Abstract
As the cloud paradigm becomes prevalent for hosting various applications and services, the security of the data stored in the public cloud remains a big concern that blocks the widespread use of the cloud for relational data management. Data confidentiality, integrity and availability are the three main features that are desired while providing data management and query processing functionality in the cloud. We specifically discuss achieving data confidentiality while preserving practical query performance in this paper. Data confidentiality needs to be provided in both data storage and at query access. As a result, we need to consider practical query processing on confidential data and protecting data access privacy. This paper analyzes recent techniques towards a practical comprehensive framework for supporting processing of common database queries on confidential data while maintaining access privacy.
Access provided by Autonomous University of Puebla. Download to read the full chapter text
Chapter PDF
Similar content being viewed by others
Keywords
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
References
Armbrust, M., Fox, A., Griffith, R., Joseph, A.D., Katz, R., Konwinski, A., Lee, G., Patterson, D., Rabkin, A., Stoica, I., Zaharia, M.: Above the Clouds: A Berkeley View of Cloud Computing. Technical Report 2009-28, UC Berkeley (2009)
Amazon: AWS Solution Providers (2009), http://aws.amazon.com/solutions/solution-providers/
Amazon: AWS Case Studies (2009), http://aws.amazon.com/solutions/case-studies/
Li, P.: Cloud computing is powering innovation in the silicon valley (2010), http://www.huffingtonpost.com/ping-li/cloud-computing-is-poweri_b_570422.html
Business Review USA: Small, medium-sized companies adopt cloud computing (2010), http://www.businessreviewusa.com/news/cloud-computing/small-medium-sized-companies-adopt-cloud-computing
InfoWorld: Gartner: Seven cloud-computing security risks (2008), http://www.infoworld.com/d/security-central/gartner-seven-cloud-computing-security-risks-853?page=0,1
Mather, T., Kumaraswamy, S., Latif, S.: Cloud Security and Privacy. O’Reilly Media, Inc., Sebastopol (2009)
Amazon: Amazon elastic compute cloud (amazon ec2), http://aws.amazon.com/ec2/
Ristenpart, T., Tromer, E., Shacham, H., Savage, S.: Hey, you, get off of my cloud: exploring information leakage in third-party compute clouds. In: ACM Conference on Computer and Communications Security, pp. 199–212 (2009)
NIST: Fips publications, http://csrc.nist.gov/publications/PubsFIPS.html
Chor, B., Kushilevitz, E., Goldreich, O., Sudan, M.: Private information retrieval. J. ACM 45(6), 965–981 (1998)
Bellare, M., Canetti, R., Krawczyk, H.: Keying Hash Functions for Message Authentication. In: Koblitz, N. (ed.) CRYPTO 1996. LNCS, vol. 1109, pp. 1–15. Springer, Heidelberg (1996)
Agrawal, R., Haas, P.J., Kiernan, J.: A system for watermarking relational databases. In: Proc. of the 2003 ACM SIGMOD International Conference on Management of Data, pp. 674–674 (2003)
Plank, J.S., Ding, Y.: Note: Correction to the 1997 tutorial on reed-solomon coding. Softw. Pract. Exper. 35(2), 189–194 (2005)
Bowers, K.D., Juels, A., Oprea, A.: Hail: a high-availability and integrity layer for cloud storage. In: CCS 2009: Proceedings of the 16th ACM Conference on Computer and Communications Security, pp. 187–198 (2009)
Abu-Libdeh, H., Princehouse, L., Weatherspoon, H.: Racs: a case for cloud storage diversity. In: SoCC 2010: Proceedings of the 1st ACM Symposium on Cloud Computing, pp. 229–240 (2010)
Rabin, M.O.: Efficient dispersal of information for security, load balancing, and fault tolerance. J. ACM 36(2), 335–348 (1989)
Shamir, A.: How to share a secret. Commun. ACM 22(11), 612–613 (1979)
Agrawal, D., Abbadi, A.E.: Quorum consensus algorithms for secure and reliable data. In: Proceedings of the Sixth IEEE Symposium on Reliable Distributed Systems, pp. 44–53 (1988)
CleverSafe: Cleversafe responds to cloud security challenges with cleversafe 2.0 software release (2010), http://www.cleversafe.com/news-reviews/press-releases/press-release-14
InfoLawGroup: Cloud providers competing on data security & privacy contract terms (2010), http://www.infolawgroup.com/2010/04/articles/cloud-computing-1/cloud-providers-competing-on-data-security-privacy-contract-terms
Song, D.X., Wagner, D., Perrig, A.: Practical techniques for searches on encrypted data. In: SP 2000: Proceedings of the 2000 IEEE Symposium on Security and Privacy, p. 44 (2000)
Chang, Y.-C., Mitzenmacher, M.: Privacy Preserving Keyword Searches on Remote Encrypted Data. In: Ioannidis, J., Keromytis, A.D., Yung, M. (eds.) ACNS 2005. LNCS, vol. 3531, pp. 442–455. Springer, Heidelberg (2005)
Yang, Z., Zhong, S., Wright, R.N.: Privacy-Preserving Queries on Encrypted Data. In: Gollmann, D., Meier, J., Sabelfeld, A. (eds.) ESORICS 2006. LNCS, vol. 4189, pp. 479–495. Springer, Heidelberg (2006)
Hacigumus, H., Iyer, B.R., Li, C., Mehrotra, S.: Executing SQL over encrypted data in the database service provider model. In: SIGMOD Conference (2002)
Hore, B., Mehrotra, S., Tsudik, G.: A privacy-preserving index for range queries. In: Proc. of the 30th Int’l Conference on Very Large Databases VLDB, pp. 720–731 (2004)
Agrawal, R., Kiernan, J., Srikant, R., Xu, Y.: Order preserving encryption for numeric data. In: SIGMOD 2004: Proceedings of the 2004 ACM SIGMOD International Conference on Management of Data, pp. 563–574 (2004)
Emekci, F., Agrawal, D., Abbadi, A.E., Gulbeden, A.: Privacy preserving query processing using third parties. In: ICDE (2006)
Ge, T., Zdonik, S.B.: Answering aggregation queries in a secure system model. In: Proceedings of the 33rd International Conference on Very Large Data Bases, pp. 519–530 (2007)
Gentry, C.: Fully homomorphic encryption using ideal lattices. In: STOC 2009: Proceedings of the 41st Annual ACM Symposium on Theory of Computing, pp. 169–178 (2009)
Schneier, B.: Homomorphic encryption breakthrough (2009), http://www.schneier.com/blog/archives/2009/07/homomorphic_enc.html
Katz, J., Sahai, A., Waters, B.: Predicate Encryption Supporting Disjunctions, Polynomial Equations, and Inner Products. In: Smart, N.P. (ed.) EUROCRYPT 2008. LNCS, vol. 4965, pp. 146–162. Springer, Heidelberg (2008)
Damiani, E., di Vimercati, S.D.C., Jajodia, S., Paraboschi, S., Samarati, P.: Balancing confidentiality and efficiency in untrusted relational dbmss. In: ACM Conference on Computer and Communications Security, pp. 93–102 (2003)
Shmueli, E., Waisenberg, R., Elovici, Y., Gudes, E.: Designing secure indexes for encrypted databases. In: Proceedings of the IFIP Conference on Database and Applications Security (2005)
Ge, T., Zdonik, S.B.: Fast, secure encryption for indexing in a column-oriented dbms. In: ICDE, pp. 676–685 (2007)
Wang, S., Agrawal, D., Abbadi, A.E.: A Comprehensive Framework for Secure Query Processing on Relational Data in the Cloud. In: Jonker, W., Petković, M. (eds.) SDM 2011. LNCS, vol. 6933, pp. 52–69. Springer, Heidelberg (2011)
Bajaj, S., Sion, R.: Trusteddb: a trusted hardware based database with privacy and data confidentiality. In: Proceedings of the 2011 International Conference on Management of Data, SIGMOD 2011, pp. 205–216 (2011)
Comer, D.: Ubiquitous b-tree. ACM Comput. Surv. 11(2), 121–137 (1979)
