Skip to main content
SpringerLink
Log in

Secure Data Management Service on Cloud Computing Infrastructures

  • Conference paper
New Frontiers in Information and Software as Services

Part of the book series: Lecture Notes in Business Information Processing ((LNBIP,volume 74))

Abstract

Data outsourcing or database as a service is a new paradigm for data management in which a third party service provider hosts a database as a service. The service provides data management for its customers and thus obviates the need for the service user to purchase expensive hardware and software, deal with software upgrades and hire professionals for administrative and maintenance tasks. Since using an external database service promises reliable data storage at a low cost it is very attractive for companies. Such a service would also provide universal access, through the Internet to private data stored at reliable and secure sites in cloud computing infrastructures. However, recent governmental legislations, competition among companies, and data thefts mandate companies to use secure and privacy preserving data management techniques. The data provider, therefore, needs to guarantee that the data is secure, be able to execute queries on the data, and the results of the queries must also be secure and not visible to the data provider. Current research has been focused only on how to index and query encrypted data. However, querying encrypted data is computationally very expensive. Providing an efficient trust mechanism to push both database service providers and clients to behave honestly has emerged as one of the most important problem before data outsourcing to become a viable paradigm. In this paper, we describe scalable privacy preserving algorithms for data outsourcing in cloud computing infrastructures. Instead of encryption, which is computationally expensive, we use distribution on multiple sites that are available in the cloud and information theoretically proven secret sharing algorithms as the basis for privacy preserving outsourcing. The technical contributions of this paper is the establishment and development of a framework for efficient fault-tolerant scalable and theoretically secure privacy preserving data outsourcing that supports a diversity of database operations executed on different types of data.

This research was partially supported by the NSF under grant IIS-0847925.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Hacigumus, H., Iyer, B.R., Li, C., Mehrotra, S.: Executing SQL over encrypted data in the database service provider model. In: SIGMOD Conference (2002), http://citeseer.ist.psu.edu/hacigumus02executing.html

  2. Hore, B., Mehrotra, S., Tsudik, G.: A privacy-preserving index for range queries. In: Proc. of the 30th Int’l. Conference on Very Large Databases VLDB, pp. 720–731 (2004)

    Google Scholar 

  3. Agrawal, R., Kiernan, J., Srikant, R., Xu, Y.: Order preserving encryption for numeric data. In: SIGMOD 2004: Proceedings of the, ACM SIGMOD International Conference on Management of Data, pp. 563–574. ACM Press, New York (2004)

    Chapter  Google Scholar 

  4. Aggarwal, G., Bawa, M., Ganesan, P., Garcia-Molina, H., Kenthapadi, K., Motwani, R., Srivastava, U., Thomas, D., Xu, Y.: Two can keep a secret: A distributed architecture for secure database services. In: CIDR, pp. 186–199 (2005)

    Google Scholar 

  5. Kantarcıoǧlu, M., Clifton, C.: Security issues in querying encrypted data. In: Jajodia, S., Wijesekera, D. (eds.) Data and Applications Security 2005. LNCS, vol. 3654, pp. 325–337. Springer, Heidelberg (2005)

    Chapter  Google Scholar 

  6. Hore, B., Mehrotra, S., Tsudik, G.: A privacy-preserving index for range queries. In: Proceedings of the International Conference on Very Large Data Bases (2004)

    Google Scholar 

  7. Li, J., Omiecinski, E.R.: Efficiency and security trade-off in supporting range queries on encrypted databases. In: Jajodia, S., Wijesekera, D. (eds.) Data and Applications Security 2005. LNCS, vol. 3654, pp. 69–83. Springer, Heidelberg (2005)

    Chapter  Google Scholar 

  8. Shmueli, E., Waisenberg, R., Elovici, Y., Gudes, E.: Designing secure indexes for encrypted databases. In: Jajodia, S., Wijesekera, D. (eds.) Data and Applications Security 2005. LNCS, vol. 3654, pp. 54–68. Springer, Heidelberg (2005)

    Chapter  Google Scholar 

  9. Yang, Z., Zhong, S., Wright, R.: Privacy-preserving queries on encrypted data. In: Gollmann, D., Meier, J., Sabelfeld, A. (eds.) ESORICS 2006. LNCS, vol. 4189, pp. 479–495. Springer, Heidelberg (2006)

    Chapter  Google Scholar 

  10. Kushilevitz, E., Ostrovsky, R.: Replication is not needed: Single database, computationally-private information retrieval. In: Proceedings of the FOCS (1997)

    Google Scholar 

  11. Chor, B., Goldreich, O., Kushilevitz, E., Sudan, M.: Private infomation retrieval. Journal of the ACM 45(6), 965–982 (1998)

