Skip to main content
SpringerLink
Log in

Measuring Inference Exposure in Outsourced Encrypted Databases

  • Conference paper
Book cover Quality of Protection

Part of the book series: Advances in Information Security ((ADIS,volume 23))

Abstract

Database outsourcing is becoming increasingly popular introducing a new paradigm, called database-as-a-service, where an encrypted client's database is stored at an external service provider. Existing proposals for querying encrypted databases are based on the association, with each encrypted tuple, of additional indexing information obtained from the plaintext values of attributes that can be used in the queries. However, the relationship between indexes and data should not open the door to inference and linking attacks that can compromise the protection granted by encryption.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 169.00
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 219.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info
Hardcover Book
USD 219.99
Price excludes VAT (USA)
  • Durable hardcover edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Aczél, J.: On Weighted Synthesis of Judgments. Aequationes Math. 27 (1984) 288–307

    Article  MathSciNet  MATH  Google Scholar 

  2. Ceselli, A., Damiani, E., De Capitani di Vimercati, S., Jajodia, S., Paraboschi, S., Samarati, P.: Modeling and Assessing Inference Exposure in Encrypted Databases. ACM Transactions on Information and System Security (TISSEC) 8(1) (February 2005) 119–152

    Google Scholar 

  3. Damiani, E., De Capitani di Vimercati, S., Finetti, M., Paraboschi, S., Samarati, P., Jajodia, S.: Implementation of a Storage Mechanism for Untrusted DBMSs. In Proc. of the Second International IEEE Security in Storage Workshop, Washington DC, USA (May 2003)

    Google Scholar 

  4. Damiani, E., De Capitani di Vimercati, S., Jajodia, S., Paraboschi, S., Samarati, P.: Balancing Confidentiality and Efficiency in Untrusted Relational DBMSs. In Proc. of the 10th ACM Conference on Computer and Communications Security, Washington, DC, USA (October 2003)

    Google Scholar 

  5. Davida, G.I., Wells, D.L., Kam, J.B.: A Database Encryption System with Subkeys. ACM Transactions on Database Systems 6(2) (June 1981) 312–328

    Google Scholar 

  6. Denning, D.E.: Cryptography and Data Security. Addison-Wesley (1982)

    Google Scholar 

  7. Fodor, J., Marichal, J.L., Roubens, M.: Characterization of the Ordered Weighted Averaging Operators. IEEE Transactions on Fuzzy Systems 3(2) (1995) 236–240

    Article  Google Scholar 

  8. Grabisch, M.: Fuzzy Integral in Multicriteria Decision Making. Fuzzy Sets and Systems 69 (1995)279–298

    Article  MathSciNet  MATH  Google Scholar 

  9. Hacigümüs, H., Iyer, B., Mehrotra, S.: Providing Database as a Service. In Proc. of the 18th International Conference on Data Engineering, San Jose, California, USA (February 2002)

    Google Scholar 

  10. Hacigümüs, H., Iyer, B., Mehrotra, S.: Ensuring Integrity of Encrypted Databases in Database as a Service Model. In Proc. of the IFIP Conference on Data and Applications Security, Estes Park Colorado (August 2003)

    Google Scholar 

  11. Hacigümüs, H., Iyer, B., Mehrotra, S., Li, C.: Executing SQL over Encrypted Data in the Database-Service-Provider Model. In Proc. of the ACM SIGMOD'2002, Madison, Wisconsin, USA (June 2002)

    Google Scholar 

  12. Hore, B., Mehrotra, S., Tsudik, G.: A Privacy-Preserving Index for Range Queries. In Proc. of the 30th Very Large DataBase Conference, Toronto, Canada (2004)

    Google Scholar 

  13. McKay, B.D.: Practical Graph Isomorphism. Congressus Numerantium, 30 (1981) 45–87

    MathSciNet  Google Scholar 

  14. Mesiar, R., Komorníková, M.: Aggregation Operators. In Proc. of the XI Conference on Applied Mathematics “PRIM' 96”, Budva, Serbia and Montenegro (1996).

    Google Scholar 

  15. Mykletun, E., Narasimha, M., Tsudik, G.: Authentication and Integrity in Outsourced Database. In Proc. of the 1lth Annual Network and Distributed System Security Symposium, San Diego, California, USA (February 2004)

    Google Scholar 

  16. Torra, V.: The Weighted OWA Operator. International Journal of Intelligent Systems 12(2) (1997)153–166

    Article  MATH  Google Scholar 

  17. Torra, V.: On the Learning of Weights in some Aggregation Operators: the Weighted Mean and the OWA Operators. Math ware and Soft Computing 6 (1999) 249–265

    MathSciNet  Google Scholar 

  18. Xu, Z.S., Da, Q.L.: An Overview of Operators for Aggregating Information. Iternational Journal of Intelligent Systems 18 (2003) 953–969

    MATH  Google Scholar 

  19. Yager, R.: On Ordered Weighted Averaging Aggregation Operators in Multicriteria Decision Making. IEEE Transactions on Systems, Man and Cybernetics 18(1) (1988) 183–190

    Article  MathSciNet  MATH  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Dipartimento di Technologie dell'Informazione, Università deli Studi di Milano, Via Bramante, 65-26013, Crema (CR), Italia

    E. Damiani, S. De Capitani di Vimercati, S. Foresti, P. Samarati & M. Viviani

Authors
  1. E. Damiani
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. S. De Capitani di Vimercati
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. S. Foresti
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. P. Samarati
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. M. Viviani
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Institute Security in Distributed Applications, TU Hamburg-Harburg, Harburger Schloßstraße 20, 21079, Hamburg, Germany

    Dieter Gollmann

  2. Dipartimento Informatica e Telecomunicazioni (DIT), University of Trento, Via Sommarive, 14 38050, Trento, Italy

    Fabio Massacci  & Artsiom Yautsiukhin  & 

Rights and permissions

Reprints and permissions

Copyright information

© 2006 Springer Science+Business Media, LLC.

About this paper

Cite this paper

Damiani, E., De Capitani di Vimercati, S., Foresti, S., Samarati, P., Viviani, M. (2006). Measuring Inference Exposure in Outsourced Encrypted Databases. In: Gollmann, D., Massacci, F., Yautsiukhin, A. (eds) Quality of Protection. Advances in Information Security, vol 23. Springer, Boston, MA. https://doi.org/10.1007/978-0-387-36584-8_15

Download citation

  • DOI: https://doi.org/10.1007/978-0-387-36584-8_15

  • Publisher Name: Springer, Boston, MA

  • Print ISBN: 978-0-387-29016-4

  • Online ISBN: 978-0-387-36584-8

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation