Key management for multi-user encrypted databases

Database outsourcing is becoming increasingly popular introducing a new paradigm, called database-as-a-service (DAS), where an organization's database is stored at an external service provider. In such a scenario, access control is a very important issue, especially if the data owner wishes to publish her data for external use.In this paper, we first present our approach for the implementation of access control through selective encryption. The focus of the paper is then the presentation of the experimental results, which demonstrate the applicability of our proposal.

[1]  Hakan Hacigümüs,et al.  Efficient Execution of Aggregation Queries over Encrypted Relational Databases , 2004, DASFAA.

[2]  Hakan Hacigümüs,et al.  Executing SQL over encrypted data in the database-service-provider model , 2002, SIGMOD '02.

[3]  Brent Waters,et al.  Building an Encrypted and Searchable Audit Log , 2004, NDSS.

[4]  Gene Tsudik,et al.  A Privacy-Preserving Index for Range Queries , 2004, VLDB.

[5]  Sushil Jajodia,et al.  Metadata Management in Outsourced Encrypted Databases , 2005, Secure Data Management.

[6]  Jeroen Doumen,et al.  Using Secret Sharing for Searching in Encrypted Data , 2004, Secure Data Management.

[7]  Oliver Günther,et al.  Using online services in untrusted environments: a privacy-preserving architecture , 2003, ECIS.

[8]  Sushil Jajodia,et al.  Balancing confidentiality and efficiency in untrusted relational DBMSs , 2003, CCS '03.

[9]  Selim G. Akl,et al.  An Optimal Algorithm for Assigning Cryptographic Keys to Control Access in a Hierarchy , 1985, IEEE Transactions on Computers.

[10]  Ravi S. Sandhu,et al.  Cryptographic Implementation of a Tree Hierarchy for Access Control , 1988, Inf. Process. Lett..

[11]  Ramakrishnan Srikant,et al.  Order preserving encryption for numeric data , 2004, SIGMOD '04.

[12]  Lein Harn,et al.  A cryptographic key generation scheme for multilevel data security , 1990, Comput. Secur..

[13]  Eu-Jin Goh,et al.  Secure Indexes , 2003, IACR Cryptol. ePrint Arch..

[14]  Sushil Jajodia,et al.  Implementation of a Storage Mechanism for Untrusted DBMSs , 2003, Second IEEE International Security in Storage Workshop.

[15]  Hakan Hacigümüs,et al.  Ensuring the Integrity of Encrypted Databases in the Database-as-a-Service Model , 2003, DBSec.

[16]  Hakan Hacigümüs,et al.  Performance-Conscious Key Management in Encrypted Databases , 2004, DBSec.

[17]  Hakan Hacigümüs,et al.  Providing database as a service , 2002, Proceedings 18th International Conference on Data Engineering.

[18]  Matthew K. Franklin,et al.  Identity-Based Encryption from the Weil Pairing , 2001, CRYPTO.

[19]  John B. Kam,et al.  A database encryption system with subkeys , 1981, TODS.

[20]  Gene Tsudik,et al.  Authentication and integrity in outsourced databases , 2006, TOS.

[21]  Alberto Ceselli,et al.  Modeling and assessing inference exposure in encrypted databases , 2005, TSEC.

[22]  Wei-Pang Yang,et al.  Controlling access in large partially ordered hierarchies using cryptographic keys , 2003, J. Syst. Softw..

[23]  Selim G. Akl,et al.  Cryptographic solution to a problem of access control in a hierarchy , 1983, TOCS.

[24]  Rafail Ostrovsky,et al.  Public Key Encryption with Keyword Search , 2004, EUROCRYPT.