Skip to main content
SpringerLink
Log in

Enforcing Privacy in Cloud Databases

  • Conference paper
  • First Online:
Big Data Analytics and Knowledge Discovery (DaWaK 2017)

Part of the book series: Lecture Notes in Computer Science ((LNISA,volume 10440))

Included in the following conference series:

Abstract

Outsourcing databases, i.e., resorting to Database-as-a-Service (DBaaS), is nowadays a popular choice due to the elasticity, availability, scalability and pay-as-you-go features of cloud computing. However, most data are sensitive to some extent, and data privacy remains one of the top concerns to DBaaS users, for obvious legal and competitive reasons. In this paper, we survey the mechanisms that aim at making databases secure in a cloud environment, and discuss current pitfalls and related research challenges.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Aggarwal, C.C., Yu, P.S.: A general survey of privacy-preserving data mining models and algorithms. In: Aggarwal, C.C., Yu, P.S. (eds.) Privacy-Preserving Data Mining: Models and Algorithms, pp. 11–52. Springer, Boston (2008)

    Chapter  Google Scholar 

  2. Aggarwal, G., Bawa, M., Ganesan, P., Garcia-Molina, H., Kenthapadi, K., Motwani, R., Srivastava, U., Thomas, D., Ying, X.: Two can keep a secret: a distributed architecture for secure database services. In: 2nd Biennial Conference on Innovative Data Systems Research (CIDR), Asilomar, CA, USA, pp. 186–199 (2005)

    Google Scholar 

  3. Agrawal, D., El Abbadi, A., Emekçi, F., Metwally, A.: Database management as a service: challenges and opportunities. In: 25th International Conference on Data Engineering (ICDE), Shanghai, China, pp. 1709–1716 (2009)

    Google Scholar 

  4. Agrawal, R., Kiernan, J., Srikant, R., Xu, Y.: Order-preserving encryption for numeric data. In: ACM SIGMOD International Conference on Management of Data (SIGMOD), Paris, France, pp. 563–574 (2004)

    Google Scholar 

  5. Agrawal, R., Srikant, R., Thomas, D.: Privacy preserving OLAP. In: ACM SIGMOD International Conference on Management of Data (SIGMOD), Baltimore, MD, USA, pp. 251–262 (2005)

    Google Scholar 

  6. Apache Software Foundation. Apache Spark - Lightning-fast cluster computing (2016). https://spark.apache.org

  7. Apache Software Foundation. Hadoop (2016). http://hadoop.apache.org

  8. Arasu, A., Blanas, S., Eguro, K., Kaushik, R., Kossmann, D., Ramamurthy, R., Venkatesan, R.: Orthogonal security with cipherbase. In: 6th Biennial Conference on Innovative Data Systems Research (CIDR), Asilomar, CA, USA (2013)

    Google Scholar 

  9. Arasu, A., Eguro, K., Joglekar, M., Kaushik, R., Kossmann, D., Ramamurthy, R.: Transaction processing on confidential data using Cipherbase. In: 31st IEEE International Conference on Data Engineering (ICDE), Seoul, Korea, pp. 435–446 (2015)

    Google Scholar 

  10. Arnold, T.W., Buscaglia, C.U., Chan, F., Condorelli, V., Dayka, J.C., Santiago-Fernandez, W., Hadzic, N., Hocker, M.D., Jordan, M., Morris, T.E., Werner, K.: IBM 4765 cryptographic coprocessor. IBM J. Res. Dev. 56(1), 10 (2012)

    Google Scholar 

  11. Attasena, V., Harbi, N., Darmont, J.: fVSS: A new secure and cost-efficient scheme for cloud data warehouses. In: 7th International Workshop on Data Warehousing and OLAP (DOLAP), Shanghai, China, pp. 81–90 (2014)

    Google Scholar 

  12. Bajaj, S., Sion, R.: TrustedDB: a trusted hardware based database with privacy and data confidentiality. In: ACM SIGMOD International Conference on Management of Data (SIGMOD), Athens, Greece, pp. 205–216 (2011)

    Google Scholar 

  13. Bellare, M., Boldyreva, A., O’Neill, A.: Deterministic and efficiently searchable encryption. In: Menezes, A. (ed.) CRYPTO 2007. LNCS, vol. 4622, pp. 535–552. Springer, Heidelberg (2007). doi:10.1007/978-3-540-74143-5_30

    Chapter  Google Scholar 

  14. Boldyreva, A., Chenette, N., Lee, Y., O’Neill, A.: Order-preserving symmetric encryption. In: Joux, A. (ed.) EUROCRYPT 2009. LNCS, vol. 5479, pp. 224–241. Springer, Heidelberg (2009). doi:10.1007/978-3-642-01001-9_13

    Chapter  Google Scholar 

  15. Boneh, D., Di Crescenzo, G., Ostrovsky, R., Persiano, G.: Public key encryption with keyword search. In: Cachin, C., Camenisch, J.L. (eds.) EUROCRYPT 2004. LNCS, vol. 3027, pp. 506–522. Springer, Heidelberg (2004). doi:10.1007/978-3-540-24676-3_30

    Chapter  Google Scholar 

  16. Bösch, C., Hartel, P.H., Jonker, W., Peter, A.: A survey of provably secure searchable encryption. ACM Comput. Surv. 47(2), 18:1–18:51 (2014)

    Article  Google Scholar 

  17. Cachin, C., Micali, S., Stadler, M.: Computationally private information retrieval with polylogarithmic communication. In: Stern, J. (ed.) EUROCRYPT 1999. LNCS, vol. 1592, pp. 402–414. Springer, Heidelberg (1999). doi:10.1007/3-540-48910-X_28

    Chapter  Google Scholar 

  18. Chang, Y.-C.: Single database private information retrieval with logarithmic communication. In: Wang, H., Pieprzyk, J., Varadharajan, V. (eds.) ACISP 2004. LNCS, vol. 3108, pp. 50–61. Springer, Heidelberg (2004). doi:10.1007/978-3-540-27800-9_5

    Chapter  Google Scholar 

  19. Chor, B., Kushilevitz, E., Goldreich, O., Sudan, M.: Private Information Retrieval. Journal of the ACM 45(6), 965–981 (1998)

    Article  MathSciNet  MATH  Google Scholar 

  20. Ciriani, V., De Capitani, S., di Vimercati, S., Foresti, S.J., Paraboschi, S., Samarati, P.: Selective data outsourcing for enforcing privacy. J. Comput. Secur. 19(3), 531–566 (2011)

    Article  Google Scholar 

  21. Damiani, E., De Capitani di Vimercati, S., Jajodia, S., Paraboschi, S., Samarati, P.: Balancing confidentiality and efficiency in untrusted relational DBMSs. In: 10th ACM Conference on Computer and Communications Security (CCS), Washington, DC, USA, pp. 93–102 (2003)

    Google Scholar 

  22. Davida, G.I., Wells, D.L., Kam, J.B.: A database encryption system with subkeys. ACM Trans. Database Syst. 6(2), 312–328 (1981)

    Article  MathSciNet  Google Scholar 

  23. de Montjoye, Y.-A., Hidalgo, C.A., Verleysen, M., Blondel, V.D.: Unique in the crowd: the privacy bounds of human mobility. Nature Scientific Reports 3, Article number: 1376 (2013). http://www.nature.com/articles/srep01376

  24. Dwork, C.: Differential privacy. In: Bugliesi, M., Preneel, B., Sassone, V., Wegener, I. (eds.) ICALP 2006. LNCS, vol. 4052, pp. 1–12. Springer, Heidelberg (2006). doi:10.1007/11787006_1

    Chapter  Google Scholar 

  25. Dwork, C.: Differential privacy. In: van Tilborg, H.C.A., Jajodia, S. (eds.) Encyclopedia of Cryptography and Security, pp. 338–340. Springer, New York (2011)

    Google Scholar 

  26. Eguro, K., Venkatesan, R.: FPGAs for trusted cloud computing. In: 22nd International Conference on Field Programmable Logic and Applications (FPL), Oslo, Norway, pp. 63–70 (2012)

    Google Scholar 

  27. El Gamal, T.: A public key cryptosystem and a signature scheme based on discrete logarithms. IEEE Trans. Inf. Theory 31(4), 469–472 (1985)

    Article  MathSciNet  Google Scholar 

  28. Elovici, Y., Waisenberg, R., Shmueli, E., Gudes, E.: A structure preserving database encryption scheme. In: Jonker, W., Petković, M. (eds.) SDM 2004. LNCS, vol. 3178, pp. 28–40. Springer, Heidelberg (2004). doi:10.1007/978-3-540-30073-1_3

    Chapter  Google Scholar 

  29. Furukawa, J.: Short comparable encryption. In: Gritzalis, D., Kiayias, A., Askoxylakis, I. (eds.) CANS 2014. LNCS, vol. 8813, pp. 337–352. Springer, Cham (2014). doi:10.1007/978-3-319-12280-9_22

    Google Scholar 

  30. Ge, T., Zdonik, S.B.: Answering aggregation queries in a secure system model. In: 33rd International Conference on Very Large Data Bases (VLDB), Vienna, Austria, pp. 519–530 (2007)

    Google Scholar 

  31. Gentry, C.: A fully homomorphic encryption scheme. Ph.D. thesis, Stanford University (2009)

    Google Scholar 

  32. Goldreich, O., Ostrovsky, R.: Software protection and simulation on oblivious RAMs. J. ACM 43(3), 431–473 (1996)

    Article  MathSciNet  MATH  Google Scholar 

  33. Hacigümüs, H., Iyer, B.R., Li, C., Mehrotra, S.: Executing SQL over encrypted data in the database-service-provider model. In: ACM SIGMOD International Conference on Management of Data (SIGMOD), Madison, WI, USA, pp. 216–227 (2002)

    Google Scholar 

  34. Hacıgümüş, H., Iyer, B.R., Mehrotra, S.: Efficient execution of aggregation queries over encrypted relational databases. In: Lee, Y.J., Li, J., Whang, K.-Y., Lee, D. (eds.) DASFAA 2004. LNCS, vol. 2973, pp. 125–136. Springer, Heidelberg (2004). doi:10.1007/978-3-540-24571-1_10

    Chapter  Google Scholar 

  35. Hadavi, M.A., Damiani, E., Jalili, R., Cimato, S., Ganjei, Z.: AS5: a secure searchable secret sharing scheme for privacy preserving database outsourcing. In: Pietro, R., Herranz, J., Damiani, E., State, R. (eds.) DPM/SETOP -2012. LNCS, vol. 7731, pp. 201–216. Springer, Heidelberg (2013). doi:10.1007/978-3-642-35890-6_15

    Chapter  Google Scholar 

  36. Hadavi, M.A., Jalili, R.: Secure data outsourcing based on threshold secret sharing; towards a more practical solution. In: 36th International Conference on Very Large Data Bases (VLDB) PhD Workshop, Singapore, pp. 54–59 (2010)

    Google Scholar 

  37. Hadavi, M.A., Noferesti, M., Jalili, R., Damiani, E.: Database as a service: towards a unified solution for security requirements. In: 36th Annual IEEE Computer Software and Applications Conference (COMPSAC) Workshops, Izmir, Turkey, pp. 415–420 (2012)

    Google Scholar 

  38. Hore, B., Mehrotra, S., Canim, M., Kantarcioglu, M.: Secure multidimensional range queries over outsourced data. VLDB J. 21(3), 333–358 (2012)

    Article  Google Scholar 

  39. Hore, B., Mehrotra, S., Hacigümüç, H.: Managing and querying encrypted data. In: Gertz, M., Jajodia, S. (eds.) Handbook of Database Security, pp. 163–190. Springer, Boston (2008)

    Chapter  Google Scholar 

  40. Hore, B., Mehrotra, S., Tsudik, G.: A privacy-preserving index for range queries. In: 30th International Conference on Very Large Data Bases (VLDB), Toronto, Canada, pp. 720–731 (2004)

    Google Scholar 

  41. Kadhem, H., Amagasa, T., Hiroyuki Kitagawa, M.-O.: Multivalued-order preserving encryption scheme: a novel scheme for encrypting integer value to many different values. IEICE Trans. Inf. Syst. 93–D(9), 2520–2533 (2010)

    Article  Google Scholar 

  42. Kellaris, G., Kollios, G., Nissim, K., O’Neill, A.: Generic attacks on secure outsourced databases. In: 23rd ACM Conference on Computer and Communications Security (CCS), Vienna, Austria, pp. 1329–1340 (2016)

    Google Scholar 

  43. Kerschbaum, F., Grofig, P., Hang, I., Härterich, M., Kohler, M., Schaad, A., Schröpfer, A., Tighzert, W.: Adjustably encrypted in-memory column-store. In: ACM SIGSAC Conference on Computer and Communications Security (CCS), Berlin, Germany, pp. 1325–1328 (2013)

    Google Scholar 

  44. Krawczyk, H.: Secret sharing made short. In: Stinson, D.R. (ed.) CRYPTO 1993. LNCS, vol. 773, pp. 136–146. Springer, Heidelberg (1994). doi:10.1007/3-540-48329-2_12

    Chapter  Google Scholar 

  45. Liu, Z., Chen, X., Yang, J., Jia, C., You, I.: New order preserving encryption model for outsourced databases in cloud environments. J. Netw. Comput. Appl. 59, 198–207 (2016)

    Article  Google Scholar 

  46. Lopes, C.C., Times, V.C., Matwin, S., Ciferri, R.R., Ciferri, C.D.A.: Processing OLAP queries over an encrypted data warehouse stored in the cloud. In: Bellatreche, L., Mohania, M.K. (eds.) DaWaK 2014. LNCS, vol. 8646, pp. 195–207. Springer, Cham (2014). doi:10.1007/978-3-319-10160-6_18

    Google Scholar 

  47. Lueks, W., Goldberg, I.: Sublinear scaling for multi-client private information retrieval. In: Böhme, R., Okamoto, T. (eds.) FC 2015. LNCS, vol. 8975, pp. 168–186. Springer, Heidelberg (2015). doi:10.1007/978-3-662-47854-7_10

    Chapter  Google Scholar 

  48. Mavroforakis, C., Chenette, N., O’Neill, A., Kollios, G., Canetti, R.: Modular order-preserving encryption, Revisited. In: ACM SIGMOD International Conference on Management of Data, Melbourne, Australia, pp. 763–777 (2015)

    Google Scholar 

  49. Mykletun, E., Tsudik, G.: Aggregation queries in the database-as-a-service model. In: Damiani, E., Liu, P. (eds.) DBSec 2006. LNCS, vol. 4127, pp. 89–103. Springer, Heidelberg (2006). doi:10.1007/11805588_7

    Chapter  Google Scholar 

  50. Naveed, M., Kamara, S., Wright, C.V.: Inference attacks on property-preserving encrypted databases. In: 22nd ACM SIGSAC Conference on Computer and Communications Security (CCS), Denver, CO, USA, pp. 644–655 (2015)

    Google Scholar 

  51. Oracle Corporation. Data Masking Best Practices. White paper (2013)

    Google Scholar 

  52. Özsoyoglu, G., Singer, D.A., Chung, S.S.: Anti-tamper databases: querying encrypted databases. In: 17th Annual IFIP WG 11.3 Working Conference on Data and Application Security (DBSec), Estes Park, CO, USA, pp. 133–146 (2003)

    Google Scholar 

  53. Paillier, P.: Public-key cryptosystems based on composite degree residuosity classes. In: Stern, J. (ed.) EUROCRYPT 1999. LNCS, vol. 1592, pp. 223–238. Springer, Heidelberg (1999). doi:10.1007/3-540-48910-X_16

