[go: up one dir, main page]
More Web Proxy on the site http://driver.im/
Skip to main content
Springer Nature Link
Log in

Zero Update Encryption Adjustment on Encrypted Database Queries

  • Conference paper
  • First Online:
Information Systems Security and Privacy (ICISSP 2021, ICISSP 2022)

Part of the book series: Communications in Computer and Information Science ((CCIS,volume 1851))

  • 145 Accesses

Abstract

Multilayered encryption of data is used in the popular approaches to querying encrypted databases, such as [34]. The encryption level of a particular data element can be adjusted to provide a controllable leak of the information about data required for a query execution. Zero Update (ZU) Encryption Adjustment is part of broader Release-Aware Encryption Adjustment (RAEA) schema and seeks to avoid unnecessary data leakage into data storage and reduce numerous communications rounds for multiple query executions. In this paper, we examine Zero Update Encryption Adjustment [11] on the client side. We investigate ZU’s performance by constructing specific queries and analysing performance factors such as increasing the number of expressions conditions in a query or documents matching the results as well as utilising indexes. In addition, we evaluated the ZU using a variety of database models. The performance of ZU is compared using three different databases: MongoDB, OrientDB, and MySQL. The results demonstrate the efficiency of Zero Update Encryption Adjustment, which allows for efficient querying over encrypted data on the client-side while maintaining security and performance trade-offs.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Institutional subscriptions

References

  1. yelp dataset. https://www.yelp.com/dataset. Accessed 2 July 2022

  2. Aboutorabi, S.H., Rezapour, M., Moradi, M., Ghadiri, N.: Performance evaluation of SQL and MongoDB databases for big e-commerce data. In: 2015 International Symposium on Computer Science and Software Engineering (CSSE), pp. 1–7. IEEE (2015)

    Google Scholar 

  3. Aburawi, N., Coenen, F., Lisitsa, A.: Traversal-aware encryption adjustment for graph databases

    Google Scholar 

  4. Aburawi, N., Coenen, F., Lisitsa, A.: Traversal-aware encryption adjustment for graph databases. In: DATA, pp. 381–387 (2018)

    Google Scholar 

  5. Aburawi, N., Coenen, F., Lisitsa, A.: Querying encrypted data in graph databases. In: Khalaf, M.I., Al-Jumeily, D., Lisitsa, A. (eds.) ACRIT 2019. CCIS, vol. 1174, pp. 367–382. Springer, Cham (2020). https://doi.org/10.1007/978-3-030-38752-5_29

    Chapter  Google Scholar 

  6. Aburawi, N., Lisitsa, A., Coenen, F.: Querying encrypted graph databases. In: Proceedings of the 4th International Conference on Information Systems Security and Privacy. SCITEPRESS-Science and Technology Publications (2018)

    Google Scholar 

  7. Almarwani, M., Konev, B., Lisitsa, A.: Fine-grained access control for querying over encrypted document-oriented database. In: Mori, P., Furnell, S., Camp, O. (eds.) ICISSP 2019. CCIS, vol. 1221, pp. 403–425. Springer, Cham (2020). https://doi.org/10.1007/978-3-030-49443-8_19

    Chapter  Google Scholar 

  8. Almarwani, M., Konev, B., Lisitsa, A.: Flexible access control and confidentiality over encrypted data for document-based database. In: Proceedings of the 4th International Conference on Information Systems Security and Privacy. SCITEPRESS-Science and Technology Publications (2019)

    Google Scholar 

  9. Almarwani, M., Konev, B., Lisitsa, A.: Release-aware encryption adjustment query processing for document database. In: Proceedings of the 4th International Conference on Information Systems Security and Privacy. SCITEPRESS-Science and Technology Publications (2020)

    Google Scholar 

  10. Almarwani, M., Konev, B., Lisitsa, A.: Release-aware in-out encryption adjustment in MongoDB query processing. In: Proceedings of the 4th International Conference on Information Systems Security and Privacy. SCITEPRESS-Science and Technology Publications (2021)

    Google Scholar 

  11. Almarwani, M., Konev, B., Lisitsa, A.: Efficient and secure encryption adjustment for JSON data. In: Proceedings of the 4th International Conference on Information Systems Security and Privacy. SCITEPRESS-Science and Technology Publications (2022)