Robling Denning, D.E.: Cryptography and data security. Addison-Wesley Longman Publishing Co., Inc., Boston (1982)
Howe, D.C., Nissenbaum, H.: TrackMeNot: Resisting surveillance in web search. In: Lessons from the Identity Trail: Anonymity, Privacy, and Identity in a Networked Society, pp. 417–436. Oxford University Press (2009)
Kushilevitz, E., Ostrovsky, R.: Replication is not needed: Single database, computationally-private information retrieval. In: FOCS, pp. 364–373 (1997)
Olumofin, F.G., Goldberg, I.: Revisiting the computational practicality of private information retrieval. In: Financial Cryptography (2011)
Gentry, C., Ramzan, Z.: Single-database private information retrieval with constant communication rate. In: Proceedings of the 32nd International Colloquium on Automata, Languages and Programming, pp. 803–815 (2005)
Sion, R., Carbunar, B.: On the computational practicality of private information retrieval. In: Network and Distributed System Security Symposium (2007)
Williams, P., Sion, R.: Usable private information retrieval. In: Network and Distributed System Security Symposium (2008)
Williams, P., Sion, R., Carbunar, B.: Building castles out of mud: practical access pattern privacy and correctness on untrusted storage. In: ACM Conference on Computer and Communications Security, pp. 139–148 (2008)
Melchor, C.A., Gaborit, P.: A fast private information retrieval protocol. In: IEEE Internal Symposium on Information Theory, pp. 1848–1852 (2008)
Mokbel, M.F., Chow, C.Y., Aref, W.G.: The new casper: A privacy-aware location-based database server. In: ICDE, pp. 1499–1500 (2007)
Peddinti, S.T., Saxena, N.: On the Privacy of Web Search Based on Query Obfuscation: A Case Study of Trackmenot. In: Atallah, M.J., Hopper, N.J. (eds.) PETS 2010. LNCS, vol. 6205, pp. 19–37. Springer, Heidelberg (2010)
Murugesan, M., Clifton, C.: Providing privacy through plausibly deniable search. In: SDM, pp. 768–779 (2009)
Pang, H., Ding, X., Xiao, X.: Embellishing text search queries to protect user privacy. PVLDB 3(1), 598–607 (2010)
Dwork, C., McSherry, F., Nissim, K., Smith, A.: Calibrating Noise to Sensitivity in Private Data Analysis. In: Halevi, S., Rabin, T. (eds.) TCC 2006. LNCS, vol. 3876, pp. 265–284. Springer, Heidelberg (2006)
Olumofin, F.G., Tysowski, P.K., Goldberg, I., Hengartner, U.: Achieving Efficient Query Privacy for Location Based Services. In: Atallah, M.J., Hopper, N.J. (eds.) PETS 2010. LNCS, vol. 6205, pp. 93–110. Springer, Heidelberg (2010)
Ghinita, G., Kalnis, P., Kantarcioglu, M., Bertino, E.: A Hybrid Technique for Private Location-Based Queries with Database Protection. In: Mamoulis, N., Seidl, T., Pedersen, T.B., Torp, K., Assent, I. (eds.) SSTD 2009. LNCS, vol. 5644, pp. 98–116. Springer, Heidelberg (2009)
Wang, S., Agrawal, D., El Abbadi, A.: Generalizing PIR for Practical Private Retrieval of Public Data. In: Foresti, S., Jajodia, S. (eds.) Data and Applications Security and Privacy XXIV. LNCS, vol. 6166, pp. 1–16. Springer, Heidelberg (2010)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2011 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Agrawal, D., El Abbadi, A., Wang, S. (2011). Secure Data Management in the Cloud. In: Kikuchi, S., Madaan, A., Sachdeva, S., Bhalla, S. (eds) Databases in Networked Information Systems. DNIS 2011. Lecture Notes in Computer Science, vol 7108. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-25731-5_1
Download citation
DOI: https://doi.org/10.1007/978-3-642-25731-5_1
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-25730-8
Online ISBN: 978-3-642-25731-5
eBook Packages: Computer ScienceComputer Science (R0)