Abstract
Although tree-based index structures have proven their advantages to both traditional and modern database applications, they introduce numerous research challenges as database services are outsourced to untrusted servers. In the outsourced database service model, crucial security research questions mainly relate to data confidentiality, data and user privacy, authentication and data integrity. To the best of our knowledge, however, none of the previous research has radically addressed the problem of preserving privacy for basic operations on such outsourced search trees. Basic operations of search trees/tree-based index structures include search (to answer different query types and updates (modification, insert, delete). In this paper, we will discuss security issues in outsourced databases that come together with search trees, and present techniques to ensure privacy in the execution of these trees’ basic operations on the untrusted server. Our techniques allow clients to operate on their outsourced tree-structured data on untrusted servers without revealing information about the query, result, and outsourced data itself.
Chapter PDF
Similar content being viewed by others
Keywords
References
Asonov, D., Freytag, J.C.: Repudiative Information Retrieval. In: ACM Workshop on Privacy in the Electronic Society, USA (2002)
Asonov, D.: Private Information Retrieval - An Overview and Current Trends. In: ECDPvA Workshop, Informatik 2001, Austria (2001)
Bayer, R.: The Universal B-Tree for Multidimensional Indexing: General Concepts. In: Int. Conf. on Worldwide Computing and Its Applications (WWCA 1997), Japan (1997)
Boehm, C., Berchtold, S., Keim, D.A.: Searching in High-Dimensional Spaces: Index Structures for Improving the Performance of Multimedia Databases. CSUR 33(3), 322–373 (2001)
Beckmann, N., Kriegel, H.-P., Schneider, R., Seeger, B.: The R*-tree: An Efficient and Robust Access Method for Points and Rectangles. ACM SIGMOD, 322–331 (1990)
Bouganim, L., Pucheral, P.: Chip-Secured Data Access: Confidential Data on Untrusted Servers. In: VLDB 2002 (2002)
Castano, S., Fugini, M.G., Martella, G., Samarati, P.: Database Security. Addison-Wesley/ACM Press (1994) ISBN 0-201-59375-0
Chor, B., Goldreich, O., Kushilevitz, E., Sudan, M.: Private Information Retrieval. In: IEEE Symposium on Foundations of Computer Science (1995)
Chakrabarti, K., Mehrotra, S.: The Hybrid Tree: An Index Structure for High Dimensional Feature Spaces. In: ICDE 1999, pp. 440–447 (1999)
Chang, Y.-C., Mitzenmacher, M.: Privacy Preserving Keyword Searches on Remote Encrypted Data. Cryptology ePrint Archive: Report 2004/051
Chávez, E., Navarro, G., Baeza-Yates, R., Marroquín, J.L.: Searching in Metric Spaces. CSUR 33(3), 273–321 (2001)
Dang, T.K.: Semantic Based Similarity Searches in Database Systems (Multidimensional Access Methods, Similarity Search Algorithms). PhD Thesis, FAW-Institute, Johannes Kepler University of Linz, Austria (May 2003)
Dang, T.K.: Extreme Security Protocols for Outsourcing Database Services. In: The 6th Int. Conf. on Information Integration and Web-based Applications and Services-iiWAS 2004, Jakarta, Indonesia, September 27-29, pp. 497–506 (2004)
Dang, T.K., Kueng, J., Wagner, R.: The SH-tree: A Super Hybrid Index Structure for Multidimensional Data. In: Mayr, H.C., Lazanský, J., Quirchmayr, G., Vogel, P. (eds.) DEXA 2001. LNCS, vol. 2113, p. 340–349 Springer, Heidelberg (2001)
Du, W., Atallah, M.J.: Protocols for Secure Remote Database Access with Approximate Matching. In: The 7th ACM Conference on Computer and Communications Security, Greece. The 1st Workshop on Security and Privacy in E-Commerce (2000)
Damiani, E., Vimercati, S.D.C., Jajodia, S., Paraboschi, S., Samarati, P.: Balancing Confidentiality and Efficiency in Untrusted Relational DBMSs. In: The 10th ACM Conference on Computer and Communication Security, USA (2003)
Damiani, E., Vimercati, S.D.C., Paraboschi, S., Samarati, P.: Implementation of a Storage Mechanism for Untrusted DBMSs. In: The 2nd International IEEE Security in Storage Workshop, USA (2003)
Gaede, V., Guenther, O.: Multidimensional Access Methods. CSUR 30(2), 170–231 (1998)
Gertner, Y., Ishai, Y., Kushilevitz, E., Malkin, T.: Protecting Data Privacy in Private Information Retrieval Schemes. In: STOC 1998, USA (1998)
Goldreich, O., Ostrovsky, R.: Software Protection and Simulation on Oblivious RAMs. Journal of the ACM 43(3), 431–473 (1996)
Guttman, A.: R-Trees: A Dynamic Index Structure for Spatial Searching. ACM SIGMOD, 47–57 (1984)
Hacigümüs, H., Iyer, B.R., Li, C., Mehrotra, S.: Executing SQL over Encrypted Data in the Database-Service-Provider Model. ACM SIGMOD, 216–227 (2002)
Hacigümüs, H., Mehrotra, S., Iyer, B.R.: Providing Database as a Service. In: ICDE 2002 (2002)
Hellerstein, J.M., Naughton, J.F., Pfeffer, A.: Generalized Search Trees for Database Systems. Technical Report #1274, University of Wisconsin at Madison (July 1995)
Johnson, T., Shasha, D.: Inserts and Deletes on B-trees: Why Free-At-Empty is Better Than Merge-At-Half. Journal of Computer Sciences and Systems 47(1), 45–76 (1993)
Katayama, N., Satoh, S.: The SR-Tree: An Index Structure for High Dimensional Nearest Neighbor Queries. ACM SIGMOD 1997, 369–380 (1997)
Lin, P., Candan, K.S.: Hiding Traversal of Tree Structured Data from Untrusted Data Stores. In: WOSIS 2004, Porto, Portugal, April 2004, pp. 314–323 (2004)
Mykletun, E., Narasimha, M., Tsudik, G.: Authentication and Integrity in Outsourced Databases. In: NDSS 2004, San Diego, California, USA, February 5-6 (2004)
Smith, S.W.: Secure Coprocessing Applications and Research Issues. Los Alamos Unclassified Release LA-UR-96-2805. Los Alamos National Laboratory (1996)
Smith, S.W., Safford, D.: Practical Server Privacy with Secure Coprocessors. IBM Systems Journal 40(3) (2001)
Sellis, T.K., Roussopoulos, N., Faloutsos, C.: The R+-Tree: A Dynamic Index for Multi-Dimensional Objects. In: VLDB 1987 (1987)
Song, D.X., Wagner, D., Perrig, A.: Practical Techniques for Searches on Encrypted Data. In: IEEE Symposium on Security and Privacy (2000)
Umar, A.: Information Security and Auditing in the Digital Age - A Managerial and Practical Perspective. NGE Solutions (December 2003) (e-book version)
White, D.A., Jain, R.: Similarity Indexing with the SS-Tree. In: ICDE 1996, pp. 516–523 (1996)
Fong, K.C.K.: Potential Security Holes in Hacigümüs’ Scheme of Executing SQL over Encrypted Data, http://www.cs.siu.edu/~kfong/research/database.pdf
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2005 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Dang, T.K. (2005). Privacy-Preserving Search and Updates for Outsourced Tree-Structured Data on Untrusted Servers. In: Herrmann, P., Issarny, V., Shiu, S. (eds) Trust Management. iTrust 2005. Lecture Notes in Computer Science, vol 3477. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11429760_23
Download citation
DOI: https://doi.org/10.1007/11429760_23
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-26042-4
Online ISBN: 978-3-540-32040-1
eBook Packages: Computer ScienceComputer Science (R0)