Skip to main content
SpringerLink
Log in
Book cover

Workshop on Secure Data Management

SDM 2010: Secure Data Management pp 70–86Cite as

Joining Privately on Outsourced Data

  • Conference paper

Part of the book series: Lecture Notes in Computer Science ((LNISA,volume 6358))

Abstract

In an outsourced database framework, clients place data management with specialized service providers. Of essential concern in such frameworks is data privacy. Potential clients are reluctant to outsource sensitive data to a foreign party without strong privacy assurances beyond policy “fine–prints”. In this paper we introduce a mechanism for executing general binary JOIN operations (for predicates that satisfy certain properties) in an outsourced relational database framework with full computational privacy and low overheads – a first, to the best of our knowledge. We illustrate via a set of relevant instances of JOIN predicates, including: range and equality (e.g., for geographical data), Hamming distance (e.g., for DNA matching) and semantics (i.e., in health-care scenarios – mapping antibiotics to bacteria). We experimentally evaluate the main overhead components and show they are reasonable. For example, the initial client computation overhead for 100000 data items is around 5 minutes. Moreover, our privacy mechanisms can sustain theoretical throughputs of over 30 million predicate evaluations per second, even for an un-optimized OpenSSL based implementation.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Biometrix Int., http://www.biometrix.at/

  2. International HapMap Project, http://www.hapmap.org/

  3. TWIRL and RSA Key Size, http://www.rsasecurity.com/rsalabs/node.asp?id=2004

  4. Agrawal, R., Kiernan, J., Srikant, R., Xu, Y.: Hippocratic databases. In: Proceedings of the International Conference on Very Large Databases VLDB, pp. 143–154 (2002)

    Google Scholar 

  5. Agrawal, R., Srikant, R.: Privacy-preserving data mining. In: Proceedings of the ACM SIGMOD, pp. 439–450 (2000)

    Google Scholar 

  6. Bertino, E., Braun, M., Castano, S., Ferrari, E., Mesiti, M.: Author-X: A Java-Based System for XML Data Protection. In: IFIP DBSec, pp. 15–26 (2000)

    Google Scholar 

  7. Bertino, E., Jajodia, S., Samarati, P.: A flexible authorization mechanism for relational data management systems. ACM Transactions on Information Systems 17(2) (1999)

    Google Scholar 

  8. Bloom, B.H.: Space/time trade-offs in hash coding with allowable errors. Commun. ACM 13(7), 422–426 (1970)

    Article  MATH  Google Scholar 

  9. Boneh, D., Crescenzo, G.D., Ostrovsky, R., Persiano, G.: Public key encryption with keyword search. In: Cachin, C., Camenisch, J.L. (eds.) EUROCRYPT 2004. LNCS, vol. 3027, pp. 506–522. Springer, Heidelberg (2004)

    Chapter  Google Scholar 

  10. Broder, A., Mitzenmacher, M., Mitzenmacher, A.B.I.M.: Network applications of bloom filters: A survey. In: Internet Mathematics, pp. 636–646 (2002)

    Google Scholar 

  11. Chang, Y.-C., Mitzenmacher, M.: Privacy preserving keyword searches on remote encrypted data. In: ACNS (2005)

    Google Scholar 

  12. Clifton, C., Kantarcioglu, M., Doan, A., Schadow, G., Vaidya, J., Elmagarmid, A., Suciu, D.: Privacy-preserving data integration and sharing. In: The 9th ACM SIGMOD workshop on Research issues in data mining and knowledge discovery, pp. 19–26. ACM Press, New York (2004)

    Chapter  Google Scholar 

  13. Clifton, C., Marks, D.: Security and privacy implications of data mining. In: Workshop on Data Mining and Knowledge Discovery Computer Sciences, Montreal, Canada, pp. 15–19. University of British Columbia (1996)

    Google Scholar 

  14. Devanbu, P.T., Gertz, M., Martel, C., Stubblebine, S.G.: Authentic third-party data publication. In: IFIP Workshop on Database Security, pp. 101–112 (2000)

    Google Scholar 

  15. Fagin, R.: Fuzzy queries in multimedia database systems. In: Proceedings of the 17th PODS, pp. 1–10 (1998)

    Google Scholar 

  16. Fei-Fei, L., Fergus, R., Perona, P.: Learning generative visual models from few training examples. In: Proceedings of IEEE Workshop on Generative-Model Based Vision (2004)

    Google Scholar 

  17. Gartner, Inc., Server Storage and RAID Worldwide. Technical report, Gartner Group/Dataquest (1999), http://www.gartner.com

  18. Ge, T., Zdonik, S.B.: Answering aggregation queries in a secure system model. In: Very Large Databases (VLDB), pp. 519–530 (2007)

    Google Scholar 

  19. Gevers, T., Smeulders, A.W.M.: PicToSeek: Combining Color and Shape Invari- ant Features for Image Retrieval. IEEE Trans. on Image Processing 9(1), 102–119 (2000)

    Article  Google Scholar 

  20. Goh, E.: Secure indexes. Cryptology ePrint Archive, Report 2003/216 (2003), http://eprint.iacr.org/2003/216/

  21. Goldreich, O.: Foundations of Cryptography I. Cambridge University Press, Cambridge (2001)

    Book  Google Scholar 

  22. Golle, P., Staddon, J., Waters, B.: Secure conjunctive keyword search over encrypted data. In: Jakobsson, M., Yung, M., Zhou, J. (eds.) ACNS 2004. LNCS, vol. 3089, pp. 31–45. Springer, Heidelberg (2004)

    Chapter  Google Scholar 

  23. Hacigumus, H., Iyer, B., Li, C., Mehrotra, S.: Executing SQL over encrypted data in the database-service-provider model. In: Proceedings of the ACM SIGMOD international conference on Management of data, pp. 216–227. ACM Press, New York (2002)

    Google Scholar 

  24. Hacigumus, H., Iyer, B.R., Mehrotra, S.: Providing database as a service. In: IEEE International Conference on Data Engineering (ICDE) (2002)

    Google Scholar 

  25. Hale, J., Threet, J., Shenoi, S.: A framework for high assurance security of distributed objects (1997)

    Google Scholar 

  26. Hildebrandt, E., Saake, G.: User Authentication in Multidatabase Systems. In: Proceedings of the Ninth International Workshop on Database and Expert Systems Applications, Vienna, Austria, (August 26-28, 1998)

    Google Scholar 

  27. Hore, B., Mehrotra, S., Tsudik, G.: A privacy-preserving index for range queries. In: Proceedings of VLDB (2004)

    Google Scholar 

  28. Jajodia, S., Samarati, P., Subrahmanian, V.S.: A logical language for expressing authorizations. IEEE S&P, 31–42 (1997)

    Google Scholar 

  29. Jajodia, S., Samarati, P., Subrahmanian, V.S., Bertino, E.: A unified framework for enforcing multiple access control policies. In: SIGMOD (1997)

    Google Scholar 

  30. LeFevre, K., Agrawal, R., Ercegovac, V., Ramakrishnan, R., Xu, Y., DeWitt, D.J.: Limiting disclosure in hippocratic databases. In: Proceedings of VLDB, pp. 108–119 (2004)

    Google Scholar 

  31. Lenstra, A.K., Verheul, E.R.: Selecting cryptographic key sizes. J. Cryptology 14(4), 255–293 (2001)

    MATH  MathSciNet  Google Scholar 

  32. Li, Feigenbaum, Grosof: A logic-based knowledge representation for authorization with delegation. In: PCSFW: Proceedings of the 12th CSFW (1999)

    Google Scholar 

  33. Mykletun, E., Narasimha, M., Tsudik, G.: Authentication and integrity in outsourced databases. In: ISOC Symposium on Network and Distributed Systems Security NDSS (2004)

    Google Scholar 

  34. Mykletun, E., Narasimha, M., Tsudik, G.: Signature Bouquets: Immutability for Aggregated/Condensed Signatures. In: Samarati, P., Ryan, P.Y.A., Gollmann, D., Molva, R. (eds.) ESORICS 2004. LNCS, vol. 3193, pp. 160–176. Springer, Heidelberg (2004)

    Google Scholar 

  35. Narasimha, M., Tsudik, G.: DSAC: integrity for outsourced databases with signature aggregation and chaining. Technical report (2005)

    Google Scholar 

  36. Nyanchama, M., Osborn, S.L.: Access rights administration in role-based security systems. In: Proceedings of the IFIP DBSec, pp. 37–56 (1994)

    Google Scholar 

  37. Osborn, S.L.: Database security integration using role-based access control. In: Proceedings of the IFIP DBSec, pp. 245–258 (2000)

    Google Scholar 

  38. Paillier, P.: Public-key cryptosystems based on composite degree residuosity classes. In: Stern, J. (ed.) EUROCRYPT 1999. LNCS, vol. 1592, p. 223. Springer, Heidelberg (1999)

    Google Scholar 

  39. Rasikan, D., Son, S.H., Mukkamala, R.: Supporting security requirements in multilevel real-time databases (1995), http://citeseer.nj.nec.com/david95supporting.html

  40. Sandhu, R.S.: On five definitions of data integrity. In: Proceedings of the IFIP DBSec, pp. 257–267 (1993)

    Google Scholar 

  41. Song, D.X., Wagner, D., Perrig, A.: Practical techniques for searches on encrypted data. Proceedings of the IEEE S&P (2000)

    Google Scholar 

  42. Russell, B., Freeman, W.T.: LabelMe: the open annotation tool., http://labelme.csail.mit.edu/

Download references

Author information

Authors and Affiliations

  1. Applied Research Center, Motorola Labs, Schaumburg, IL, USA

    Bogdan Carbunar

  2. Computer Science, Stony Brook University, Stony Brook, NY, USA

    Radu Sion

Authors
  1. Bogdan Carbunar
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Radu Sion
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Philips Research Europe, High Tech Campus 34, 5656 AE, Eindhoven, The Netherlands

    Willem Jonker  & Milan Petković  & 

Rights and permissions

Reprints and permissions

Copyright information

© 2010 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Carbunar, B., Sion, R. (2010). Joining Privately on Outsourced Data. In: Jonker, W., Petković, M. (eds) Secure Data Management. SDM 2010. Lecture Notes in Computer Science, vol 6358. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-15546-8_6

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-15546-8_6

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-15545-1

  • Online ISBN: 978-3-642-15546-8

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation