Skip to main content

Metadata Management in Outsourced Encrypted Databases

  • Conference paper
Secure Data Management (SDM 2005)

Part of the book series: Lecture Notes in Computer Science ((LNISA,volume 3674))

Included in the following conference series:

Abstract

Database outsourcing is becoming increasingly popular introducing a new paradigm, called database-as-a-service, where a client’s database is stored at an external service provider. Outsourcing databases to external providers promises higher availability and more effective disaster protection than in-house operations. This scenario presents new research challenges on which the usability of the system is based. In particular, one important aspect is the metadata that must be provided to support the proper working of the system.

In this paper, we illustrate the metadata that are needed, at the client and server, to store and retrieve mapping information for processing a query issued by a client application to the server storing the outsourced database. We also present an approach to develop an efficient access control technique and the corresponding metadata needed for its enforcement.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

Similar content being viewed by others

References

  1. Agrawal, R., Kierman, J., Srikant, R., Xu, Y.: Order preserving encryption for numeric data. In: Proc. of ACM SIGMOND 2004, Paris, France (June 2004)

    Google Scholar 

  2. Akl, S., Taylor, P.: Cryptographic solution to a problem of access control in a hierarchy. ACM Transactions on Computer System 1(3), 239–248 (1983)

    Article  Google Scholar 

  3. Boyens, C., Gunter, O.: Using online services in untrusted environments - a privacy-preserving architecture. In: Proc. of the 11th European Conference on Information Systems (ECIS 2003), Naples, Italy (June 2003)

    Google Scholar 

  4. Brinkman, R., Doumen, J., Jonker, W.: Using secret sharing for searching in encrypted data. In: Jonker, W., Petković, M. (eds.) SDM 2004. LNCS, vol. 3178, pp. 18–27. Springer, Heidelberg (2004)

    Chapter  Google Scholar 

  5. Ceri, S., Pelegatti, G.: Distributed Database Systems: Principles and Systems. McGraw-Hill, New York (1984)

    Google Scholar 

  6. Ceselli, A., Damiani, E., De Capitani di Vimercati, S., Jajodia, S., Paraboschi, S., Samarati, P.: Modeling and assessing inference exposure in encrypted databases. ACM Transactions on Information and System Security (TISSEC) 8(1), 119–152 (2005)

    Article  Google Scholar 

  7. Damiani, E., De di Capitani Vimercati, S., Foresti, S., Jajodia, S., Samarati, P.: Selective release of information in outsourced encrypted database. Technical report, University of Milan (2005)

    Google Scholar 

  8. Damiani, E., De di Capitani Vimercati, S., Finetti, M., Paraboschi, S., Samarati, P., Jajodia, S.: Implementation of a storage mechanism for untrusted DBMSs. In: Proc. of the Second International IEEE Security in Storage Workshop, Washington DC, USA (May 2003)

    Google Scholar 

  9. Damiani, E., De di Capitani Vimercati, S., Jajodia, S., Paraboschi, S., Samarati, P.: Balancing confidentiality and efficiency in untrusted relational DBMSs. In: Proc. of the 10th ACM Conference on Computer and Communications Security, Washington, DC, USA, October 27-31 (2003)

    Google Scholar 

  10. Davida, G.I., Wells, D.L., Kam, J.B.: A database encryption system with subkeys. ACM Transactions on Database Systems 6(2), 312–328 (1981)

    Article  MathSciNet  Google Scholar 

  11. Domingo-Ferrer, J., Herrera-Joanconmarti, J.: A privacy homomorphism allowing field operations on encrypted data. Jornades de Matematica Discreta i Algorismica (1998)

    Google Scholar 

  12. Hacigümüs, H., Iyer, B., Mehrotra, S.: Providing database as a service. In: Proc. of 18th International Conference on Data Engineering, San Jose, California, USA (February 2002)

    Google Scholar 

  13. Hacigümüs, H., Iyer, B., Mehrotra, S.: Ensuring integrity of encrypted databases in database as a service model. In: Proc. of the IFIP Conference on Data and Applications Security, Estes Park Colorado (August 2003)

    Google Scholar 

  14. Hacigumus, H., Iyer, B., Mehrotra, S.: Efficient execution of aggregation queries over encrypted relational databases. In: Proc. of the 9th International Conference on Database Systems for Advanced Applications, Jeju Island, Korea (March 2004)

    Google Scholar 

  15. Hacigümüs, H., Iyer, B., Mehrotra, S., Li, C.: Executing SQL over encrypted data in the database-service-provider model. In: Proc. of the ACM SIGMOD’2002, Madison, Wisconsin, USA (June 2002)

    Google Scholar 

  16. Hacigumus, H., Mehrotra, S.: Performance-conscious key management in encrypted databases. In: Proc. of the 18th Annual IFIP WG 11.3 Working Conference on Data and Applications Security, Sitges, Catalonia, Spain (July 2004)

    Google Scholar 

  17. Harn, L., Lin, H.: A cryptographic key generation scheme for multilevel data security. Computers and Security 9(6), 539–546 (1990)

    Article  Google Scholar 

  18. Hore, B., Mehrotra, S., Tsudik, G.: A privacy-preserving index for range queries. In: Proc. of the 30th VLDB Conference, Toronto, Canada (2004)

    Google Scholar 

  19. Hwang, M., Yang, W.: Controlling access in large partially ordered hierarchies using cryptographic keys. The Journal of Systems and Software 67(2), 99–107 (2003)

    Article  Google Scholar 

  20. MacKinnon, S., Taylor, P., Meijer, H., Akl, S.: An optimal algorithm for assigning cryptographic keys to control access in a hierarchy. IEEE Transactions on Computers 34(9), 797–802 (1985)

    Article  Google Scholar 

  21. E. Mykletun, M. Narasimha, and G. Tsudik. Authentication and integrity in outsourced database. In Proc. of the 11th Annual Network and Distributed System Security Symposium, San Diego, California, USA, February 2004.

    Google Scholar 

  22. R.S. Sandhu. Cryptographic implementation of a tree hierarchy for access control. Information Processing Letters, 27(2):95–98, April 1988.

    Google Scholar 

Download references

Author information

Authors and Affiliations

Authors

Editor information

Editors and Affiliations

Rights and permissions

Reprints and permissions

Copyright information

© 2005 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Damiani, E., De Capitani di Vimercati, S., Foresti, S., Jajodia, S., Paraboschi, S., Samarati, P. (2005). Metadata Management in Outsourced Encrypted Databases. In: Jonker, W., Petković, M. (eds) Secure Data Management. SDM 2005. Lecture Notes in Computer Science, vol 3674. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11552338_2

Download citation

  • DOI: https://doi.org/10.1007/11552338_2

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-28798-8

  • Online ISBN: 978-3-540-31974-0

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics