Abstract
In this paper, we investigate the key management issues in encrypted database environments. We study the issues in the context database-as-a-service (DAS) model that allows organizations to outsource their data management infrastructures to a database service provider. In the DAS model, a service provider employs data encryption techniques to ensure the privacy of hosted data. The security of encryption techniques relies on the confidentiality of the encryption keys. The dynamic nature of the encrypted database in the DAS model adds complexity and rises specific requirements on the key management techniques. Key updates are particularly critical because of their potential impact on overall system performance and resources usage. In this paper, we propose specialized techniques and data structures to efficiently implement the key updates along with the other key management functions to improve the systems’ concurrency performance in the DAS model.
Chapter PDF
Similar content being viewed by others
Keywords
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
References
R. Agrawal, J. Kiernan, R. Srikant, and Y. Xu. Hippocratic databases. In Proc. of VLDB, 2002.
S. Chaudhuri, E. Christensen, G. Graefe, V. R. Narasayya, and M. J. Zwilling. Self-tuning technology in microsoft sql server. Data Engineering Bulletin, 22(2):20–26, 1999.
Computer Security Institute. CSI/FBI Computer Crime and Security Survey. http://www.gocsi.com, 2002.
ComputerWorld. J.P. Morgan signs outsourcing deal with IBM. Dec. 30, 2002.
E. Damiani, S. D. C. di Vimercati, S. Jajodia, S. Paraboschi, and P. Samarati. Balancing confidentiality and efficiency in untrusted Relational DBMSs. In Proc. of 10th ACM Conf. On Computer and Communications Security, 2003.
B. Fernandez, R. C. Summers, and C. Wood. Database Security and Integrity. Addison-Wesley, 1981.
H. Hacigümüş, B. Iyer, C. Li, and S. Mehrotra. Executing SQL over Encrypted Data in Database Service Provider Model. In Proc. of ACM SIGMOD, 2002.
H. Hacigümüş, B. Iyer, and S. Mehrotra. Providing Database as a Service. In Proc. of ICDE, 2002.
H. Hacigümüş, B. Iyer, and S. Mehrotra. Ensuring the Integrity of Encrypted Databases in Database as a Service Model. In Proc. of 17th IFIP WG 11.3 Conference on Data and Applications Security, 2003.
H. Hacigümüş, B. Iyer, and S. Mehrotra. Efficient Execution of Aggregation Queries over Encrypted Relational Databases. In Proc. of International Conference on Database Systems for Advanced Applications (DASFAA), 2004.
J. He and M. Wang. Cryptography and relational database management systems. In Proc. of IDEAS’ 01, 2001.
T. Lunt and E. B. Fernandez. Database Security. ACM SIGMOD Record, 19(4), 1990.
D. R. Menezes, P. C. van Oorschot, and S. A. Vanstone. Handbook of Applied Cryptography. CRC Press, 1997.
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2004 Springer Science + Business Media, Inc.
About this paper
Cite this paper
Hacigümüs, H., Mehrotra, S. (2004). Performance-Conscious Key Management in Encrypted Databases. In: Farkas, C., Samarati, P. (eds) Research Directions in Data and Applications Security XVIII. IFIP International Federation for Information Processing, vol 144. Springer, Boston, MA. https://doi.org/10.1007/1-4020-8128-6_7
Download citation
DOI: https://doi.org/10.1007/1-4020-8128-6_7
Publisher Name: Springer, Boston, MA
Print ISBN: 978-1-4020-8127-9
Online ISBN: 978-1-4020-8128-6
eBook Packages: Springer Book Archive