Skip to main content
SpringerLink
Log in

A Comprehensive Framework for Secure Query Processing on Relational Data in the Cloud

  • Conference paper
Book cover Secure Data Management (SDM 2011)

Part of the book series: Lecture Notes in Computer Science ((LNISA,volume 6933))

Included in the following conference series:

Abstract

Data security in the cloud is a big concern that blocks the widespread use of the cloud for relational data management. First, to ensure data security, data confidentiality needs to be provided when data resides in storage as well as when data is dynamically accessed by queries. Prior works on query processing on encrypted data did not provide data confidentiality guarantees in both aspects. Tradeoff between secrecy and efficiency needs to be made when satisfying both aspects of data confidentiality while being suitable for practical use. Second, to support common relational data management functions, various types of queries such as exact queries, range queries, data updates, insertion and deletion should be supported. To address these issues, this paper proposes a comprehensive framework for secure and efficient query processing of relational data in the cloud. Our framework ensures data confidentiality using a salted IDA encoding scheme and column-access-via-proxy query processing primitives, and ensures query efficiency using matrix column accesses and a secure B+-tree index. In addition, our framework provides data availability and integrity. We establish the security of our proposal by a detailed security analysis and demonstrate the query efficiency of our proposal through an experimental evaluation.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 54.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 69.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Ristenpart, T., Tromer, E., Shacham, H., Savage, S.: Hey, you, get off of my cloud: exploring information leakage in third-party compute clouds. In: Proceedings of the 16th ACM Conference on Computer and Communications Security, CCS 2009, pp. 199–212. ACM, New York (2009)

    Google Scholar 

  2. Hacigümüş, H., Iyer, B., Li, C., Mehrotra, S.: Executing sql over encrypted data in the database-service-provider model. In: Proceedings of the 2002 ACM SIGMOD International Conference on Management of Data, SIGMOD 2002, pp. 216–227. ACM, New York (2002)

    Google Scholar 

  3. Hore, B., Mehrotra, S., Tsudik, G.: A privacy-preserving index for range queries. In: Proceedings of the Thirtieth International Conference on Very Large Data Bases, VLDB 2004. VLDB Endowment, vol. 30, pp. 720–731 (2004)

    Google Scholar 

  4. Agrawal, R., Kiernan, J., Srikant, R., Xu, Y.: Order preserving encryption for numeric data. In: Proceedings of the 2004 ACM SIGMOD International Conference on Management of Data. SIGMOD 2004, pp. 563–574. ACM, New York (2004)

    Google Scholar 

  5. Ge, T., Zdonik, S.B.: Fast, secure encryption for indexing in a column-oriented dbms. In: ICDE, pp. 676–685 (2007)

    Google Scholar 

  6. Damiani, E., Vimercati, S.D.C., Jajodia, S., Paraboschi, S., Samarati, P.: Balancing confidentiality and efficiency in untrusted relational dbmss. In: Proceedings of the 10th ACM Conference on Computer and Communications Security, CCS 2003, pp. 93–102. ACM, New York (2003)

    Google Scholar 

  7. Shmueli, E., Waisenberg, R., Elovici, Y., Gudes, E.: Designing secure indexes for encrypted databases. In: IFIP Working Conference on Database Security, pp. 54–68 (2005)

    Google Scholar 

  8. Gentry, C.: Fully homomorphic encryption using ideal lattices. In: Proceedings of the 41st Annual ACM Symposium on Theory of Computing, STOC 2009, pp. 169–178. ACM, New York (2009)

    Google Scholar 

  9. Chor, B., Kushilevitz, E., Goldreich, O., Sudan, M.: Private information retrieval. Journal of The ACM 45(6), 965–981 (1998)

    Article  MathSciNet  MATH  Google Scholar 

  10. Kantarcioglu, M., Clifton, C.: Security issues in querying encrypted data. In: IFIP Working Conference on Database Security, pp. 325–337 (2005)

    Google Scholar 

  11. Williams, P., Sion, R., Carbunar, B.: Building castles out of mud: practical access pattern privacy and correctness on untrusted storage. In: CCS, pp. 139–148 (2008)

    Google Scholar 

  12. Rabin, M.O.: Efficient dispersal of information for security, load balancing, and fault tolerance. Journal of The ACM 36(2), 335–348 (1989)

    Article  MathSciNet  MATH  Google Scholar 

  13. Plank, J.S., Ding, Y.: Note: Correction to the 1997 tutorial on reed-solomon coding. Softw., Pract. Exper. 35(2), 189–194 (2005)