    Chapter  Google Scholar 

  54. Popa, R.A., Redfield, C.M.S., Zeldovich, N., Balakrishnan, H.: CryptDB: protecting confidentiality with encrypted query processing. In: 23rd ACM Symposium on Operating Systems Principles (SOSP), Cascais, Portugal, pp. 85–100 (2011)

    Google Scholar 

  55. Popa, R.A.: Building practical systems that compute on encrypted data. Ph.D. thesis, Massachusetts Institute of Technology (2014)

    Google Scholar 

  56. Ricci, S., Domingo-Ferrer, J., Sánchez, D.: Privacy-preserving cloud-based statistical analyses on sensitive categorical data. In: Torra, V., Narukawa, Y., Navarro-Arribas, G., Yañez, C. (eds.) MDAI 2016. LNCS (LNAI), vol. 9880, pp. 227–238. Springer, Cham (2016). doi:10.1007/978-3-319-45656-0_19

    Chapter  Google Scholar 

  57. Rivest, R.L., Adleman, L., Dertouzos, M.L.: On data banks and privacy homomorphisms. Found. Secure Comput. 4(11), 169–180 (1978)

    MathSciNet  Google Scholar 

  58. Saleh, E., Alsa’deh, A., Kayed, A., Meinel, C.: Processing over encrypted data: between theory and practice. SIGMOD Rec. 45(3), 5–16 (2016)

    Article  Google Scholar 

  59. Samarati, P., De Capitani di Vimercati, S.: Data protection in outsourcing scenarios: issues and directions. In: 5th ACM Symposium on Information, Computer and Communications Security (ASIACCS), Beijing, China, pp. 1–14 (2010)

    Google Scholar 

  60. Shamir, A.: How to share a secret. Commun. ACM 22(11), 612–613 (1979)

    Article  MathSciNet  MATH  Google Scholar 

  61. Shmueli, E., Waisenberg, R., Elovici, Y., Gudes, E.: Designing secure indexes for encrypted databases. In: Jajodia, S., Wijesekera, D. (eds.) DBSec 2005. LNCS, vol. 3654, pp. 54–68. Springer, Heidelberg (2005). doi:10.1007/11535706_5

    Chapter  Google Scholar 

  62. Sion, R.: Towards secure data outsourcing. In: Gertz, M., Jajodia, S. (eds.) Handbook of Database Security - Applications and Trends, pp. 137–161. Springer, Boston (2008)

    Chapter  Google Scholar 

  63. Song, D.X., Wagner, D., Perrig, A.: Practical techniques for searches on encrypted data. In: IEEE Symposium on Security and Privacy (SP), Berkeley, CA, USA, pp. 44–55 (2000)

    Google Scholar 

  64. Stefanov, E., van Dijk, M., Shi, E., Fletcher, C.W., Ren, L., Xiangyao, Y., Devadas, S.: Path ORAM: an extremely simple oblivious RAM protocol. In: ACM SIGSAC Conference on Computer and Communications Security (CCS), Berlin, Germany, pp. 299–310 (2013)

    Google Scholar 

  65. Sun, W., Lou, W., Hou, Y.T., Li, H.: Privacy-preserving keyword search over encrypted data in cloud computing. In: Jajodia, S., Kant, K., Samarati, P., Singhal, A., Swarup, V., Wang, C. (eds.) Secure Cloud Computing, pp. 189–212. Springer, New York (2014). doi:10.1007/978-1-4614-9278-8_9

    Chapter  Google Scholar 

  66. Sung, S.Y., Liu, Y., Xiong, H., Ng, P.A.: Privacy preservation for data cubes. Knowl. Inf. Syst. 9(1), 38–61 (2006)

    Article  Google Scholar 

  67. Sweeney, L.: k-Anonymity: a model for protecting privacy. Int. J. Uncertain. Fuzziness Knowl. Based Syst. 10(5), 557–570 (2002)

    Article  MathSciNet  MATH  Google Scholar 

  68. Thompson, B., Haber, S., Horne, W.G., Sander, T., Yao, D.: Privacy-preserving computation and verification of aggregate queries on outsourced databases. In: Goldberg, I., Atallah, M.J. (eds.) PETS 2009. LNCS, vol. 5672, pp. 185–201. Springer, Heidelberg (2009). doi:10.1007/978-3-642-03168-7_11

    Chapter  Google Scholar 

  69. Transaction Performance Processing Council. TPC Benchmark H (Decision Support) Standard Specification Revision 2.1 (2014). http://www.tpc.org

  70. Tu, S., Kaashoek, M.F., Madden, S., Zeldovich, N.: Processing analytical queries over encrypted data. Proc. VLDB Endowment 6(5), 289–300 (2013)

    Article  Google Scholar 

  71. Wang, S., Agrawal, D., El Abbadi, A.: A comprehensive framework for secure query processing on relational data in the cloud. In: Jonker, W., Petković, M. (eds.) SDM 2011. LNCS, vol. 6933, pp. 52–69. Springer, Heidelberg (2011). doi:10.1007/978-3-642-23556-6_4

    Chapter  Google Scholar 

  72. Wang, W.H., Lakshmanan, L.V.S.: Efficient secure query evaluation over encrypted XML databases. In: 32nd International Conference on Very Large Data Bases, Seoul, Korea, pp. 127–138 (2006)

    Google Scholar 

  73. Williams, P., Sion, R.: Access privacy and correctness on untrusted storage. ACM Trans. Inf. Syst. Secur. 16(3), 12 (2013)

    Article  Google Scholar 

  74. Xiao, X., Bender, G., Hay, M., Gehrke, J.: iReduct: differential privacy with reduced relative errors. In: ACM SIGMOD International Conference on Management of Data (SIGMOD), Athens, Greece, pp. 229–240 (2011)

    Google Scholar 

  75. Xiong, L., Chitti, S., Liu, L.: Preserving data privacy in outsourcing data aggregation services. ACM Trans. Internet Technol. 7(3), 17 (2007)

    Article  Google Scholar 

  76. Yang, Y., Zhang, Z., Miklau, G., Winslett, M., Xiao, X.: Differential privacy in data publication and analysis. In: ACM SIGMOD International Conference on Management of Data, Scottsdale, AZ, USA, pp. 601–606 (2012)

    Google Scholar 

  77. Yuhanna, N., Gilpin, M., Knoll, A.: Your Enterprise Database Security Strategy 2010 (2009). Forrester - http://www.oracle.com/us/ciocentral/forrester-database-security-396253.pdf

Download references

Author information

Authors and Affiliations

  1. Université de Lyon, Lyon 2, Lyon 1, ERIC EA 3083, 5 avenue Pierre Mendès France, 69676, Bron Cedex, France

    Somayeh Sobati Moghadam, Jérôme Darmont & Gérald Gavin

Authors
  1. Somayeh Sobati Moghadam
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Jérôme Darmont
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Gérald Gavin
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding authors

Correspondence to Somayeh Sobati Moghadam or Jérôme Darmont .

Editor information

Editors and Affiliations

  1. LIAS/ISAE-ENSMA, Chasseneuil, France

    Ladjel Bellatreche

  2. University of Texas at Arlington, Arlington, Texas, USA

    Sharma Chakravarthy

Rights and permissions

Reprints and permissions

Copyright information

© 2017 Springer International Publishing AG

About this paper

Cite this paper

Sobati Moghadam, S., Darmont, J., Gavin, G. (2017). Enforcing Privacy in Cloud Databases. In: Bellatreche, L., Chakravarthy, S. (eds) Big Data Analytics and Knowledge Discovery. DaWaK 2017. Lecture Notes in Computer Science(), vol 10440. Springer, Cham. https://doi.org/10.1007/978-3-319-64283-3_5

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-64283-3_5

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-64282-6

  • Online ISBN: 978-3-319-64283-3

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation