Efficient Searching Over Encrypted Database: Methodology and Algorithms
10 Jan 2019-pp 327-338
TL;DR: This paper describes a modification to the Secure K-Nearest Neighbours (SkNN) technique to construct an encrypted database system and suggests an approach which combines RSA with the SkNN scheme.
Abstract: Database encryption is a process in which the data stored in the database are converted from plaintext (PT) to ciphertext (CT). The original data can be retrieved from the ciphertext with the help of a predefined key and a decryption scheme. This way, only the appropriate authority that has the key can access the data. Thus, encrypted databases help ensure data confidentiality and avoid data leaks. In this paper, we will describe a modification to the Secure K-Nearest Neighbours (SkNN) [3] technique to construct an encrypted database system. We briefly discuss some of the existing encryption models and the principles involved in their construction and look at some of the issues that plague these models. The motivation behind this paper is to devise a method that allows for strong database encryption, while at the same time facilitating efficient search over the encrypted data. In order to achieve this, we suggest an approach which combines RSA with the SkNN scheme.
Citations
More filters
29 Aug 2019
TL;DR: Two mainly concerned algorithms are RSA Algorithm and Modification in RSA Encryption Algorithm (MREA) and one of the modifications in RSA encryption algorithm is named as Homomorphic Enc encryption Algorithm.
Abstract: The primary operation performed by cloud computing is to provide dynamic storage capacity and security to its users. The main benefit from using the cloud computing is the reduction in the economic expenditure and ease in the accessibility of data. This whole mechanism involves various security algorithms; still there are some security issues which needs to be solved. In this paper, various security algorithms have been discussed in order to analyze the performance of the algorithms and to find out that which encryption algorithm is better for the data protection in the cloud computing platform. The mainly concerned algorithms in this paper are RSA Algorithm and Modification in RSA Encryption Algorithm (MREA). One of the modifications in RSA encryption algorithm is named as Homomorphic Encryption Algorithm.
2 citations
References
More filters
TL;DR: Security analysis shows that privacy of numerical information is strongly protected against cloud providers in the proposed two-cloud architecture for secure database, with a series of intersection protocols that provide privacy preservation to various numeric-related range queries.
Abstract: Industries and individuals outsource database to realize convenient and low-cost applications and services. In order to provide sufficient functionality for SQL queries, many secure database schemes have been proposed. However, such schemes are vulnerable to privacy leakage to cloud server. The main reason is that database is hosted and processed in cloud server, which is beyond the control of data owners. For the numerical range query (“>,” “<,” and so on), those schemes cannot provide sufficient privacy protection against practical challenges, e.g., privacy leakage of statistical properties, access pattern. Furthermore, increased number of queries will inevitably leak more information to the cloud server. In this paper, we propose a two-cloud architecture for secure database, with a series of intersection protocols that provide privacy preservation to various numeric-related range queries. Security analysis shows that privacy of numerical information is strongly protected against cloud providers in our proposed scheme.
64 citations
TL;DR: The application of ISGCloud into a real life case study of a Spanish public organisation, which utilises a cloud storage service in a critical security deployment, demonstrates the usefulness of the framework and its impact to the organisation.
Abstract: Context Cloud computing is a thriving paradigm that supports an efficient way to provide IT services by introducing on-demand services and flexible computing resources. However, significant adoption of cloud services is being hindered by security issues that are inherent to this new paradigm. In previous work, we have proposed ISGcloud, a security governance framework to tackle cloud security matters in a comprehensive manner whilst being aligned with an enterprise’s strategy. Objective Although a significant body of literature has started to build up related to security aspects of cloud computing, the literature fails to report on evidence and real applications of security governance frameworks designed for cloud computing environments. This paper introduces a detailed application of ISGCloud into a real life case study of a Spanish public organisation, which utilises a cloud storage service in a critical security deployment. Method The empirical evaluation has followed a formal process, which includes the definition of research questions previously to the framework’s application. We describe ISGcloud process and attempt to answer these questions gathering results through direct observation and from interviews with related personnel. Results The novelty of the paper is twofold: on the one hand, it presents one of the first applications, in the literature, of a cloud security governance framework to a real-life case study along with an empirical evaluation of the framework that proves its validity; on the other hand, it demonstrates the usefulness of the framework and its impact to the organisation. Conclusion As discussed on the paper, the application of ISGCloud has resulted in the organisation in question achieving its security governance objectives, minimising the security risks of its storage service and increasing security awareness among its users.
55 citations
TL;DR: This work proposes a dictionary based provenance scheme that outperforms other compact provenance schemes with respect to provenance size, robustness, and energy consumption, and shows that it can defend against most of the known provenance attacks.
Abstract: Due to energy and bandwidth limitations of wireless sensor networks (WSNs), it is crucial that data provenance for these networks be as compact as possible. Even if lossy compression techniques are used for encoding provenance information, the size of the provenance increases with the number of nodes traversed by the network packets. To address such issues, we propose a dictionary based provenance scheme. In our approach, each sensor node in the network stores a packet path dictionary. With the support of this dictionary, a path index instead of the path itself is enclosed with each packet. Since the packet path index is a code word of a dictionary, its size is independent of the number of nodes present in the packet's path. Furthermore, as our scheme binds the packet and its provenance through an AM-FM sketch and uses a secure packet sequence number generation technique, it can defend against most of the known provenance attacks. Through simulation and experimental results, we show that our scheme outperforms other compact provenance schemes with respect to provenance size, robustness, and energy consumption.
52 citations
Proceedings Article•
23 Jan 2011TL;DR: In this paper, a relational database system based on homomorphic encryption was proposed to preserve the integrity and confidentiality of the data and enable the execution of arithmetic operations on ciphertexts.
Abstract: publication of the RSA encryption scheme in 1978. In this paper we present a relational database system based on homomorphic encryption schemes to preserve the integrity and confidentiality of the data. Our system executes SQL queries over encrypted data. We tested our system with a recently developed homomorphic scheme that enables the execution of arithmetic operations on ciphertexts. We show that the proposed system performs accurate SQL operations, yet its performance discourages a practical implementation of this system.
34 citations
TL;DR: Simulation using a well-known database benchmark TPC-H over a commercial grade Database Management System (SQLite) demonstrates that the proposed CypherDB architecture incurs an average of about 10 percent overhead when compared with the same set of operations without secure database processing.
Abstract: CypherDB addresses the problem of protecting the confidentiality of database stored externally in a cloud and enabling efficient computation over it to thwart any curious-but-honest cloud computing service provider. It works by encrypting the entire outsourced database and executing queries over the encrypted data using our novel CypherDB secure processor architecture. To optimize computational efficiency, our proposed processor architecture provides tightly-coupled datapaths that avoid information leakage during database access and query execution. Our simulation using a well-known database benchmark TPC-H over a commercial grade Database Management System (SQLite) demonstrates that our proposed architecture incurs an average of about 10 percent overhead when compared with the same set of operations without secure database processing.
13 citations