    Google Scholar 

  12. Arasu, A., et al.: Orthogonal security with cipherbase. In: CIDR (2013)

    Google Scholar 

  13. Arasu, A., Eguro, K., Kaushik, R., Ramamurthy, R.: Querying encrypted data (tutorial). In: 2014 ACM SIGMOD Conference, June 2014. https://www.microsoft.com/en-us/research/publication/querying-encrypted-data-tutorial-2/

  14. Bajaj, S., Sion, R.: TrustedDB: a trusted hardware-based database with privacy and data confidentiality. IEEE Trans. Knowl. Data Eng. 26(3), 752–765 (2013)

    Article  Google Scholar 

  15. Bharti, S.: Security analysis of MongoDB and its comparison with relational databases

    Google Scholar 

  16. Boldyreva, A., Chenette, N., Lee, Y., O’Neill, A.: Order-preserving symmetric encryption. In: Joux, A. (ed.) EUROCRYPT 2009. LNCS, vol. 5479, pp. 224–241. Springer, Heidelberg (2009). https://doi.org/10.1007/978-3-642-01001-9_13

    Chapter  Google Scholar 

  17. Boldyreva, A., Chenette, N., O’Neill, A.: Order-preserving encryption revisited: improved security analysis and alternative solutions. In: Rogaway, P. (ed.) CRYPTO 2011. LNCS, vol. 6841, pp. 578–595. Springer, Heidelberg (2011). https://doi.org/10.1007/978-3-642-22792-9_33

    Chapter  Google Scholar 

  18. Čerešňák, R., Kvet, M.: Comparison of query performance in relational a non-relation databases. Transp. Res. Procedia 40, 170–177 (2019)

    Article  Google Scholar 

  19. OrientDB community: OrientDB documentation (2022). https://orientdb.org/. Accessed 1 July 2022

  20. Daemen, J., Rijmen, V.: AES proposal: Rijndael (1999)

    Google Scholar 

  21. Chang, M.-L.E., Chua, H.N.: SQL and NoSQL database comparison. In: Arai, K., Kapoor, S., Bhatia, R. (eds.) FICC 2018. AISC, vol. 886, pp. 294–310. Springer, Cham (2019). https://doi.org/10.1007/978-3-030-03402-3_20

    Chapter  Google Scholar 

  22. Deari, R., Zenuni, X., Ajdari, J., Ismaili, F., Raufi, B.: Analysis and comparison of document-based databases with SQL relational databases: MongoDB vs MySQL. In: Proceedings of the International Conference on Information Technologies (InfoTech 2018), pp. 1–10 (2018)

    Google Scholar 

  23. Dipina Damodaran, B., Salim, S., Vargese, S.M.: Performance evaluation of MySQL and MongoDB databases. Int. J. Cybern. Inform. (IJCI) 5 (2016)

    Google Scholar 

  24. Egorov, M., Wilkison, M.: Zerodb White paper. arXiv preprint arXiv:1602.07168 (2016)

  25. ElGamal, T.: A public key cryptosystem and a signature scheme based on discrete logarithms. IEEE Trans. Inf. Theory 31(4), 469–472 (1985)

    Article  MathSciNet  MATH  Google Scholar 

  26. Hacigümüş, H., Iyer, B., Li, C., Mehrotra, S.: Executing SQL over encrypted data in the database-service-provider model. In: Proceedings of the 2002 ACM SIGMOD International Conference on Management of Data, pp. 216–227 (2002)

    Google Scholar 

  27. Keshavarz, S.: Analyzing performance differences between MySQL and MongoDB (2021)

    Google Scholar 

  28. Li, J., Liu, Z., Chen, X., Xhafa, F., Tan, X., Wong, D.S.: L-encdb: a lightweight framework for privacy-preserving data queries in cloud computing. Knowl.-Based Syst. 79, 18–26 (2015)

    Article  Google Scholar 

  29. Mitterer, M., Niedermayer, H., von Maltitz, M., Carle, G.: An experimental performance analysis of the cryptographic database ZeroDB. In: Proceedings of the 1st Workshop on Privacy by Design in Distributed Systems, pp. 1–5 (2018)

    Google Scholar 

  30. Paillier, P.: Public-key cryptosystems based on composite degree residuosity classes. In: Stern, J. (ed.) EUROCRYPT 1999. LNCS, vol. 1592, pp. 223–238. Springer, Heidelberg (1999). https://doi.org/10.1007/3-540-48910-X_16

    Chapter  Google Scholar 

  31. Pappas, V., et al.: Blind seer: a scalable private DBMS. In: 2014 IEEE Symposium on Security and Privacy, pp. 359–374. IEEE (2014)

    Google Scholar 

  32. Patel, S., Kumar, S., Katiyar, S., Shanmugam, R., Chaudhary, R.: MongoDB vs MySQL: a comparative study of MongoDB and MySQL based on their performance. Technical report, EasyChair (2020)

    Google Scholar 

  33. Poddar, R., Boelter, T., Popa, R.A.: ARX: a strongly encrypted database system. IACR Cryptol. ePrint Arch. 2016, 591 (2016)

    Google Scholar 

  34. Popa, R.A., Redfield, C., Zeldovich, N., Balakrishnan, H.: CrypTDB: protecting confidentiality with encrypted query processing. In: Proceedings of the Twenty-Third ACM Symposium on Operating Systems Principles, pp. 85–100. ACM (2011)

    Google Scholar 

  35. Sarfraz, M.I., Nabeel, M., Cao, J., Bertino, E.: DBmask: fine-grained access control on encrypted relational databases. In: Proceedings of the 5th ACM Conference on Data and Application Security and Privacy, pp. 1–11. ACM (2015)

    Google Scholar 

  36. Song, D.X., Wagner, D., Perrig, A.: Practical techniques for searches on encrypted data. In: Proceeding 2000 IEEE Symposium on Security and Privacy. S &P 2000, pp. 44–55. IEEE (2000)

    Google Scholar 

  37. Tu, S.L., Kaashoek, M.F., Madden, S.R., Zeldovich, N.: Processing analytical queries over encrypted data (2013)

    Google Scholar 

  38. Tutorialspoint: MongoDB-java, November 2020. https://db-engines.com/en/ranking. Accessed 20 Nov 2020

  39. Waage, T., Wiese, L.: Property preserving encryption in NoSQL wide column stores. In: Panetto, H., et al. (eds.) OTM 2017. LNCS, vol. 10574, pp. 3–21. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-69459-7_1

    Chapter  Google Scholar 

  40. Xu, G., Ren, Y., Li, H., Liu, D., Dai, Y., Yang, K.: CryptMDB: a practical encrypted MongoDB over big data. In: 2017 IEEE International Conference on Communications (ICC), pp. 1–6. IEEE (2017)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Department of Computer Science, University of Liverpool, Liverpool, UK

    Maryam Almarwani, Boris Konev & Alexei Lisitsa

  2. Department of Computer Science, Taibah University, Medina, Saudi Arabia

    Maryam Almarwani

Authors
  1. Maryam Almarwani
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Boris Konev
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Alexei Lisitsa
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Maryam Almarwani .

Editor information

Editors and Affiliations

  1. Consiglio Nazionale delle Ricerche, Pisa, Italy

    Paolo Mori

  2. University of Luxembourg, Esch-sur-Alzette, Luxembourg

    Gabriele Lenzini

  3. University of Nottingham, Nottingham, UK

    Steven Furnell

Rights and permissions

Reprints and permissions

Copyright information

© 2023 The Author(s), under exclusive license to Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Almarwani, M., Konev, B., Lisitsa, A. (2023). Zero Update Encryption Adjustment on Encrypted Database Queries. In: Mori, P., Lenzini, G., Furnell, S. (eds) Information Systems Security and Privacy. ICISSP ICISSP 2021 2022. Communications in Computer and Information Science, vol 1851. Springer, Cham. https://doi.org/10.1007/978-3-031-37807-2_2

Download citation

  • DOI: https://doi.org/10.1007/978-3-031-37807-2_2

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-031-37806-5

  • Online ISBN: 978-3-031-37807-2

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation