2]  Niv Gilboa,et al.  Computationally private information retrieval (extended abstract) , 1997, STOC '97.

[3]  Subhash C. Kak,et al.  Recursive secret sharing for distributed storage and information hiding , 2009, 2009 IEEE 3rd International Symposium on Advanced Networks and Telecommunication Systems (ANTS).

[4]  Peter J. Haas,et al.  A system for watermarking relational databases , 2003, SIGMOD '03.

[5]  Rajeev Motwani,et al.  Distributing data for secure database services , 2011, PAIS '11.

[6]  Rajeev Motwani,et al.  Two Can Keep A Secret: A Distributed Architecture for Secure Database Services , 2005, CIDR.

[7]  Chris Clifton,et al.  Tools for privacy preserving distributed data mining , 2002, SKDD.

[8]  Divyakant Agrawal,et al.  ABACUS: A Distributed Middleware for Privacy Preserving Data Sharing Across Private Data Warehouses , 2005, Middleware.

[9]  Alexandre V. Evfimievski,et al.  Information sharing across private databases , 2003, SIGMOD '03.

[10]  Benny Pinkas,et al.  Secure Computation of the k th-Ranked Element , 2004, EUROCRYPT.

[11]  Ramakrishnan Srikant,et al.  Implementing P3P using database technology , 2003, Proceedings 19th International Conference on Data Engineering (Cat. No.03CH37405).

[12]  Beng Chin Ooi,et al.  Privacy and ownership preserving of outsourced medical data , 2005, 21st International Conference on Data Engineering (ICDE'05).

[13]  Gene Tsudik,et al.  A Privacy-Preserving Index for Range Queries , 2004, VLDB.

[14]  Divyakant Agrawal,et al.  Privacy Preserving Query Processing Using Third Parties , 2006, 22nd International Conference on Data Engineering (ICDE'06).

[15]  Toshiyuki Miyamoto,et al.  Autonomous distributed secret sharing storage system , 2006 .

[16]  Silvio Micali,et al.  Computationally Private Information Retrieval with Polylogarithmic Communication , 1999, EUROCRYPT.

[17]  Ramakrishnan Srikant,et al.  Order preserving encryption for numeric data , 2004, SIGMOD '04.

[18]  Alexandre V. Evfimievski,et al.  Privacy preserving mining of association rules , 2002, Inf. Syst..

[19]  Jennifer Widom,et al.  Vision Paper: Enabling Privacy for the Paranoids , 2004, VLDB.

[20]  Ming Li,et al.  Authorized Private Keyword Search over Encrypted Data in Cloud Computing , 2011, 2011 31st International Conference on Distributed Computing Systems.

[21]  Jayant R. Haritsa,et al.  Maintaining Data Privacy in Association Rule Mining , 2002, VLDB.

[22]  Hakan Hacigümüs,et al.  Executing SQL over encrypted data in the database-service-provider model , 2002, SIGMOD '02.

[23]  Kristin E. Lauter,et al.  Cryptographic Cloud Storage , 2010, Financial Cryptography Workshops.

[24]  Jayant R. Haritsa,et al.  A Framework for High-Accuracy Privacy-Preserving Mining , 2005, ICDE.

[25]  Benny Pinkas,et al.  Secure computation of the kth-ranked element , 2004 .

[26]  Ramakrishnan Srikant,et al.  Hippocratic Databases , 2002, VLDB.

[27]  H. Garcia-Molina,et al.  Enabling Privacy for the Paranoids , 2004 .

[28]  Ramakrishnan Srikant,et al.  Privacy-preserving data mining , 2000, SIGMOD '00.