Panda: Partitioned Data Security on Outsourced Sensitive and Non-sensitive Data
| Autor: | Jeffrey D. Ullman, Peeyush Gupta, Shantanu Sharma, Sharad Mehrotra, Dhrubajyoti Ghosh, Anurag Mishra |
|---|---|
| Rok vydání: | 2020 |
| Předmět: |
FOS: Computer and information sciences
Computer Science - Cryptography and Security General Computer Science Selection (relational algebra) Computer science Data security Cryptography 02 engineering and technology Computer security computer.software_genre Encryption Secret sharing Computer Science - Information Retrieval Management Information Systems Set (abstract data type) Computer Science - Databases 020204 information systems 0202 electrical engineering electronic engineering information engineering Data processing business.industry Plaintext Databases (cs.DB) 020202 computer hardware & architecture Computer Science - Distributed Parallel and Cluster Computing Distributed Parallel and Cluster Computing (cs.DC) business computer Cryptography and Security (cs.CR) Information Retrieval (cs.IR) |
| DOI: | 10.48550/arxiv.2005.06154 |
| Popis: | Despite extensive research on cryptography, secure and efficient query processing over outsourced data remains an open challenge. This paper continues along with the emerging trend in secure data processing that recognizes that the entire dataset may not be sensitive, and hence, non-sensitivity of data can be exploited to overcome limitations of existing encryption-based approaches. We, first, provide a new security definition, entitled partitioned data security for guaranteeing that the joint processing of non-sensitive data (in cleartext) and sensitive data (in encrypted form) does not lead to any leakage. Then, this paper proposes a new secure approach, entitled query binning (QB) that allows secure execution of queries over non-sensitive and sensitive parts of the data. QB maps a query to a set of queries over the sensitive and non-sensitive data in a way that no leakage will occur due to the joint processing over sensitive and non-sensitive data. In particular, we propose secure algorithms for selection, range, and join queries to be executed over encrypted sensitive and cleartext non-sensitive datasets. Interestingly, in addition to improving performance, we show that QB actually strengthens the security of the underlying cryptographic technique by preventing size, frequency-count, and workload-skew attacks. Comment: This version has been accepted in ACM Transactions on Management Information Systems. The final published version of this paper may differ from this accepted version. A preliminary version of this paper [arXiv:1812.09233] was accepted and presented in IEEE ICDE 2019 |
| Databáze: | OpenAIRE |
| Externí odkaz: |
|