KSII Transactions on Internet and Information Systems (TIIS)

Korean Society for Internet Information (한국인터넷정보학회)
권호 표지
DOI QR코드

DOI QR Code

QSDB: An Encrypted Database Model for Privacy-Preserving in Cloud Computing

  • Liu, Guoxiu (School of Computer Science and Technology, Nanjing University of Posts and Telecommunications) ;
  • Yang, Geng (School of Computer Science and Technology, Nanjing University of Posts and Telecommunications) ;
  • Wang, Haiwei (School of Computer Science and Technology, Nanjing University of Posts and Telecommunications) ;
  • Dai, Hua (School of Computer Science and Technology, Nanjing University of Posts and Telecommunications) ;
  • Zhou, Qiang (School of Computer and Information Engineering, Chuzhou University)
  • Received : 2017.04.25
  • Accepted : 2018.02.28
  • Published : 2018.07.31
Download PDF
⟨ Previous Next ⟩

Abstract

With the advent of database-as-a-service (DAAS) and cloud computing, more and more data owners are motivated to outsource their data to cloud database in consideration of convenience and cost. However, it has become a challenging work to provide security to database as service model in cloud computing, because adversaries may try to gain access to sensitive data, and curious or malicious administrators may capture and leak data. In order to realize privacy preservation, sensitive data should be encrypted before outsourcing. In this paper, we present a secure and practical system over encrypted cloud data, called QSDB (queryable and secure database), which simultaneously supports SQL query operations. The proposed system can store and process the floating point numbers without compromising the security of data. To balance tradeoff between data privacy protection and query processing efficiency, QSDB utilizes three different encryption models to encrypt data. Our strategy is to process as much queries as possible at the cloud server. Encryption of queries and decryption of encrypted queries results are performed at client. Experiments on the real-world data sets were conducted to demonstrate the efficiency and practicality of the proposed system.

Keywords

References

  1. S. Aulbach, T. Grust, D. Jacobs, A. Keper, and J. Rittinger, "Multi-tenant databases for software as a service: schema-mapping techniques," in Proc. of ACM SIGMOD International Conference on Management of Data, Vol. 25, 2008, pp. 1195-1206.
  2. M. Brantner, D. Florescu, D. Graf, D. Kossmann, and T. Kraska, "Building a database on S3," in Proc. of ACM SIGMOD International Conference on Management of Data, Vol. 18, 2008, pp. 251-264.
  3. C. Gentry, "Fully homomorphic encryption using ideal lattices," in Proc. of ACM Symposium on Theory of Computing, Vol. 9, 2009, pp. 169-178.
  4. C. Curino, E. P. C. Jones, R. A. Popa, N. Malviya, E. Wu, S. R. Madden, et al, "Relational Cloud: A Database-as-a-Service for the Cloud," in Proc. of CIDR 2011, Fifth Biennial Conference on Innovative Data Systems Research, Asilomar, CA, USA, January 9-12, 2011, Online Proceedings, pp. 235-240.
  5. R. A. Popa, C. M. S. Redfield, N. Zeldovich, and H. Balakrishnan, "CryptDB: Protecting confidentiality with encrypted query processing," in Proc. of ACM Symposium on Operating Systems Principles 2011, SOSP 2011, Cascais, Portugal, October, pp. 85-100.
  6. P. Paillier, "Public-Key Cryptosystems Based on Composite Degree Residuosity Classes," in Proc. of Advances in Cryptology - EUROCRYPT '99, International Conference on the Theory and Application of Cryptographic Techniques, Prague, Czech Republic, May 2-6, 1999, Proceeding, Vol. 5, pp. 223-238.
  7. D. Liu, "Homomorphic encryption for database querying," WO/2013/188929.
  8. Hacigumus, Hakan, B. Iyer, C. Li, and S. Mehrotra, "Executing SQL over encrypted data in the database-service-provider model," in Proc. of ACM SIGMOD International Conference on Management of Data, Madison, Wisconsin, June, 2002, pp. 216-227.
  9. D. X. Song, D. Wagner, and A. Perrig, "Practical techniques for searches on encrypted data," in Proc. of IEEE Symposium on Security and Privacy, 2012, pp. 44-55.
  10. D. Cash, S. Jarecki, C. Jutla, H. Krawczyk, M. C. Rosu, and M. Steiner, "Highly-Scalable Searchable Symmetric Encryption with Support for Boolean Queries," Advances in Cryptology-CRYPTO 2013, Springer Berlin Heidelberg, 2013, pp. 353-373.
  11. R. Curtmola, J. Garay, S. Kamara, and R. Ostrovsky, "Searchable symmetric encryption: improved definitions and efficient constructions," Journal of Computer Security, Vol. 19, 2011, pp. 895-934. https://doi.org/10.3233/JCS-2011-0426
  12. N. Cao, C. Wang, M. Li, K. Ren, and W. Lou, "Privacy-preserving multi-keyword ranked search over encrypted cloud data," Proceedings - IEEE INFOCOM, Vol. 25, 2011, pp. 829-837.
  13. B. Wang, S. Yu, W. Lou, and Y. T. Hou, "Privacy-preserving multi-keyword fuzzy search over encrypted data in the cloud," Proceedings - IEEE INFOCOM, 2014, pp. 2112-2120.
  14. Z. Fu, X. Sun, Q. Liu, L. Zhou, and J. Shu, "Achieving efficient cloud search services: multi-keyword ranked search over encrypted cloud data supporting parallel computing," IEICE Transactions on Communications, Vol. E98.B, 2015, pp. 190-200. https://doi.org/10.1587/transcom.E98.B.190
  15. B. Dan, and B. Waters, "Conjunctive, Subset, and Range Queries on Encrypted Data," in Proc. of The Theory of Cryptography Conference, Vol. 4392, 2006, pp. 535-554.
  16. B. Hore, S. Mehrotra, M. Canim, and M. Kantarcioglu, "Secure multidimensional range queries over outsourced data," Vldb Journal International Journal on Very Large Data Bases, Vol. 21, 2012, pp. 333-358. https://doi.org/10.1007/s00778-011-0245-7
  17. R. Li, A. X. Liu, A. L. Wang, and B. Bruhadeshwar, "Fast range query processing with strong privacy protection for cloud computing," Pvldb, Vol. 7, 2014, pp. 1953-1964.
  18. S. Tu, M. F. Kaashoek, S. Madden, and N. Zeldovich, "Processing analytical queries over encrypted data," Proceedings of the Vldb Endowment, Vol. 6, 2013, pp. 289-300. https://doi.org/10.14778/2535573.2488336
  19. D. Liu, and S. W., "Nonlinear order preserving index for encrypted database query in service cloud environments," Concurrency and Computation Practice and Experience, Vol. 25, 2013, pp. 1967-1984. https://doi.org/10.1002/cpe.2992
  20. D. Agrawal, A. E. Abbadi, F. Emekci, A. Metwally, and S. Wang, "Secure Data Management Service on Cloud Computing Infrastructures," New Frontiers in Information and Software as Services, Springer Berlin Heidelberg, Vol. 74, 2011, pp. 57-80.
  21. S. Bajaj, and R. Sion, "Trusteddb: a trusted hardware based database with privacy and data confidentiality," in Proc. of SIGMOD, 2011.
  22. A. H. M. S. Sattar, J. Li, X. Ding, J. Liu, and M. Vincent, "A general framework for privacy preserving data publishing," Knowledge-Based Systems, Vol. 54, 2013, pp. 276-287. https://doi.org/10.1016/j.knosys.2013.09.022
  23. J. Li, Z. Liu, X. Chen, F. Xhafa, X. Tan, and D. S. Wong, "L-EncDB: A lightweight framework for privacy-preserving data queries in cloud computing," Knowledge-Based Systems, Vol. 79, 2015, pp. 18-26. https://doi.org/10.1016/j.knosys.2014.04.010