Abstract
Data privacy and integrity is top of mind for modern data applications. To tackle with the above issue, we propose an encrypted database system with access control capabilities and blockchain validation in this paper. Compared to the existing encrypted database system, our design proposes a proxy-free architecture, which avoids the need for a trusted proxy for access control. In order to protect the integrity of user data, our system leverages the blockchain technology to realize a tampering protection mechanism. The mechanism ensures that modification logging is compulsory and public-available but hardened. Users can validate and easily detect the tampered data. Finally, we implement a prototype system and conduct evaluations on each component of the proposed system.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Notes
- 1.
For every column, we use a new private key \(key_j\) to encrypt the data.
- 2.
Since SKE is deterministic, the SKE ciphertexts are the same if the underlying data is identical.
- 3.
The NoSQL database has a wide variety of data models, including key-value, document, columnar and graph formats.
References
Cai, C., Yuan, X., Wang, C.: Hardening distributed and encrypted keyword search via Blockchain. In: IEEE PAC 2017, pp. 119–128 (2017)
Cai, C., Yuan, X., Wang, C.: Towards trustworthy and private keyword search in encrypted decentralized storage. In: IEEE ICC 2017, pp. 1–7 (2017)
Date, C.J., Darwen, H.: A guide to the SQL Standard: A User’s Guide to The Standard Relational Language SQL. Addison-Wesley, Boston (1989)
Davida, G.I., Wells, D.L., Kam, J.B.: A database encryption system with subkeys. ACM Trans. Database Syst. 6(2), 312–328 (1981)
Davida, G.I., Wells, D.L., Kam, J.B.: Database Encryption and Decryption Circuit and Method Using Subkeys. U.S. Patent 4,375,579 (1983)
Delfs, H., Knebl, H.: Symmetric-key encryption. Introduction to Cryptography, pp. 11–31 (2007)
Friedlmaier, M., Tumasjan, A., Welpe, I.: Disrupting industries With Blockchain: the industry. Venture Capital Funding, and Regional Distribution of Blockchain Ventures (2016). Accessed 16 Jan 2017
Han, J., Haihong, E., Le, G., Du, J.: Survey on NoSQL Database. In: IEEE ICPCA 2011, pp. 363–366 (2011)
Hecht, R., Jablonski, S.: NoSQL evaluation: a use case oriented survey. In: IEEE ICCSC 2011, pp. 336–341 (2011)
Information is Beautiful: World’s Biggest Data Breaches (2018). http://www.informationisbeautiful.net/visualizations/worlds-biggest-data-breaches-hacks/
Kamara, S., Lauter, K.: Cryptographic cloud storage. In: Sion, R., Curtmola, R., Dietrich, S., Kiayias, A., Miret, J.M., Sako, K., Sebé, F. (eds.) FC 2010. LNCS, vol. 6054, pp. 136–149. Springer, Heidelberg (2010). https://doi.org/10.1007/978-3-642-14992-4_13
Lai, S., et al.: Result pattern hiding searchable encryption for conjunctive queries. In: ACM CCS 2018, pp. 745–762 (2018)
Lee, C.: Litecoin (2011). https://litecoin.org
Lei, A., Cruickshank, H., Cao, Y., Asuquo, P., Ogah, C.P.A., Sun, Z.: Blockchain-based dynamic key management for heterogeneous intelligent transportation systems. IEEE Internet Things J. 4(6), 1832–1843 (2017)
Lomas, N.: Everledger is Using Blockchain to Combat Fraud, Starting with Diamonds (2015). https://techcrunch.com/2015/06/29/everledger
McConaghy, T., et al.: BigchainDB: A Scalable Blockchain Database (2016). https://mycourses.aalto.fi/pluginfile.php/378362/mod_resource/content/1/bigchaindb-whitepaper.pdf
Mettler, M.: Blockchain technology in healthcare: the revolution starts here. In: IEEE HealthCom 2016, pp. 1–3 (2016)
Miller, F.P., Vandome, A.F., McBrewster, J.: Advanced Encryption Standard. Alpha Press, Orlando (2009)
MySQL, A.: MySQL Database Server (2004). http://www.mysql.com
Nakamoto, S.: Bitcoin: A Peer-to-Peer Electronic Cash System (2008). https://bitcoin.org/bitcoin.pdf
Popa, R.A., Redfield, C., Zeldovich, N., Balakrishnan, H.: CryptDB: protecting confidentiality with encrypted query processing. In: ACM SOSP 2011, pp. 85–100 (2011)
Shmueli, E., Vaisenberg, R., Elovici, Y., Glezer, C.: Database encryption: an overview of contemporary challenges and design considerations. ACM SIGMOD Record 38(3), 29–34 (2010)
Sun, S.F., et al.: Practical backward-secure searchable encryption from symmetric puncturable encryption. In: ACM CCS 2018, pp. 763–780 (2018)
Wang, C., Chow, S.S., Wang, Q., Ren, K., Lou, W.: Privacy-preserving public auditing for secure cloud storage. IEEE Trans. Comput. 62(2), 362–375 (2013)
Wang, J., Chen, X., Sun, S.-F., Liu, J.K., Au, M.H., Zhan, Z.-H.: Towards efficient verifiable conjunctive keyword search for large encrypted database. In: Lopez, J., Zhou, J., Soriano, M. (eds.) ESORICS 2018, Part II. LNCS, vol. 11099, pp. 83–100. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-98989-1_5
Waters, B.: Ciphertext-policy attribute-based encryption: an expressive, efficient, and provably secure realization. In: Catalano, D., Fazio, N., Gennaro, R., Nicolosi, A. (eds.) PKC 2011. LNCS, vol. 6571, pp. 53–70. Springer, Heidelberg (2011). https://doi.org/10.1007/978-3-642-19379-8_4
Zuo, C., Sun, S.-F., Liu, J.K., Shao, J., Pieprzyk, J.: Dynamic searchable symmetric encryption schemes supporting range queries with forward (and backward) security. In: Lopez, J., Zhou, J., Soriano, M. (eds.) ESORICS 2018, Part II. LNCS, vol. 11099, pp. 228–246. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-98989-1_12
Zyskind, G., Nathan, O., et al.: Decentralizing privacy: using Blockchain to Protect Personal Data. In: IEEE SPW 2015, pp. 180–184 (2015)
Acknowledgments
The authors are grateful to the Inscrypt 2018 anonymous reviewers for their helpful comments. This work is supported by the National Natural Science Foundation of China (No. 61571191), the “Dawn” Program of Shanghai Municipal Education Commission (No. 16SG21) and the Monash-HKPU-Collinstar Blockchain Research Lab.
Author information
Authors and Affiliations
Corresponding authors
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2019 Springer Nature Switzerland AG
About this paper
Cite this paper
Sui, Z., Lai, S., Zuo, C., Yuan, X., Liu, J.K., Qian, H. (2019). An Encrypted Database with Enforced Access Control and Blockchain Validation. In: Guo, F., Huang, X., Yung, M. (eds) Information Security and Cryptology. Inscrypt 2018. Lecture Notes in Computer Science(), vol 11449. Springer, Cham. https://doi.org/10.1007/978-3-030-14234-6_14
Download citation
DOI: https://doi.org/10.1007/978-3-030-14234-6_14
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-14233-9
Online ISBN: 978-3-030-14234-6
eBook Packages: Computer ScienceComputer Science (R0)