The VLDB Journal

, Volume 21, Issue 3, pp 333–358 | Cite as

Secure multidimensional range queries over outsourced data

  • Bijit HoreEmail author
  • Sharad Mehrotra
  • Mustafa Canim
  • Murat Kantarcioglu
Regular Paper


In this paper, we study the problem of supporting multidimensional range queries on encrypted data. The problem is motivated by secure data outsourcing applications where a client may store his/her data on a remote server in encrypted form and want to execute queries using server’s computational capabilities. The solution approach is to compute a secure indexing tag of the data by applying bucketization (a generic form of data partitioning) which prevents the server from learning exact values but still allows it to check if a record satisfies the query predicate. Queries are evaluated in an approximate manner where the returned set of records may contain some false positives. These records then need to be weeded out by the client which comprises the computational overhead of our scheme. We develop a bucketization procedure for answering multidimensional range queries on multidimensional data. For a given bucketization scheme, we derive cost and disclosure-risk metrics that estimate client’s computational overhead and disclosure risk respectively. Given a multidimensional dataset, its bucketization is posed as an optimization problem where the goal is to minimize the risk of disclosure while keeping query cost (client’s computational overhead) below a certain user-specified threshold value. We provide a tunable data bucketization algorithm that allows the data owner to control the trade-off between disclosure risk and cost. We also study the trade-off characteristics through an extensive set of experiments on real and synthetic data.


Privacy Disclosure Confidentiality Outsourcing Security Query execution Relational 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    AES: Advanced Encryption Standard. FIPS 197, Computer Security Resource Center, National Institute of Standards and Technology (2001).
  2. 2.
    Aggarwal, G., Bawa, M., Ganesan, P., Garcia-Molina, H., Kenthapadi, K., Srivastava, U., Thomas, D., Xu, Y.: Two can keep a secret: a distributed architecture for secure database services. In: CIDR (2005)Google Scholar
  3. 3.
    Agrawal, R., Asonov, D., Kantarcioglu, M., Li, Y.: Sovereign joins. In: ICDE (2006)Google Scholar
  4. 4.
    Agrawal, R., Kiernan, J., Srikant, R., Xu, Y.: Order-preserving encryption for numeric data. In: SIGMOD (2004)Google Scholar
  5. 5.
    Bayardo, R.J., Agrawal, R.: Data privacy through optimal K-anonymization. In: ICDE (2005)Google Scholar
  6. 6.
    Boldyreva, A., Chenette, N., Lee, Y., O’Neill, A.: Order-preserving symmetric encryption. In: EUROCRYPT (2009)Google Scholar
  7. 7.
    Boneh, D., Boyen, X.: Efficient selective-ID secure identity based encryption without random oracles. In: EUROCRYPT (2004)Google Scholar
  8. 8.
    Boneh, D., Crescenzo, G., Ostrovsky, R., Persiano, G.: Public-key encryption with keyword search. In: EUROCRYPT (2004)Google Scholar
  9. 9.
    Boneh, D., Waters, B.: Conjunctive, subset, and range queries on encrypted data. In: TCC (2007)Google Scholar
  10. 10.
    Bouganim, L., Pucheral, P.: Chip-secured data access: confidential data on untrusted servers. In: VLDB (2002)Google Scholar
  11. 11.
    Brucker, P.: On the complexity of clustering problems. In: Optimizations and Operations Research. Springer (1978)Google Scholar
  12. 12.
    Capitani di Vimercati, S., Foresti, S., Paraboschi, S., Pelosi, G., Samarati, P.: Efficient and private access to outsourced data. In: ICDCS (2011)Google Scholar
  13. 13.
    Casella, G., Berger, R.L.: Statistical inference. Duxbury Advanced Series (2001)Google Scholar
  14. 14.
    Chang, Y., Mitzenmacher, M.: Privacy preserving keyword searches on remote encrypted data. In: ACNS (2005)Google Scholar
  15. 15.
    Cover T.M., Thomas J.A.: Elements of Information Theory. Wiley, New york (1991)zbMATHCrossRefGoogle Scholar
  16. 16.
    Damiani, E., Vimercati, S., Jajodia, S., Paraboschi, S., Samarati, P.: Balancing confidentiality and efficiency in untrusted relational DBMSs. In: CCS (2003)Google Scholar
  17. 17.
    Eavis, T., Lopez, A.: Rk-hist: an r-tree based histogram for multi-dimensional selectivity estimation. In: CIKM (2007)Google Scholar
  18. 18.
    Gentry, C.: Fully homomorphic encryption using ideal lattices. In: STOC (2009)Google Scholar
  19. 19.
    Gentry, C.: Computing arbitrary functions of encrypted data. CACM 53(3) (2010)Google Scholar
  20. 20.
    Goh, E.: Secure Indexes. Unpubished manuscript (2003)Google Scholar
  21. 21.
    Goldberg D.E.: Genetic Algorithms in Search, Optimization and Machine Learning. Addison-Wesley, Reading (1988)Google Scholar
  22. 22.
    Goldreich O.: The Foundations of Cryptography, vol. 1. Cambridge University Press, Cambridge (2001)CrossRefGoogle Scholar
  23. 23.
    Hacıgümüş, H., Iyer, B., Li, C., Mehrotra, S.: Executing sql over encrypted data in database service provider model. In: SIGMOD (2002)Google Scholar
  24. 24.
    Hacıgümüş, H., Iyer, B., Mehrotra, S.: Providing database as a service. In: ICDE (2002)Google Scholar
  25. 25.
    Hacıgümüş, H., Iyer, B., Mehrotra, S.: Efficient execution of aggregation queries over encrypted relational databases. In: DASFAA (2004)Google Scholar
  26. 26.
    Hilbert, D.: Ueber die stetige abbildung einer line auf ein flchenstck. In: Mathematische Annalen (1891)Google Scholar
  27. 27.
    Hore, B., Jammalamadaka, R.C., Mehrotra, S.: Flexible anonymization for privacy preserving data publishing: a systematic search based approach. In: Siam Conference on Data Mining (2007)Google Scholar
  28. 28.
    Hore, B., Mehrotra, S., Canim, M., Kantarcioglu, M.: Secure Multidimensional Range Queries Over Outsourced Data (extended version). ICS technical report, UCI,
  29. 29.
    Hore, B., Mehrotra, S., Tsudik, G.: A privacy-preserving index for range queries. In: VLDB (2004)Google Scholar
  30. 30.
    Jones, D.R., Beltramo, M.A.: Solving partitioning problems with genetic algorithms. In: Proceedings of the 4th International Conference of Genetic Algorithms (1991)Google Scholar
  31. 31.
    Khanna, S., Muthukrishnan, S., Paterson, M.: On approximating rectangle tiling and packing. In: SODA (1998)Google Scholar
  32. 32.
    Khanna, S., Muthukrishnan, S., Skiena, S.: Efficient array partitioning. In: ICALP (1997)Google Scholar
  33. 33.
    LeFevre, K., DeWitt, D., Ramakrishnan, R.: Mondrian multidimensional K-Anonymity. In: ICDE (2006)Google Scholar
  34. 34.
    Li, J., Omiecinski, E.: Efficiency and security trade-off in supporting range queries on encrypted databases. In: DBSec (2005)Google Scholar
  35. 35.
    Machanavajjhala, A., Kifer, D., Gehrke, J., Venkitasubramaniam, M.: L-Diversity: privacy beyond K-Anonymity. In: ICDE (2006)Google Scholar
  36. 36.
    Muthukrishnan, S., Poosala, V., Suel, T.: On rectangular partitionings in two dimensions: algorithms, complexity and applications. In: ICDT (1997)Google Scholar
  37. 37.
    Muthukrishnan S., Suel T.: Approximation algorithms for array partitioning problems. J. Algorithms 54, 85–104 (2005)MathSciNetzbMATHCrossRefGoogle Scholar
  38. 38.
    Pinkas, B., Reinman, T.: Oblivious RAM revisited. In: CRYPTO (2010)Google Scholar
  39. 39.
    Poosala, V., Ioannidis, Y.: Selectivity estimation without attribute value independence assumption. In: VLDB (1997)Google Scholar
  40. 40.
    Poosala, V., Ioannidis, Y., Haas, P.J., Shekita, E.J.: Improved histograms for selectivity estimation of range predicates. In: SIGMOD (1996)Google Scholar
  41. 41.
    Samarati, P.: Protecting respondents’ identities in microdata Release. IEEE TKDE 13(6) (2001)Google Scholar
  42. 42.
    Samet H.: Foundations of Multidimensional and Metric Data Structures. Morgan Kaufmann, San Francisco (2005)Google Scholar
  43. 43.
    Shi, E., Bethencourt, J., Chan, H.T.-H., Song, D.X., Perrig, A.: Multi-dimensional range query over encrypted data. In: IEEE S&P (2007)Google Scholar
  44. 44.
    Song, D.X., Wagner, D., Perrig, A.: Practical techniques for searches on encrypted data. In: IEEE S&P (2000)Google Scholar
  45. 45.
    Sweeney, L.: Achieving K-anonymity privacy protection using generalization and suppression. Int J Uncertain Fuzz Knowl Base Syst (2002)Google Scholar
  46. 46.
    UCI Machine Learning Repository.
  47. 47.
    Willenborg L., De Waal T.: Statistical Disclosure Control in Practice. Springer, New York (1996)zbMATHCrossRefGoogle Scholar
  48. 48.
    Williams, P., Sion, R.: Usable PIR. In: NDSS (2008)Google Scholar
  49. 49.
    Williams, P., Sion, R., Carbunar, B.: Building castles out of mud: practical access pattern privacy and correctness on untrusted storage. In: CCS (2008)Google Scholar
  50. 50.
    Witten I.H., Frank E.: Data Mining: Practical Machine Learning Tools and Techniques, 2nd edn. Morgan Kaufmann, San Francisco (2005)zbMATHGoogle Scholar
  51. 51.
    Wong, W.K., Cheung, D.W., Kao, B., Mamoulis, N.: Secure kNN computation on encrypted databases. In: SIGMOD (2009)Google Scholar
  52. 52.
    Xu, J., Fan, J., Ammar, M.H., Moon, S.B.: Prefix-preserving IP address anonymization: measurement-based security evaluation and a new cryptography based scheme. In: ICNP (2002)Google Scholar
  53. 53.
    Yiu M.L., Ghinita G., Jensen C.S., Kalnis P.: Enabling search services on outsourced private spatial data. VLDB J. 19(3), 363–384 (2010)CrossRefGoogle Scholar

Copyright information

© Springer-Verlag 2011

Authors and Affiliations

  • Bijit Hore
    • 1
    Email author
  • Sharad Mehrotra
    • 1
  • Mustafa Canim
    • 2
  • Murat Kantarcioglu
    • 3
  1. 1.Donald Bren School of Computer ScienceUniversity of CaliforniaIrvineUSA
  2. 2.IBM T. J. WatsonNew YorkUSA
  3. 3.University of Texas at DallasRichardsonUSA

Personalised recommendations