More Web Proxy on the site http://driver.im/

Article

Executing SQL over encrypted data in the database-service-provider model

Authors:

Hakan Hacigümüş,

Sharad MehrotraAuthors Info & Claims

SIGMOD '02: Proceedings of the 2002 ACM SIGMOD international conference on Management of data

Pages 216 - 227

https://doi.org/10.1145/564691.564717

Published: 03 June 2002 Publication History

Abstract

Rapid advances in networking and Internet technologies have fueled the emergence of the "software as a service" model for enterprise computing. Successful examples of commercially viable software services include rent-a-spreadsheet, electronic mail services, general storage services, disaster protection services. "Database as a Service" model provides users power to create, store, modify, and retrieve data from anywhere in the world, as long as they have access to the Internet. It introduces several challenges, an important issue being data privacy. It is in this context that we specifically address the issue of data privacy.There are two main privacy issues. First, the owner of the data needs to be assured that the data stored on the service-provider site is protected against data thefts from outsiders. Second, data needs to be protected even from the service providers, if the providers themselves cannot be trusted. In this paper, we focus on the second challenge. Specifically, we explore techniques to execute SQL queries over encrypted data. Our strategy is to process as much of the query as possible at the service providers' site, without having to decrypt the data. Decryption and the remainder of the query processing are performed at the client site. The paper explores an algebraic framework to split the query to minimize the computation at the client site. Results of experiments validating our approach are also presented.

References

[1]

AES. Advanced Encryption Standard. National Institute of Science and Technology, FIPS 197, 2001.

[2]

D. Song and D. Wagner and A. Perrig. Search on encrypted data. In Proc. of IEEE SRSP, 2000.

[3]

DES. Data Encryption Standard. FIPS PUB 46, Federal Information Processing Standards Publication, 1977.

[4]

H. Garcia-Molina, J. Ullman, and J. Widom. Database Systems: The Complete Book. Prentice Hall, 2002.

Digital Library

[5]

H. Hacigümüş, B. Iyer, C. Li, and S. Mehrotra. Executing SQL over Encrypted Data in Database-Service-Provider Model. Technical Report TR-DB-02-02, Database Research Group at University of California, Irvine, 2002.

[6]

H. Hacigümüş, B. Iyer, and S. Mehrotra. Providing Database as a Service. In Proc. of ICDE, 2002.

Digital Library

[7]

Y. E. Ioannidis and V. Poosala. Histogram-based approximation of set-valued query answers. In Proc. of VLDB, pages 174-185, 1999.

Digital Library

[8]

H. V. Jagadish, H. Jin, B. C. Ooi, and K.-L. Tan. Global optimization of histograms. In Proc. of ACM SIGMOD, 2001.

Digital Library

[9]

G. Piatatetsky-Shapiro and C. Connell. Accurate estimation of the number of tuples satisfying a condition. In Proc. of ACM SIGMOD, 1984.

Digital Library

[10]

R. L. Rivest and L. M. Adleman and M. L. Dertouzos. On Data Banks and Privacy Homomorphisms. In Foundations of Secure Computation, pages 169-178, 1978.

[11]

R. L. Rivest, A. Shamir, and L. M. Adleman. A method for obtaining digital signatures and public key cryptosystems. Communications of the ACM, 21(2):120-126, 1978.

Digital Library

[12]

B. Schneier. Description of a new variable-length key, block cipher (blowfish), fast software encryption. In Cambridge Security Workshop Proceedings, 1994.

Digital Library

[13]

A. Silberschatz, H. F. Korth, and S. Sudarshan. Database System Concepts, 3rd Edition. McGraw-Hill Book Company, 1997.

Digital Library

[14]

TPC-H. Benchmark Specification. http://www.tpc.org.

[15]

M. Winslett and J. D. Ullman. Jeffrey D. Ullman speaks out on the future of higher education, startups, database theory, and more. SIGMOD Record, 30(3), 2001.

Cited By

Mei ZHuang JWu BZhang CZou HShi JCheng Z(2024)A Secure and Fast Range Query Scheme for Encrypted Multi-Dimensional DataInternational Journal of Web Services Research10.4018/IJWSR.34039121:1(1-17)Online publication date: 9-Apr-2024
https://dl.acm.org/doi/10.4018/IJWSR.340391
Yang XYue CZhang WLiu YOoi BChen J(2024)SecuDB: An In-Enclave Privacy-Preserving and Tamper-Resistant Relational DatabaseProceedings of the VLDB Endowment10.14778/3685800.368581517:12(3906-3919)Online publication date: 8-Nov-2024
https://doi.org/10.14778/3685800.3685815
Ehrler PKati ASchneider TTreiber AFournaris APalmieri P(2024)Evaluating Leakage Attacks Against Relational Encrypted SearchProceedings of the 2024 on Cloud Computing Security Workshop10.1145/3689938.3694776(15-28)Online publication date: 19-Nov-2024
https://dl.acm.org/doi/10.1145/3689938.3694776
Show More Cited By

Index Terms

Executing SQL over encrypted data in the database-service-provider model
1. Information systems
  1. Data management systems
    1. Database management system engines
      1. Database query processing
      2. Parallel and distributed DBMSs
    2. Query languages
  2. World Wide Web
    1. Web applications
    2. Web services
2. Theory of computation
  1. Theory and algorithms for application domains
    1. Database theory
      1. Database query languages (principles)
      2. Database query processing and optimization (theory)

Recommendations

Executing SQL queries over encrypted character strings in the Database-As-Service model

Rapid advances in the networking technologies have prompted the emergence of the ''software as service'' model for enterprise computing, moreover, which is becoming one of the key industries quickly. ''Database as service'' model provides users power to ...
Web services from a service provider perspective: tenant management services for multitenant information systems

While web service discovery and composition are important for web service "consumers", service providers face other challenges. This paper looks on their needs in an important commercial scenario. In this scenario, bundling service providers combine ...
A privacy preserving model bridging data provider and collector preferences
EDBT '13: Proceedings of the Joint EDBT/ICDT 2013 Workshops

With the increasing amount of data collected by service providers, privacy concerns increase for data owners who provide private data to receive services. Legislative acts require service providers to protect the privacy of customers. Privacy policy ...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

cover image ACM Conferences

SIGMOD '02: Proceedings of the 2002 ACM SIGMOD international conference on Management of data

June 2002

654 pages

ISBN:1581134975

DOI:10.1145/564691

Conference Chair:
Bongki Moon
University of Wisconsin - Madison
,
General Chair:
David DeWitt
University of Wisconsin - Madison
,
Program Chair:
Michael Franklin
University of California, Berkeley

Copyright © 2002 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 03 June 2002

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Qualifiers

Article

Conference

SIGMOD/PODS02

Sponsor:

SIGMOD/PODS02: International Conference on Management of Data and Symposium on Principles Database and Systems

June 3 - 6, 2002

Wisconsin, Madison

Acceptance Rates

SIGMOD '02 Paper Acceptance Rate 42 of 240 submissions, 18%;

Overall Acceptance Rate 785 of 4,003 submissions, 20%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

569
Total Citations
View Citations
4,623
Total Downloads

Downloads (Last 12 months)101
Downloads (Last 6 weeks)13

Reflects downloads up to 14 Dec 2024

Other Metrics

View Author Metrics

Citations

Cited By

Mei ZHuang JWu BZhang CZou HShi JCheng Z(2024)A Secure and Fast Range Query Scheme for Encrypted Multi-Dimensional DataInternational Journal of Web Services Research10.4018/IJWSR.34039121:1(1-17)Online publication date: 9-Apr-2024
https://dl.acm.org/doi/10.4018/IJWSR.340391
Yang XYue CZhang WLiu YOoi BChen J(2024)SecuDB: An In-Enclave Privacy-Preserving and Tamper-Resistant Relational DatabaseProceedings of the VLDB Endowment10.14778/3685800.368581517:12(3906-3919)Online publication date: 8-Nov-2024
https://doi.org/10.14778/3685800.3685815
Ehrler PKati ASchneider TTreiber AFournaris APalmieri P(2024)Evaluating Leakage Attacks Against Relational Encrypted SearchProceedings of the 2024 on Cloud Computing Security Workshop10.1145/3689938.3694776(15-28)Online publication date: 19-Nov-2024
https://dl.acm.org/doi/10.1145/3689938.3694776
Du KWang JWu JWang YLuo BLiao XXu JKirda ELie D(2024)Scalable Equi-Join Queries over Encrypted DatabaseProceedings of the 2024 on ACM SIGSAC Conference on Computer and Communications Security10.1145/3658644.3690377(4002-4016)Online publication date: 2-Dec-2024
https://dl.acm.org/doi/10.1145/3658644.3690377
Wang HFan KYu CZhang KLi FLi HYang YZhu H(2024)LSPSS: Constructing Lightweight and Secure Scheme for Private Data Storage and Sharing in Aerial ComputingIEEE Transactions on Services Computing10.1109/TSC.2023.333334717:5(2583-2596)Online publication date: Sep-2024
https://doi.org/10.1109/TSC.2023.3333347
Chang ZXie DWang SLi FShen Y(2024)Towards Practical Oblivious Join ProcessingIEEE Transactions on Knowledge and Data Engineering10.1109/TKDE.2023.331003836:4(1829-1842)Online publication date: Apr-2024
https://doi.org/10.1109/TKDE.2023.3310038
Sharma SLi YMehrotra SPanwar NGupta PGhosh D(2024) Prism: Pr ivacy-Preserving and Ver i fiable S et Computation Over M ulti-Owner Secret Shared Outsourced Databases IEEE Transactions on Dependable and Secure Computing10.1109/TDSC.2023.327935621:3(1355-1371)Online publication date: May-2024
https://doi.org/10.1109/TDSC.2023.3279356
De Capitani di Vimercati SFacchinetti DForesti SOldani GParaboschi SRossi MSamarati P(2024)Multi-Dimensional Flat Indexing for Encrypted DataIEEE Transactions on Cloud Computing10.1109/TCC.2024.340890512:3(928-941)Online publication date: Jul-2024
https://doi.org/10.1109/TCC.2024.3408905
Zhang SHe XKundu AMehrotra SSharma S(2024)Secure Normal Form: Mediation Among Cross Cryptographic Leakages in Encrypted Databases2024 IEEE 40th International Conference on Data Engineering (ICDE)10.1109/ICDE60146.2024.00444(5560-5573)Online publication date: 13-May-2024
https://doi.org/10.1109/ICDE60146.2024.00444
Kumari KMehrotra SSharma S(2024)Tutorial: Information Leakage from Cryptographic Techniques2024 IEEE 44th International Conference on Distributed Computing Systems Workshops (ICDCSW)10.1109/ICDCSW63686.2024.00007(9-12)Online publication date: 23-Jul-2024
https://doi.org/10.1109/ICDCSW63686.2024.00007
Show More Cited By

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Media

Figures

Other

Tables

View Table of Contents