Abstract
There are a few reliable privacy mechanisms for cloud applications. Data usually needs to be decrypted in order to be processed by the cloud service provider. In this paper we explore how an encrypted database can (technically) ensure privacy. We study the use case of a mobile personalized healthcare app. We show that an encrypted database can ensure data protection against a cloud service provider. Furthermore we show that if privacy is considered in application design, higher protection levels can be achieved, although encrypted database are a transparent privacy and security mechanism.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsPreview
Unable to display preview. Download preview PDF.
References
Agrawal, D., Abbadi, A.E., Emekçi, F., Metwally, A.: Database management as a service: challenges and opportunities. In: Proceedings of the 25th International Conference on Data Engineering, ICDE (2009)
Agrawal, R., Kiernan, J., Srikant, R., Xu, Y.: Order preserving encryption for numeric data. In: Proceedings of the 2004 ACM International Conference on Management of Data, SIGMOD (2004)
Bellare, M., Boldyreva, A., O’Neill, A.: Deterministic and efficiently searchable encryption. In: Menezes, A. (ed.) CRYPTO 2007. LNCS, vol. 4622, pp. 535–552. Springer, Heidelberg (2007)
Boldyreva, A., Chenette, N., Lee, Y., O’Neill, A.: Order-preserving symmetric encryption. In: Joux, A. (ed.) EUROCRYPT 2009. LNCS, vol. 5479, pp. 224–241. Springer, Heidelberg (2009)
Boldyreva, A., Chenette, N., O’Neill, A.: Order-preserving encryption revisited: improved security analysis and alternative solutions. In: Rogaway, P. (ed.) CRYPTO 2011. LNCS, vol. 6841, pp. 578–595. Springer, Heidelberg (2011)
Catrina, O., Kerschbaum, F.: Fostering the uptake of secure multiparty computation in e-commerce. In: Proceedings of the 3rd International Conference on Availability, Reliability and Security, ARES (2008)
Chaves, L.W.F., Kerschbaum, F.: Industrial privacy in rfid-based batch recalls. In: Proceedings of the International Workshop on Security and Privacy in Enterprise Computing, INSPEC (2008)
Curino, C., Jones, E.P.C., Popa, R.A., Malviya, N., Wu, E., Madden, S., Balakrishnan, H., Zeldovich, N.: Relational cloud: A database-as-a-service for the cloud. In: Proceedings of the 5th Conference on Innovative Data Systems Research, CIDR (2011)
Re. Curtmola, J., Garay, S., Kamara, R.: Ostrovsky.: Searchable symmetric encryption: improved definitions and efficient constructions. Journal of Computer Security 19(5) (2011)
Dreier, J., Kerschbaum, F.: Practical privacy-preserving multiparty linear programming based on problem transformation. In: Proceedings of the 3rd IEEE International Conference on Privacy, Security, Risk and Trust, PASSA (2011)
Hacigümüs, H., Iyer, B., Mehrotra, S.: Efficient execution of aggregation queries over encrypted relational databases. In: Lee, Y., Li, J., Whang, K.-Y., Lee, D. (eds.) DASFAA 2004. LNCS, vol. 2973, pp. 125–136. Springer, Heidelberg (2004)
Hacigümüs, H., Iyer, B.R., Li, C., Mehrotra, S.: Executing sql over encrypted data in the database-service-provider model. In: Proceedings of the 2002 ACM International Conference on Management of Data, SIGMOD (2002)
Hacigümüs, H., Mehrotra, S., Iyer, B.R.: Providing database as a service. In: Proceedings of the 18th International Conference on Data Engineering, ICDE (2002)
Islam, M., Kuzu, M., Kantarcioglu, M.: Access pattern disclosure on searchable encryption: ramification, attack and mitigation. In: Proceedings of the 19th Network and Distributed System Security Symposium, NDSS (2012)
Kerschbaum, F.: Simple cross-site attack prevention. In: Proceedings of the 3rd International Conference on Security and Privacy in Communications Networks, SECURECOMM (2007)
Kerschbaum, F.: Building a privacy-preserving benchmarking enterprise system. Enterprise Information Systems 2(4) (2008)
Kerschbaum, F.: An access control model for mobile physical objects. In: Proceedings of the 15th ACM Symposium on Access Control Models and Technologies, SACMAT (2010)
Kerschbaum, F.: Automatically optimizing secure computation. In: Proceedings of the 18th ACM Conference on Computer and Communications Security, CCS (2011)
Kerschbaum, F., Biswas, D., de Hoogh, S.: Performance comparison of secure comparison protocols. In: Proceedings of the International Workshop on Business Processes Security, WSBPS (2009)
Kerschbaum, F., Härterich, M., Grofig, P., Kohler, M., Schaad, A., Schröpfer, A., Tighzert, W.: Optimal re-encryption strategy for joins in encrypted databases. In: Wang, L., Shafiq, B. (eds.) DBSec 2013. LNCS, vol. 7964, pp. 195–210. Springer, Heidelberg (2013)
Kerschbaum, F., Härterich, M., Kohler, M., Hang, I., Schaad, A., Schröpfer, A., Tighzert, W.: An encrypted in-memory column-store: the onion selection problem. In: Bagchi, A., Ray, I. (eds.) ICISS 2013. LNCS, vol. 8303, pp. 14–26. Springer, Heidelberg (2013)
Kerschbaum, F., Oertel, N.: Privacy-preserving pattern matching for anomaly detection in rfid anti-counterfeiting. In: Ors Yalcin, S.B. (ed.) RFIDSec 2010. LNCS, vol. 6370, pp. 124–137. Springer, Heidelberg (2010)
Kerschbaum, F., Sorniotti, A.: Rfid-based supply chain partner authentication and key agreement. In: Proceedings of the 2nd ACM Conference on Wireless Network Security, WISEC (2009)
Kerschbaum, F., Terzidis, O.: Filtering for private collaborative benchmarking. In: Müller, G. (ed.) ETRICS 2006. LNCS, vol. 3995, pp. 409–422. Springer, Heidelberg (2006)
Paillier, P.: Public-key cryptosystems based on composite degree residuosity classes. In: Stern, J. (ed.) EUROCRYPT 1999. LNCS, vol. 1592, pp. 223–228. Springer, Heidelberg (1999)
Pibernik, R., Zhang, Y., Kerschbaum, F., Schröpfer, A.: Secure collaborative supply chain planning and inverse optimization–the jels model. European Journal of Operational Research 208(1) (2011)
Pohlig, S.C., Hellman, M.E.: An improved algorithm for computing logarithms over gf(p) and its cryptographic significance. IEEE Transactions on Information Theory 24(1), 106–110 (1978)
Popa, R.A., Li, F.H., Zeldovich, N.: An ideal-security protocol for order-preserving encoding. In: Proceedings of the 34th IEEE Symposium on Security and Privacy (2013)
Popa, R.A., Redfield, C.M.S., Zeldovich, N., Balakrishnan, H.: Cryptdb: protecting confidentiality with encrypted query processing. In: Proceedings of the 23rd ACM Symposium on Operating Systems Principles, SOSP (2011)
Schröpfer, A., Kerschbaum, F., Müller, G.: L1 – an intermediate language for mixed-protocol secure computation. In: Proceedings of the 35th IEEE Computer Software and Applications Conference, COMPSAC (2011)
Tu, S., Kaashoek, M.F., Madden, S., Zeldovich, N.: Processing analytical queries over encrypted data. In: Proceedings of the 39th International Conference on Very Large Data Bases, PVLDB (2013)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2014 Springer International Publishing Switzerland
About this paper
Cite this paper
Grofig, P. et al. (2014). Privacy by Encrypted Databases. In: Preneel, B., Ikonomou, D. (eds) Privacy Technologies and Policy. APF 2014. Lecture Notes in Computer Science, vol 8450. Springer, Cham. https://doi.org/10.1007/978-3-319-06749-0_4
Download citation
DOI: https://doi.org/10.1007/978-3-319-06749-0_4
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-06748-3
Online ISBN: 978-3-319-06749-0
eBook Packages: Computer ScienceComputer Science (R0)