Secrecy and performance models for query processing on outsourced graph data

Database outsourcing is a challenge concerning data secrecy. Even if an adversary, including the service provider, accesses the data, she should not be able to learn any information from the accessed data. In this paper, we address this problem for graph-structured data. First, we define a secrecy notion for graph-structured data based on the concepts of indistinguishability and searchable encryption. To address this problem, we propose an approach based on bucketization. Next to bucketization, it makes use of obfuscated indexes and encryption. We show that finding an optimal bucketization tailored to graph-structured data is NP-hard; therefore, we come up with a heuristic. We prove that the proposed bucketization approach fulfills our secrecy notion. In addition, we present a performance model for scale-free networks which consists of (1) a number-of-buckets model that estimates the number of buckets obtained after applying our bucketization approach and (2) a query-cost model. Finally, we demonstrate with a set of experiments the accuracy of our number-of-buckets model and the efficiency of our approach with respect to query processing.

[1]  Eu-Jin Goh,et al.  Secure Indexes , 2003, IACR Cryptol. ePrint Arch..

[2]  Mihir Bellare,et al.  Deterministic and Efficiently Searchable Encryption , 2007, CRYPTO.

[3]  Jure Leskovec,et al.  {SNAP Datasets}: {Stanford} Large Network Dataset Collection , 2014 .

[4]  Vijay V. Vazirani,et al.  Approximation Algorithms , 2001, Springer Berlin Heidelberg.

[5]  Jian Pei,et al.  Preserving Privacy in Social Networks Against Neighborhood Attacks , 2008, 2008 IEEE 24th International Conference on Data Engineering.

[6]  Kouichi Sakurai,et al.  Preserving Integrity and Confidentiality of a Directed Acyclic Graph Model of Provenance , 2010, DBSec.

[7]  Hakan Hacigümüs,et al.  Query Optimization in Encrypted Database Systems , 2005, DASFAA.

[8]  David J. DeWitt,et al.  Mondrian Multidimensional K-Anonymity , 2006, 22nd International Conference on Data Engineering (ICDE'06).

[9]  David S. Johnson,et al.  Near-optimal bin packing algorithms , 1973 .

[10]  Pieter H. Hartel,et al.  Computationally Efficient Searchable Symmetric Encryption , 2010, Secure Data Management.

[11]  V. Rhymend Uthariaraj,et al.  Multicrypt: A Provably Secure Encryption Scheme for Multicast Communication , 2009, 2009 First International Conference on Networks & Communications.

[12]  Debasis Das,et al.  A framework for data security and storage in Cloud Computing , 2016, 2016 International Conference on Computational Techniques in Information and Communication Technologies (ICCTICT).

[13]  Aziz Mohaisen,et al.  SecGDB: Graph Encryption for Exact Shortest Distance Queries with Efficient Updates , 2017, Financial Cryptography.

[14]  Charalampos Papamanthou,et al.  Dynamic searchable symmetric encryption , 2012, IACR Cryptol. ePrint Arch..

[15]  George Kollios,et al.  GRECS: Graph Encryption for Approximate Shortest Distance Queries , 2015, IACR Cryptol. ePrint Arch..

[16]  Cong Wang,et al.  Privacy-Preserving Query over Encrypted Graph-Structured Data in Cloud Computing , 2011, 2011 31st International Conference on Distributed Computing Systems.

[17]  Laks V. S. Lakshmanan,et al.  Efficient secure query evaluation over encrypted XML databases , 2006, VLDB.

[18]  Gene Tsudik,et al.  A Privacy-Preserving Index for Range Queries , 2004, VLDB.

[19]  David S. Johnson,et al.  `` Strong '' NP-Completeness Results: Motivation, Examples, and Implications , 1978, JACM.

[20]  P. Hartel,et al.  Conjunctive Wildcard Search over Encrypted Data , 2011, Secure Data Management.

[21]  Zhe Fan,et al.  Privacy-preserving reachability query services for sparse graphs , 2014, 2014 IEEE 30th International Conference on Data Engineering Workshops.

[22]  Dan Boneh,et al.  Course in Applied Cryptography , 2015 .

[23]  Rajeev Motwani,et al.  Two Can Keep A Secret: A Distributed Architecture for Secure Database Services , 2005, CIDR.

[24]  Melissa Chase,et al.  Structured Encryption and Controlled Disclosure , 2010, IACR Cryptol. ePrint Arch..

[25]  Xiaodong Lin,et al.  Reachability Analysis in Privacy-Preserving Perturbed Graphs , 2010, 2010 IEEE/WIC/ACM International Conference on Web Intelligence and Intelligent Agent Technology.

[26]  Elisa Bertino,et al.  Efficient tree pattern queries on encrypted XML documents , 2013, EDBT '13.

[27]  Jonathan Katz,et al.  Introduction to Modern Cryptography: Principles and Protocols , 2007 .

[28]  David S. Johnson,et al.  Computers and Intractability: A Guide to the Theory of NP-Completeness , 1978 .

[29]  Hakan Hacigümüs,et al.  Executing SQL over encrypted data in the database-service-provider model , 2002, SIGMOD '02.

[30]  Albert,et al.  Emergence of scaling in random networks , 1999, Science.

[31]  Yehuda Lindell,et al.  Introduction to Modern Cryptography , 2004 .

[32]  Torsten Suel,et al.  On Rectangular Partitionings in Two Dimensions: Algorithms, Complexity, and Applications , 1999, ICDT.

[33]  Jure Leskovec,et al.  Community Structure in Large Networks: Natural Cluster Sizes and the Absence of Large Well-Defined Clusters , 2008, Internet Math..

[34]  Aric Hagberg,et al.  Exploring Network Structure, Dynamics, and Function using NetworkX , 2008 .

[35]  Jérôme Kunegis,et al.  KONECT: the Koblenz network collection , 2013, WWW.

[36]  Jayant R. Haritsa,et al.  Analyzing Plan Diagrams of Database Query Optimizers , 2005, VLDB.

[37]  ChenWeifeng,et al.  Privacy-assured substructure similarity query over encrypted graph-structured data in cloud , 2014 .

[38]  Jianliang Xu,et al.  Structure-Preserving Subgraph Query Services , 2015, IEEE Transactions on Knowledge and Data Engineering.

[39]  Xiaoyong Du,et al.  A Secure Multi-dimensional Partition Based Index in DAS , 2008, APWeb.

[40]  Jeffrey Scott Vitter,et al.  Wavelet-based histograms for selectivity estimation , 1998, SIGMOD '98.

[41]  Weifeng Chen,et al.  Privacy-assured substructure similarity query over encrypted graph-structured data in cloud , 2014, Secur. Commun. Networks.

[42]  Ben Taskar,et al.  Selectivity estimation using probabilistic models , 2001, SIGMOD '01.

[43]  Geong Sen Poh,et al.  Structured Encryption for Conceptual Graphs , 2012, IWSEC.

[44]  Charles V. Wright,et al.  Inference Attacks on Property-Preserving Encrypted Databases , 2015, CCS.

[45]  Rafail Ostrovsky,et al.  Searchable symmetric encryption: Improved definitions and efficient constructions , 2011, J. Comput. Secur..

[46]  Jian Pei,et al.  Neighbor query friendly compression of social networks , 2010, KDD.

[47]  Youssef Bentaleb,et al.  EPS AES-based confidentiality and integrity algorithms: Complexity study , 2011, 2011 International Conference on Multimedia Computing and Systems.

[48]  Cong Wang,et al.  Efficient verifiable fuzzy keyword search over encrypted data in cloud computing , 2013, Comput. Sci. Inf. Syst..

[49]  Adam O'Neill,et al.  Generic Attacks on Secure Outsourced Databases , 2016, CCS.

[50]  David S. Johnson,et al.  Computers and Inrracrobiliry: A Guide ro the Theory of NP-Completeness , 1979 .