    Article  MathSciNet  MATH  Google Scholar 

  12. Stern, J.: A new and efficient all-or-nothing disclosure of secrets protocol. In: Ohta, K., Pei, D. (eds.) ASIACRYPT 1998. LNCS, vol. 1514, pp. 357–371. Springer, Heidelberg (1998)

    Chapter  Google Scholar 

  13. Kushilevitz, E., Ostrovsky, R.: One-way trapdoor permutations are sufficient for non-trivial single-server private information retrieval. In: Preneel, B. (ed.) EUROCRYPT 2000. LNCS, vol. 1807, p. 104. Springer, Heidelberg (2000)

    Chapter  Google Scholar 

  14. Cachin, C., Micali, S., Stadler, M.: Computationally private information retrieval with polylogarithmic communication. In: Stern, J. (ed.) EUROCRYPT 1999. LNCS, vol. 1592, p. 402. Springer, Heidelberg (1999)

    Chapter  Google Scholar 

  15. Chang, Y.: Single database private information retrieval with logarithmic communication (2004)

    Google Scholar 

  16. Sion, R., Carbunar, B.: On the computational practicality of private information retrieval. In: Proceedings of the Networks and Distributed Systems Security (2007)

    Google Scholar 

  17. Devambu, P., Gertz, M., Martel, C., Stubblebine, S.: Authentic third-party data publication. In: Proceedings of the IFIP Workshop on Database Security (2000)

    Google Scholar 

  18. Mykletun, E., Narasimha, M., Tsudik, G.: Authentiction and integrity in outsourced databases. In: Proceedings of the ISOC Symposium on Network and Distributed Systems Security (2004)

    Google Scholar 

  19. Sion, R.: Query execution assurance for outsourced database. In: Proceedings of the Interntional Conference on Very Large Data Bases (VLDB 2005) (2005)

    Google Scholar 

  20. Pang, H., Jain, A., Ramamritham, K., Tan, K.: Verifying completeness of relational query resultts in data publishing. In: Proceedings of the ACM International Conference on Management of Data (SIGMOD 2005) (2005)

    Google Scholar 

  21. Narasimha, M., Tsudik, G.: Authentication of outsourced databases using signature aggregation and chaining. In: Li Lee, M., Tan, K.-L., Wuwongse, V. (eds.) DASFAA 2006. LNCS, vol. 3882, pp. 420–436. Springer, Heidelberg (2006)

    Chapter  Google Scholar 

  22. Sion, R.: Secure data outsourcing. In: Proceedings of the 33rd International Conference on Very Large Data Bases, pp. 1431–1432 (2007)

    Google Scholar 

  23. Agrawal, R., Asonov, D., Srikant, R.: Enabling sovereign information sharing using web services. In: SIGMOD Conference, pp. 873–877 (2004)

    Google Scholar 

  24. Agrawal, R., Evfimievski, A., Srikant, R.: Information sharing across private databases. In: Proc. of the 2003 ACM SIGMOD International Conference on on Management of Data, pp. 86–97 (2003)

    Google Scholar 

  25. Ge, T., Zdonik, S.B.: Answering aggregation queries in a secure system model. In: Proceedings of the 33rd International Conference on Very Large Data Bases, pp. 519–530 (2007)

    Google Scholar 

  26. di Vimercati, S.D.C., Foresti, S., Jajodia, S., Paraboschi, S., Samarati, P.: Over-encryption: Management of access control evolution on outsourced data. In: Proceedings of the 33rd International Conference on Very Large Data Bases, pp. 123–134 (2007)

    Google Scholar 

  27. Anciaux, N., Benzine, M., Bouganim, L., Pucheral, P., Shasha, D.: Ghostdb: querying visible and hidden data without leaks. In: Proceedings of the ACM SIGMOD International Conference on Management of Data, pp. 677–688 (2007)

    Google Scholar 

  28. Scannapieco, M., Figotin, I., Bertino, E., Elmagarmid, A.K.: Privacy preserving schema and data matching. In: Proceedings of the ACM SIGMOD International Conference on Management of Data, pp. 653–664 (2007)

    Google Scholar 

  29. Ostrovsky, R., Shoup, V.: Private Information Storage. In: Proceedings of the STOC (1997)

    Google Scholar 

  30. Gertner, Y., Ishai, Y., Kushilevitz, E., Malkin, T.: Protecting data privacy in private information retrieval schemes. In: Proc. of the Thirtieth Annual ACM Symposium on Theory of Computing, pp. 151–160. ACM Press, New York (1998)

