In this paper, we take a closer look at the security of outsourced databases (aka Database-as-the-Service or DAS), a topic of emerging importance. DAS allows users to store sensitive data on a remote, untrusted server and retrieve desired parts of it on request. At first we focus on basic, exact-match query functionality, and then extend our treatment to prefix-matching and, to a more limited extent, range queries as well. We propose several searchable encryption schemes that are not only practical enough for use in DAS in terms of query-processing efficiency but also provably-provide privacy and authenticity of data under new definitions of security that we introduce. The schemes are easy to implement and are based on standard cryptographic primitives such as block ciphers, symmetric encryption schemes, and message authentication codes. As we are some of the first to apply the provable-security framework of modern cryptography to this context, we believe our work will help to properly analyze future schemes and facilitate further research on the subject in general.
%0 Book Section
%1 springerlink:10.1007/978-3-540-73538-0_2
%A Amanatidis, Georgios
%A Boldyreva, Alexandra
%A O’Neill, Adam
%B Data and Applications Security XXI
%C Berlin / Heidelberg
%D 2007
%E Barker, Steve
%E Ahn, Gail-Joon
%I Springer
%K data-outsourcing privacy
%P 14-30
%R 10.1007/978-3-540-73538-0_2
%T Provably-Secure Schemes for Basic Query Support in Outsourced Databases
%U http://dx.doi.org/10.1007/978-3-540-73538-0_2
%V 4602
%X In this paper, we take a closer look at the security of outsourced databases (aka Database-as-the-Service or DAS), a topic of emerging importance. DAS allows users to store sensitive data on a remote, untrusted server and retrieve desired parts of it on request. At first we focus on basic, exact-match query functionality, and then extend our treatment to prefix-matching and, to a more limited extent, range queries as well. We propose several searchable encryption schemes that are not only practical enough for use in DAS in terms of query-processing efficiency but also provably-provide privacy and authenticity of data under new definitions of security that we introduce. The schemes are easy to implement and are based on standard cryptographic primitives such as block ciphers, symmetric encryption schemes, and message authentication codes. As we are some of the first to apply the provable-security framework of modern cryptography to this context, we believe our work will help to properly analyze future schemes and facilitate further research on the subject in general.
%@ 978-3-540-73533-5
@incollection{springerlink:10.1007/978-3-540-73538-0_2,
abstract = {In this paper, we take a closer look at the security of outsourced databases (aka Database-as-the-Service or DAS), a topic of emerging importance. DAS allows users to store sensitive data on a remote, untrusted server and retrieve desired parts of it on request. At first we focus on basic, exact-match query functionality, and then extend our treatment to prefix-matching and, to a more limited extent, range queries as well. We propose several searchable encryption schemes that are not only practical enough for use in DAS in terms of query-processing efficiency but also provably-provide privacy and authenticity of data under new definitions of security that we introduce. The schemes are easy to implement and are based on standard cryptographic primitives such as block ciphers, symmetric encryption schemes, and message authentication codes. As we are some of the first to apply the provable-security framework of modern cryptography to this context, we believe our work will help to properly analyze future schemes and facilitate further research on the subject in general.},
added-at = {2012-09-11T10:25:55.000+0200},
address = {Berlin / Heidelberg},
affiliation = {Georgia Institute of Technology USA},
author = {Amanatidis, Georgios and Boldyreva, Alexandra and O’Neill, Adam},
biburl = {https://www.bibsonomy.org/bibtex/2047e62cedf0703bb90f0db2b82ff77d3/matthiashuber},
booktitle = {Data and Applications Security XXI},
description = {Abstract - SpringerLink},
doi = {10.1007/978-3-540-73538-0_2},
editor = {Barker, Steve and Ahn, Gail-Joon},
interhash = {d55cf78a2cfcc2d69e548b78d5499021},
intrahash = {047e62cedf0703bb90f0db2b82ff77d3},
isbn = {978-3-540-73533-5},
keyword = {Computer Science},
keywords = {data-outsourcing privacy},
pages = {14-30},
publisher = {Springer},
series = {Lecture Notes in Computer Science},
timestamp = {2012-09-11T10:25:56.000+0200},
title = {Provably-Secure Schemes for Basic Query Support in Outsourced Databases},
url = {http://dx.doi.org/10.1007/978-3-540-73538-0_2},
volume = 4602,
year = 2007
}