Abstract
With the increasing use of web services, many new challenges concerning data security are becoming critical. Data or applications can now be outsourced to powerful remote servers, which are able to provide services on behalf of the owners. Unfortunately, such hosts may not always be trustworthy. In [1,2], we presented a one-server computationally private tree traversal technique, which allows clients to outsource tree-structured data. In this paper, we extend this protocol to prevent a polynomial time server with large memory to use correlations in client queries and in data structures to learn private information about queries and data. We show that, when the proposed techniques are used, computational privacy is achieved even for non-uniformly distributed node accesses that are common in real databases.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Lin, P., Candan, K.S.: Hiding traversal of tree structured data from untrusted data stores. In: Proc. of the 2nd Inernational Workshop on Security In Informtion Systems, WOSIS 2004, pp. 314–323 (2004)
Lin, P., Candan, K.S. (2004) Ensuring privacy of tree structured data and queries from untrusted data stores. Information System Security, pp. 22–38 (May/June 2004)
Yang, X., Li, C.: Secure XML publishing without information leakage in the presence of data inference. In: VLDB 2004 (2004)
Hore, B., Mehrotra, S., Tsudik, G.: A privacy-preserving index for range queries. In: VLDB 2004 (2004)
Song, D.X., Wagner, D., Perrig, A.: Practical Techniques for Searches on Encrypted Data. In: IEEE Symposium on Security and Privacy 2000, pp. 44–55 (2000)
Damiani, E., Vimercati, S.D.C., Jajodia, S., Paraboschi, S., Samarati, P.: Balancing confidentiality and efficiency in untrusted relational DBMSs. In: Proc. of ACM Conference on Computer and Communications Security, pp. 93–102 (2003)
Hacigümüs, H., Iyer, B.R., Li, C., Mehrotra, S.: Executing SQL over encrypted data in the database-service-provider model. In: Proc. of ACM SIGMOD International Conference on Management of Data, Madison, Wisconsin, USA, June 3-6, pp. 216–227 (2002)
Paparizos, S., Al-Khalifa, S., Chapman, A., Jagadish, H.V., Lakshmanan, L.V.S., Nierman, A., Patel, J.M., Srivastava, D., Wiwatwattana, N., Wu, Y., Yu, C.: TIMBER: A Native XML Database for Querying XML. In: Proc. of ACM SIGMOD International Conference on Management of Data, San Diego, California, USA, June 9-12, p. 672 (2003)
Bertino, E., Carminati, B., Ferrari, E., Thuraisinggam, B.M., Gupta, A.: Selective and authentic third-party distribution of XML documents. MIT Sloan Working Paper No. 4343-02 (2002)
Bertino, E., Ferrari, E.: Secure and selective dissemination of XML documents. ACM Transactions on Information and System Security 5(3), 290–331 (2002)
Damiani, E., di Vimercati, S.D.C., Paraboschi, S., Samarati, P.: Securing XML documents. In: Proc. of the 7th International Conference on Extending Database Technology, Konstanz, Germany, March 27-31, pp. 121–135 (2000)
Smith, S.W., Safford, D.: Practical server privacy with secure coprocessors. IBM Systems Journal 40(3), 683–695 (2001)
Chor, B., Goldreich, O., Kushilevitz, E., Sudan, M.: Private information retrieval. In: Proc. of 36th IEEE Symposium on Foundations of Computer Science, Milwaukee, Wisconsin, USA, October 23-25, pp. 41–50 (1995)
Ambainis, A.: Upper bound on the communication complexity of private information retrieval. In: Degano, P., Gorrieri, R., Marchetti-Spaccamela, A. (eds.) ICALP 1997. LNCS, vol. 1256, pp. 401–407. Springer, Heidelberg (1997)
Beimel, A., Ishai, Y., Kushilevitz, E., Raymond, J.F.: Breaking the O(n 1/(2k − 1)) barrier for information-theoretic private information retrieval. In: Proc. of 43rd IEEE Symposium on Foundations of Computer Science, Vancouver, BC, Canada, November 16-19, pp. 261–270 (2002)
Chor, B., Gilboa, N.: Computationally private information retrieval. In: Proc. of the 29th Annual ACM Symposium on the Theory of Computing, El Paso, Texas, USA, May 4-6, pp. 304–313 (1997)
Kushilevitz, E., Ostrovsky, R.: Relication is not needed: single database. Computationally-private information retrieval. In: Proc. of the 38th IEEE Symposium on Foundations of Computer Science, Miami Beach, Florida, USA, October 19-22, pp. 365–373 (1997)
Beimel, A., Ishai, Y., Kushilevitz, E., Marlkin, T.: One way functions are essential for single-server private information retrieval. In: Proc. of the 31st Annual ACM Symposium on Theory of Computing, Atlanta, Georgia, USA, May 1-4, pp. 89–98 (1999)
Chang, Y.C.: Single database private information retrieval with logarithmic communication. eprint 2004/036 (2004)
Bouganim, L., Pucheral, P.: Chip-secured data access: confidencial data on untrusted servers. In: Proc. of 28th VLDB, Hongkong, China, pp. 131–142 (2002)
Bayer, R., Schkolnich, M.: Concurrency of operations on B-trees. Acta Informatica 9, 1–21 (1977)
Chor, B., Gilboa, N., Naor, M.: Private information retrieval by keywords. Technical Report TR CS0917. Technion Israel (1997)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2004 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Lin, P., Candan, K.S. (2004). Secure and Privacy Preserving Outsourcing of Tree Structured Data. In: Jonker, W., Petković, M. (eds) Secure Data Management. SDM 2004. Lecture Notes in Computer Science, vol 3178. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-30073-1_1
Download citation
DOI: https://doi.org/10.1007/978-3-540-30073-1_1
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-22983-4
Online ISBN: 978-3-540-30073-1
eBook Packages: Springer Book Archive