    Google Scholar 

  31. Naor, M., Pinkas, B.: Oblivious transfer and polynomial evaluation. In: Proc. of the Thirty-First Annual ACM Symposium on Theory of Computing, pp. 245–254. ACM Press, New York (1999)

    Google Scholar 

  32. Shamir, A.: How to share a secret. Commun. ACM 22(11), 612–613 (1979)

    Article  MathSciNet  MATH  Google Scholar 

  33. Ostrovsky, R., Yung, M.: How to withstand mobile virus attacks (extended abstract). In: PODC 1991: Proceedings of the Tenth Annual ACM Symposium on Principles of Distributed Computing, pp. 51–59 (1991)

    Google Scholar 

  34. Herzberg, A., Jarecki, S., Krawczyk, H., Yung, M.: Proactive secret sharing or: How to cope with perpetual leakage. In: Coppersmith, D. (ed.) CRYPTO 1995. LNCS, vol. 963, pp. 339–352. Springer, Heidelberg (1995)

    Google Scholar 

  35. Jarecki, S.: Proactive secret sharing and public key cryptosystems. Master’s thesis, MIT (1995), http://citeseer.ist.psu.edu/jarecki95proactive.html

  36. Zhou, L., Schneider, F.B., Renesse, R.V.: APSS: Proactive secret sharing in asynchronous systems. ACM Transactions on Information System Security 8(3), 259–286 (2005)

    Article  Google Scholar 

  37. Emekci, F., Agrawal, D.P., El Abbadi, A.: ABACUS: A distributed middleware for privacy preserving data sharing across private data warehouses. In: Alonso, G. (ed.) Middleware 2005. LNCS, vol. 3790, pp. 21–41. Springer, Heidelberg (2005)

    Chapter  Google Scholar 

  38. Emekçi, F., Agrawal, D., El Abbadi, A., Gulbeden, A.: Privacy preserving query processing using third parties. In: ICDE, p. 27 (2006)

    Google Scholar 

  39. Aggarwal, G., Mishra, N., Pinkas, B.: Privacy-preserving computation of the k’th-ranked element. In: Cachin, C., Camenisch, J.L. (eds.) EUROCRYPT 2004. LNCS, vol. 3027, pp. 40–55. Springer, Heidelberg (2004)

    Chapter  Google Scholar 

  40. Gentry, C.: Fully homomorphic encryption using ideal lattices. In: STOC 2009: Proceedings of the 41st Annual ACM Symposium on Theory of Computing, pp. 169–178 (2009)

    Google Scholar 

  41. Blakley, G.R.: Safeguarding cryptographic keys. In: Proceedings of the National Computer Conference, American Federation of Information Processing Societies, vol. 48, pp. 313–317 (1979)

    Google Scholar 

  42. Stinson, D., Wei, R.: Bibliography on secret sharing schemes, http://www.cacr.math.uwaterloo.ca/dstinson/ssbib.html

  43. McEliece, R.J., Sarwate, D.V.: On sharing secrets and reed-solomon codes. Communications of ACM 24(9), 583–584 (1981)

    Article  MathSciNet  Google Scholar 

  44. Cramer, R., Fehr, S.: Optimal black-box secret sharing over arbitrary abelian groups. In: Yung, M. (ed.) CRYPTO 2002. LNCS, vol. 2442, pp. 272–287. Springer, Heidelberg (2002)

    Chapter  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Department of Computer Science, University of California at Santa Barbara, Santa Barbara, CA, 93106, USA

    Divyakant Agrawal, Amr El Abbadi & Shiyuan Wang

  2. LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA, 94043, USA

    Fatih Emekci

  3. Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA, 94043, USA

    Ahmed Metwally

Authors
  1. Divyakant Agrawal
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Amr El Abbadi
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Fatih Emekci
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Ahmed Metwally
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Shiyuan Wang
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Department of Computer Science, University of California at Santa Barbara, 93106, Santa Barbara, CA, USA

    Divyakant Agrawal

  2. Computer Science and Engineering Department, Arizona State University, 85287-8809, Tempe, AZ, USA

    K. Selçuk Candan

  3. SAP China, 201203, Shanghai, China

    Wen-Syan Li

Rights and permissions

Reprints and permissions

Copyright information

© 2011 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Agrawal, D., El Abbadi, A., Emekci, F., Metwally, A., Wang, S. (2011). Secure Data Management Service on Cloud Computing Infrastructures. In: Agrawal, D., Candan, K.S., Li, WS. (eds) New Frontiers in Information and Software as Services. Lecture Notes in Business Information Processing, vol 74. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-19294-4_3

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-19294-4_3

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-19293-7

  • Online ISBN: 978-3-642-19294-4

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation