Abstract
Column-oriented database systems have drawn a lot of attention in recent years because of their performance advantages in terms of data querying and computation on columns. Since databases often contain sensitive and valuable information, protecting the confidentiality, integrity, and availability of the database is of utmost importance. In addition to encryption, shuffling can also be used to secure the database storage files. In this paper, we present a novel approach called SCORD to prevent the leakage of confidential data stored in the database management system by applying the shuffling technique on column-oriented databases. SCORD can protect column-oriented databases in both offline storage mode and online running mode. SCORD also bundles semantically or statistically associated attributes, such that the data is shuffled in a way that appears deceptively authentic and indistinguishable to potential attacks. We implement a prototype of SCORD and evaluate it using a set of real-world data. The experiment results demonstrate the effectiveness of our approach and show that the processing overhead is acceptable.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
References
Agrawal, R., Kiernan, J., Srikant, R., Xu, Y.: Order preserving encryption for numeric data. In: Proceedings of the 2004 ACM SIGMOD International Conference on Management of Data, pp. 563–574 (2004)
Alaya, B., Laouamer, L., Msilini, N.: Homomorphic encryption systems statement: trends and challenges. Comput. Sci. Rev. 36, 100235 (2020)
Bello, S.A., et al.: Cloud computing in construction industry: use cases, benefits and challenges. Autom. Constr. 122, 103441 (2021)
Cyan4973: Cyan4973/xxHash. https://github.com/Cyan4973/xxHash
Duncan, R.: A multi-cloud world requires a multi-cloud security approach. Comput. Fraud Secur. 2020(5), 11–12 (2020)
Estabrook, G.F., Brill, R.C.: The theory of the taxir accessioner. Math. Biosci. 5(3–4), 327–340 (1969)
Franceschi-Bicchierai, L.: T-mobile says hacker accessed personal data of 37 million customers. https://techcrunch.com/2023/01/19/t-mobile-data-breach/
Geng, T., Alsuwat, H., Huang, C.T., Farkas, C.: Securing relational database storage with attribute association aware shuffling. In: 2019 IEEE Conference on Dependable and Secure Computing (DSC), pp. 1–8. IEEE (2019)
Goldwasser, S., Micali, S.: Probabilistic encryption. J. Comput. Syst. Sci. 28(2), 270–299 (1984)
Grubbs, P., Ristenpart, T., Shmatikov, V.: Why your encrypted database is not secure. In: Proceedings of the 16th Workshop on Hot Topics in Operating Systems, pp. 162–168 (2017)
Guan, Z., et al.: Cross-lingual multi-keyword rank search with semantic extension over encrypted data. Inf. Sci. 514, 523–540 (2020)
Idreos, S., Groffen, F., Nes, N., Manegold, S., Mullender, S., Kersten, M.: Monetdb: two decades of research in column-oriented database. IEEE Data Eng. Bull. (2012)
IMDB: IMDB data files available for download. https://datasets.imdbws.com/
Jeong, D.H., Jeong, B.K., Leslie, N., Kamhoua, C., Ji, S.Y.: Designing a supervised feature selection technique for mixed attribute data analysis. Mach. Learn. Appl. 10, 100431 (2022)
Korsh, J.F., LaFollette, P.S.: Constant time generation of derangements. Inf. Process. Lett. 90(4), 181–186 (2004)
Marcolla, C., Sucasas, V., Manzano, M., Bassoli, R., Fitzek, F.H., Aaraj, N.: Survey on fully homomorphic encryption, theory, and applications. Proc. IEEE 110(10), 1572–1609 (2022)
Popa, R.A., Redfield, C.M., Zeldovich, N., Balakrishnan, H.: Cryptdb: protecting confidentiality with encrypted query processing. In: Proceedings of the Twenty-Third ACM Symposium on Operating Systems Principles, pp. 85–100 (2011)
PWC: Cloud security report (2019)
Varri, U., Pasupuleti, S., Kadambari, K.: A scoping review of searchable encryption schemes in cloud computing: taxonomy, methods, and recent developments. J. Supercomput. 76(4), 3013–3042 (2020)
Zheng, Y., Lu, R., Guan, Y., Shao, J., Zhu, H.: Achieving efficient and privacy-preserving exact set similarity search over encrypted data. IEEE Trans. Dependable Secure Comput. 19(2), 1090–1103 (2020)
Zyuzin, V.D., Vdovenko, D.V., Bolshakov, V.N., Busenkov, A.A., Krivdin, A.D.: Attack on hash functions. EurAsian J. BioSciences 14(1) (2020)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2024 The Author(s), under exclusive license to Springer Nature Singapore Pte Ltd.
About this paper
Cite this paper
Geng, T., Huang, CT., Farkas, C. (2024). SCORD: Shuffling Column-Oriented Relational Database to Enhance Security. In: Wang, G., Wang, H., Min, G., Georgalas, N., Meng, W. (eds) Ubiquitous Security. UbiSec 2023. Communications in Computer and Information Science, vol 2034. Springer, Singapore. https://doi.org/10.1007/978-981-97-1274-8_11
Download citation
DOI: https://doi.org/10.1007/978-981-97-1274-8_11
Published:
Publisher Name: Springer, Singapore
Print ISBN: 978-981-97-1273-1
Online ISBN: 978-981-97-1274-8
eBook Packages: Computer ScienceComputer Science (R0)