    Article  Google Scholar 

  14. Bowers, K.D., Juels, A., Oprea, A.: Hail: a high-availability and integrity layer for cloud storage. In: Proceedings of the 16th ACM Conference on Computer and Communications Security, CCS 2009, pp. 187–198. ACM, New York (2009)

    Google Scholar 

  15. Wang, C., Wang, Q., Ren, K., Lou, W.: Ensuring data storage security in cloud computing. In: Proceedings of the 17th IEEE International Workshop in Quality of Service, pp. 1–9 (2009)

    Google Scholar 

  16. Cleversafe: Cleversafe responds to cloud security challenges with cleversafe 2.0 software release (2010), http://www.cleversafe.com/news-reviews/press-releases/press-release-14

  17. www: Information dispersal algorithms: Data-parsing for network security (2010), http://searchnetworking.techtarget.com/Information-dispersal-algorithms-Data-parsing-for-network-security

  18. Comer, D.: Ubiquitous b-tree. ACM Comput. Surv. 11(2), 121–137 (1979)

    Article  MathSciNet  MATH  Google Scholar 

  19. Emekci, F., Agrawal, D., Abbadi, A.E., Gulbeden, A.: Privacy preserving query processing using third parties. In: Proceedings of the 22nd International Conference on Data Engineering, ICDE 2006, p. 27. IEEE Computer Society, Washington, DC, USA (2006)

    Google Scholar 

  20. Ge, T., Zdonik, S.: Answering aggregation queries in a secure system model. In: Proceedings of the 33rd International Conference on Very Large Data Bases, VLDB 2007. VLDB Endowment, pp. 519–530 (2007)

    Google Scholar 

  21. De Capitani di Vimercati, S., Foresti, S., Paraboschi, S., Pelosi, G., Samarati, P.: Efficient and private access to outsourced data. In: ICDCS (to appear 2011)

    Google Scholar 

  22. Abu-Libdeh, H., Princehouse, L., Weatherspoon, H.: Racs: a case for cloud storage diversity. In: Proceedings of the 1st ACM Symposium on Cloud Computing, SoCC 2010, pp. 229–240. ACM, New York (2010)

    Google Scholar 

  23. Wang, S., Agrawal, D., Abbadi, A.E.: A comprehensive framework for secure query processing on relational data in the cloud. Technical report, Department of Computer Science, UCSB (2010)

    Google Scholar 

  24. Bellare, M., Canetti, R., Krawczyk, H.: Keying hash functions for message authentication. In: Koblitz, N. (ed.) CRYPTO 1996. LNCS, vol. 1109, pp. 1–15. Springer, Heidelberg (1996)

    Google Scholar 

  25. Wang, H., Lakshmanan, L.V.S.: Efficient secure query evaluation over encrypted xml databases. In: Proceedings of the 32nd International Conference on Very Large Data Bases, VLDB 2006. VLDB Endowment, pp. 127–138 (2006)

    Google Scholar 

  26. Samarati, P., Sweeney, L.: Protecting privacy when disclosing information: k-anonymity and its enforcement through generalization and suppression. Technical report (1998)

    Google Scholar 

  27. Dai, W.: Crypto++ library 5.6.0, http://www.cryptopp.com

  28. www: report on internet speeds in all 50 states (2009), http://www.speedmatters.org/content/2009report

  29. www: Tpc-w, http://www.tpc.org/tpcw

Download references

Author information

Authors and Affiliations

  1. Department of Computer Science, University of California, Santa Barbara, USA

    Shiyuan Wang, Divyakant Agrawal & Amr El Abbadi

Authors
  1. Shiyuan Wang
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Divyakant Agrawal
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Amr El Abbadi
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Faculty of Electrical Engineering, Mathematics and Computer Science, University of Twente, P.O.Box 217, 7500 AE, Enschede, The Netherlands

    Willem Jonker

  2. Philips Research Europe, High Tech Campus 34 (office 3.14), 5656 AE, Eindhoven, The Netherlands

    Milan Petković

Rights and permissions

Reprints and permissions

Copyright information

© 2011 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Wang, S., Agrawal, D., El Abbadi, A. (2011). A Comprehensive Framework for Secure Query Processing on Relational Data in the Cloud. In: Jonker, W., Petković, M. (eds) Secure Data Management. SDM 2011. Lecture Notes in Computer Science, vol 6933. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-23556-6_4

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-23556-6_4

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-23555-9

  • Online ISBN: 978-3-642-23556-6

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation