5,463 Hits in 6.0 sec

Optimal Re-encryption Strategy for Joins in Encrypted Databases [chapter]

Florian Kerschbaum, Martin Härterich, Patrick Grofig, Mathias Kohler, Andreas Schaad, Axel Schröpfer, Walter Tighzert
2013 Lecture Notes in Computer Science  
In order to perform a join in a deterministically, adjustably encrypted database one has to re-encrypt at least one column.  ...  Naive strategies may perform too many or even infinitely many re-encryptions. We provide two strategies that allow for a much better performance.  ...  Therefore the database connector has to choose the right column to re-encrypt. We consider the effect of a few simple, straight-forward strategies.  ... 
doi:10.1007/978-3-642-39256-6_13 fatcat:lynliha2njcahgoalhaetz3kfq

Sypse: Privacy-first Data Management through Pseudonymization and Partitioning

Amol Deshpande
2021 Conference on Innovative Data Systems Research  
In this paper, we present a vision for transparently rearchitecting database systems by combining pseudonymization, synthetic data, and data partitioning to achieve three privacy goals: (1) reduce the  ...  We present a general architecture as well as several potential strategies for achieving the goals, and some initial experimental results comparing the performance of the different strategies.  ...  Specifically, as in Strategy 2, the Detail database is similarly encrypted, with synthetic columns added in to allow join queries to return results w/o access to the PII Database.  ... 
dblp:conf/cidr/Deshpande21 fatcat:rx3q2xmr65h6zavqsnd7oe6i3a


Isabelle Hang, Florian Kerschbaum, Ernesto Damiani
2015 Proceedings of the 2015 ACM SIGMOD International Conference on Management of Data - SIGMOD '15  
Query processing over encrypted data solves this problem for a single user, but provides only limited functionality in the face of access restrictions for multiple users and keys.  ...  It introduces an encryption based access control model and techniques for query execution over encrypted, access restricted data on the database with only a few cases requiring computations on the client  ...  In addition, optimization strategies can minimize the number of attribute values that have to be re-encrypted in the single user mode [17] . These are not feasible in the multi user mode.  ... 
doi:10.1145/2723372.2749439 dblp:conf/sigmod/HangKD15 fatcat:bmdpiltycjcprkavlfljto6m6a

Orthogonal Security with Cipherbase

Arvind Arasu, Spyros Blanas, Ken Eguro, Raghav Kaushik, Donald Kossmann, Ravishankar Ramamurthy, Ramarathnam Venkatesan
2013 Conference on Innovative Data Systems Research  
Cipherbase is a full-fledged SQL database system that achieves high performance and high data confidentiality by storing and processing strongly encrypted data.  ...  Furthermore, this paper shows how we addressed hardware / software co-design in the Cipherbase system.  ...  In a traditional database, for instance, it might be best to choose the following join order for a three-way join query: (A 1 B) 1 C.  ... 
dblp:conf/cidr/ArasuBEKKRV13 fatcat:sn5ljyv3fvemhd7prxockzjg4e


Raluca Ada Popa, Catherine M. S. Redfield, Nickolai Zeldovich, Hari Balakrishnan
2011 Proceedings of the Twenty-Third ACM Symposium on Operating Systems Principles - SOSP '11  
By adapting known encryption schemes (for equality, additions, and order checks) and using a new privacy-preserving cryptographic method for joins, CryptDB encrypts each data item in a way that allows  ...  CryptDB is a system that provides practical and provable confidentiality in the face of these attacks for applications backed by SQL databases.  ...  We also thank Geoffrey Thomas, Quentin Smith, Mitch Berger, and the rest of the maintainers for providing us with SQL query traces.  ... 
doi:10.1145/2043556.2043566 dblp:conf/sosp/PopaRZB11 fatcat:zf32yqczuvc73bd35met4mrrry

Database Fragmentation with Confidentiality Constraints

Xiaofeng Xu, Li Xiong, Jinfei Liu
2015 Proceedings of the 5th ACM Conference on Data and Application Security and Privacy - CODASPY '15  
The optimal fragmentation problem is to find a fragmentation with minimum cost for query support.  ...  Database fragmentation is a promising approach that can be used in combination with encryption to achieve secure data outsourcing which allows clients to securely outsource their data to remote untrusted  ...  The hierarchical clustering method [7] for database fragmentation is based on nearest joins.  ... 
doi:10.1145/2699026.2699121 dblp:conf/codaspy/XuXL15 fatcat:enzklkkfrzbabixbtsw7y7o4ia

An Encrypted In-Memory Column-Store: The Onion Selection Problem [chapter]

Florian Kerschbaum, Martin Härterich, Mathias Kohler, Isabelle Hang, Andreas Schaad, Axel Schröpfer, Walter Tighzert
2013 Lecture Notes in Computer Science  
We have evaluated our new algorithm in a prototypical implementation in an in-memory column store database system.  ...  Processing encrypted queries in the cloud has been extended by CryptDB's approach of adjustable onion encryption.  ...  We use this proxy re-encryption in order to adjust the encryption keys just before performing a join operation. For details how to choose which column to re-encrypt we refer the reader to [16] .  ... 
doi:10.1007/978-3-642-45204-8_2 fatcat:dhc4y3lgujgj3p4rqporx7pzxq

Optimized and controlled provisioning of encrypted outsourced data

Andreas Schaad, Anis Bkakria, Florian Keschbaum, Frederic Cuppens, Nora Cuppens-Boulahia, David Gross-Amblard
2014 Proceedings of the 19th ACM symposium on Access control models and technologies - SACMAT '14  
Recent advances in encrypted outsourced databases support the direct processing of queries on encrypted data.  ...  Depending on functionality (i.e. operators) required in the queries the database has to use different encryption schemes with different security properties.  ...  We use Pohlig-Hellman encryption, a symmetric key RSA variant, for this encryption level, in order to support proxy re-encryption [20] .  ... 
doi:10.1145/2613087.2613100 dblp:conf/sacmat/SchaadBKCCG14 fatcat:blkd4oqoifhxfhgfycwc5iegna

Processing analytical queries over encrypted data

Stephen Tu, M. Frans Kaashoek, Samuel Madden, Nickolai Zeldovich
2013 Proceedings of the VLDB Endowment  
MONOMI works by encrypting the entire database and running queries over the encrypted data.  ...  Since these optimizations are good for some queries but not others, MONOMI introduces a designer for choosing an efficient physical design at the server for a given workload, and a planner to choose an  ...  ACKNOWLEDGMENTS We thank Raluca Ada Popa, Adam Marcus, Dan Ports, Eugene Wu, and the anonymous reviewers for their feedback. This work was supported by NSF award IIS-1065219 and by Google.  ... 
doi:10.14778/2535573.2488336 fatcat:qvlgqujk3nhznojcpkid64r74u

Security Issues in Querying Encrypted Data [chapter]

Murat Kantarcıoǧlu, Chris Clifton
2005 Lecture Notes in Computer Science  
There has been considerable interest in querying encrypted data, allowing a "secure database server" model where the server does not know data values.  ...  The primary goal of this paper is to provide a vision of how research in this area should proceed: efficient encrypted database and query processing with provable security properties.  ...  This will lead to many challenges: More efficient join and indexing strategies that meet security requirements, concurrency control that does not violate security, query optimization approaches, etc.  ... 
doi:10.1007/11535706_24 fatcat:xhocp337zzc5bnqlzgenkovlvu

Opaque: An Oblivious and Encrypted Distributed Analytics Platform

Wenting Zheng, Ankur Dave, Jethro G. Beekman, Raluca Ada Popa, Joseph E. Gonzalez, Ion Stoica
2017 Symposium on Networked Systems Design and Implementation  
Opaque provides an improvement of three orders of magnitude over state-of-the-art oblivious protocols, and our query optimization techniques improve performance by 2-5x. 1The name "Opaque" stands for Oblivious  ...  Many systems run rich analytics on sensitive data in the cloud, but are prone to data breaches.  ...  Acknowledgments We thank the reviewers, the shepherd, Mona Vij and other colleagues from Intel, and Aurojit Panda, for their valuable feedback or discussions.  ... 
dblp:conf/nsdi/ZhengDBPGS17 fatcat:c42dcg6qnjf5bke5rris3qxloy

Preserving Multi-relational Outsourced Databases Confidentiality using Fragmentation and Encryption

Anis Bkakria, Frédéric Cuppens, Nora Cuppens-Boulahia, José M. Fernandez, David Gross-Amblard
2013 Journal of Wireless Mobile Networks, Ubiquitous Computing, and Dependable Applications  
Confidentiality Mokhov, Sutcliffe, and Voronkov In distributed databases, they may exist several strategies for each query due to the fact that data are stored in different sites.  ...  by many re- lations.  ... 
doi:10.22667/jowua.2013.06.31.039 dblp:journals/jowua/BkakriaCCFG13 fatcat:tpqcilpnffaljcpwsmldcflvz4

Re-architecture of database software stack with planner module for query optimization in a cloud environment

Kamalanathan Kandasamy, Krishnashree Achuthan
2012 Proceedings of the First International Conference on Security of Internet of Things - SecurIT '12  
In this paper, we propose a general paradigm where software stacks need to be rearchitected to dynamically be able to run either in public or private clouds.  ...  Cloud bursting allows businesses leverage the cloud without losing the comfort and control of in-house data centre operations.  ...  The query optimization problem for the encrypted database systems is modeled and solved in [16] . 2) Trust models in the cloud : Since security is based on trust between the client and the public cloud  ... 
doi:10.1145/2490428.2490451 dblp:conf/securit/KandasamyA12 fatcat:oo7nbezs3zddnlyqsdblz46dny

Top-k Query Processing on Encrypted Databases with Strong Security Guarantees [article]

Xianrui Meng, Haohan Zhu, George Kollios
2018 arXiv   pre-print
Furthermore, we optimize our query algorithms for both space and time efficiency.  ...  However, there is very limited work on how to securely process top-k ranking queries over encrypted databases in the cloud.  ...  The main sec is fully described in Algorithm 11. As mentioned earlier, since all the attributes are encrypted, we cannot simply use the traditional join strategy.  ... 
arXiv:1510.05175v4 fatcat:guoe3bcmsvdc5fo6udxd7roia4

Simultaneous scalability and security for data-intensive web applications

Amit Manjhi, Anastassia Ailamaki, Bruce M. Maggs, Todd C. Mowry, Christopher Olston, Anthony Tomasic
2006 Proceedings of the 2006 ACM SIGMOD international conference on Management of data - SIGMOD '06  
For Web applications in which the database component is the bottleneck, scalability can be provided by a third-party Database Scalability Service Provider (DSSP) that caches application data and supplies  ...  We begin by providing a method for statically identifying segments of the database that can be encrypted without impacting scalability.  ...  Gibbons, Bradley Milan, and Haifeng Yu for their valuable feedback and suggestions.  ... 
doi:10.1145/1142473.1142501 dblp:conf/sigmod/ManjhiAMMOT06 fatcat:h4rdt66mrneunlejr3xmys2c7y
« Previous Showing results 1 — 15 out of 5,463 results