Query Processing on Encrypted Data in the Cloud by

This paper explores a new encryption technique called POP. POP addresses the need to encrypt databases in the cloud and to execute complex SQL queries on the encrypted data efficiently. POP can be configured to meet different privacy requirements and attacker scenarios. Two such scenarios, referred to as domain attack and frequency attack, are studied in detail in this paper. Privacy and performance experiments conducted using the TPC-H benchmark show that POP makes it indeed possible to achieve good privacy with affordable performance overheads in many cases.

[1]  Ramakrishnan Srikant,et al.  Order preserving encryption for numeric data , 2004, SIGMOD '04.

[2]  Hakan Hacigümüs,et al.  Executing SQL over encrypted data in the database-service-provider model , 2002, SIGMOD '02.

[3]  Eli Upfal,et al.  Probability and Computing: Randomized Algorithms and Probabilistic Analysis , 2005 .

[4]  Ninghui Li,et al.  t-Closeness: Privacy Beyond k-Anonymity and l-Diversity , 2007, 2007 IEEE 23rd International Conference on Data Engineering.

[5]  Frederik Vercauteren,et al.  Fully Homomorphic Encryption with Relatively Small Key and Ciphertext Sizes , 2010, Public Key Cryptography.

[6]  Yehuda Lindell,et al.  Privacy Preserving Data Mining , 2002, Journal of Cryptology.

[7]  R. Gavison Privacy and the Limits of Law , 1980 .

[8]  Latanya Sweeney,et al.  k-Anonymity: A Model for Protecting Privacy , 2002, Int. J. Uncertain. Fuzziness Knowl. Based Syst..

[9]  Dan Suciu,et al.  Foundations of probabilistic answers to queries , 2005, SIGMOD '05.

[10]  Hoeteck Wee,et al.  Toward Privacy in Public Databases , 2005, TCC.

[11]  Radu Sion,et al.  Towards Secure Data Outsourcing , 2008, Handbook of Database Security.

[12]  Mihir Bellare,et al.  Deterministic and Efficiently Searchable Encryption , 2007, CRYPTO.

[13]  Markus Jakobsson,et al.  Controlling data in the cloud: outsourcing computation without outsourcing control , 2009, CCSW '09.

[14]  Carlo Curino,et al.  Relational Cloud: a Database Service for the cloud , 2011, CIDR.

[15]  Chris Clifton,et al.  Security Issues in Querying Encrypted Data , 2005, DBSec.

[16]  Michael J. Carey,et al.  On saying “Enough already!” in SQL , 1997, SIGMOD '97.

[17]  Gene Tsudik,et al.  A Privacy-Preserving Index for Range Queries , 2004, VLDB.

[18]  Eyal Kushilevitz,et al.  Private information retrieval , 1998, JACM.

[19]  Craig Gentry,et al.  A fully homomorphic encryption scheme , 2009 .

[20]  ASHWIN MACHANAVAJJHALA,et al.  L-diversity: privacy beyond k-anonymity , 2006, 22nd International Conference on Data Engineering (ICDE'06).

[21]  Norman S. Matloff,et al.  A modified random perturbation method for database security , 1994, TODS.

[22]  Rodney Landrum,et al.  Transparent Data Encryption , 2009 .

[23]  Taher El Gamal A public key cryptosystem and a signature scheme based on discrete logarithms , 1984, IEEE Trans. Inf. Theory.

[24]  Nathan Chenette,et al.  Order-Preserving Symmetric Encryption , 2009, IACR Cryptol. ePrint Arch..

[25]  Alexandra Boldyreva,et al.  Provably-Secure Schemes for Basic Query Support in Outsourced Databases , 2007, DBSec.

[26]  Sushil Jajodia,et al.  Balancing confidentiality and efficiency in untrusted relational DBMSs , 2003, CCS '03.

[27]  T. Elgamal A public key cryptosystem and a signature scheme based on discrete logarithms , 1984, CRYPTO 1984.

[28]  Alexandre V. Evfimievski,et al.  Limiting privacy breaches in privacy preserving data mining , 2003, PODS.

[29]  Dan Suciu,et al.  A formal analysis of information disclosure in data exchange , 2004, SIGMOD '04.

[30]  E. Jaynes Probability theory : the logic of science , 2003 .

[31]  Ronald L. Rivest,et al.  ON DATA BANKS AND PRIVACY HOMOMORPHISMS , 1978 .

[32]  Vijayalakshmi Atluri,et al.  Effective anonymization of query logs , 2009, CIKM.

[33]  Radu Sion Secure Data Outsourcing , 2007, VLDB.

[34]  M. Tribus,et al.  Probability theory: the logic of science , 2003 .