research-article

Initial Encryption of large Searchable Data Sets using Hadoop

Authors:

Feng Wang,

Mathias Kohler,

Andreas SchaadAuthors Info & Claims

SACMAT '15: Proceedings of the 20th ACM Symposium on Access Control Models and Technologies

Pages 165 - 168

https://doi.org/10.1145/2752952.2752960

Published: 01 June 2015 Publication History

Get Access

Abstract

With the introduction and the widely use of external hosted infrastructures, secure storage of sensitive data becomes more and more important. There are systems available to store and query encrypted data in a database, but not all applications may start with empty tables rather than having sets of legacy data. Hence, there is a need to transform existing plaintext databases to encrypted form. Usually existing enterprise databases may contain terabytes of data. A single machine would require many months for the initial encryption of a large data set. We propose encrypting data in parallel using a Hadoop cluster which is a simple five step process including the Hadoop set up, target preparation, source data import, encrypting the data, and finally exporting it to the target. We evaluated our solution on real world data and report on performance and data consumption. The results show that encrypting data in parallel can be done in a very scalable manner. Using a parallelized encryption cluster compared to a single server machine reduces the encryption time from months down to days or even hours.

References

[1]

Popa, R. A., Redfield, C., Zeldovich, N., & Balakrishnan, H. 2011. Cryptdb: protecting confidentiality with encrypted query processing. In Proceedings of the Twenty-Third ACM Symposium on Operating Systems Principles.

Digital Library

Google Scholar

[2]

Boldyreva, A., Chenette, N., Lee, Y., & O'neill, A. 2009. Order-preserving symmetric encryption. In Advances in Cryptology - EUROCRYPT.

Digital Library

Google Scholar

[3]

Paillier, P. 1999. Public-key cryptosystems based on composite degree residuosity classes. In Advances in cryptology - EUROCRYPT.

Digital Library

Google Scholar

[4]

Pohlig, S. C., Hellman, M. E. 1978. An improved algorithm for computing logarithms over and its cryptographic significance (corresp.). In Transactions on Information Theory.

Digital Library

Google Scholar

[5]

Apache Hadoop. http://hadoop.apache.org/.

Google Scholar

[6]

Apache Sqoop. http://sqoop.apache.org/.

Google Scholar

[7]

Apache Oozie. http://oozie.apache.org/.

Google Scholar

[8]

Apache Ambari. http://ambari.apache.org/.

Google Scholar

[9]

SAP HANA. http://hana.sap.com/abouthana.html.

Google Scholar

[10]

SAP HANA 'IMPORT FROM'. http://help.sap.com/saphelp_hanaplatform/helpdata/en/20/f712e175191014907393741fadcb97/content.htm.

Google Scholar

[11]

SAP Simple Finance aka sFIN. http://scn.sap.com/docs/DOC-59882.

Google Scholar

[12]

Kerschbaum et al. 2013. Optimal Re-Emcryption Strategy for Joins in Encrypted Databases. In Working Conference on Data and Applications Security and Privacy (DBSec).

Digital Library

Google Scholar

[13]

Florian Kerschbaum et al. 2013. Adjustably encrypted in-memory column-store. In ACM Conference on Computer and Communications Security.

Digital Library

Google Scholar

Cited By

View all

Kayem AVester CMeinel C(2016)Automated k-Anonymization and l-Diversity for Shared Data PrivacyProceedings, Part I, 27th International Conference on Database and Expert Systems Applications - Volume 982710.1007/978-3-319-44403-1_7(105-120)Online publication date: 5-Sep-2016
https://dl.acm.org/doi/10.1007/978-3-319-44403-1_7

Index Terms

Initial Encryption of large Searchable Data Sets using Hadoop

Recommendations

Symmetric Searchable Encryption for Database Applications
NBIS '11: Proceedings of the 2011 14th International Conference on Network-Based Information Systems

This paper proposes an efficient symmetric searchable encryption to achieve indistinguishability of indexes and trapdoors. Previous symmetric searchable encryptions are either insecure because their trapdoor generation algorithms are not probabilistic ...
Mis-operation Resistant Searchable Homomorphic Encryption
ASIA CCS '17: Proceedings of the 2017 ACM on Asia Conference on Computer and Communications Security

Let us consider a scenario that a data holder (e.g., a hospital) encrypts a data (e.g., a medical record) which relates a keyword (e.g., a disease name), and sends its ciphertext to a server. We here suppose not only the data but also the keyword should ...
Towards asymmetric searchable encryption with message recovery and flexible search authorization
ASIA CCS '13: Proceedings of the 8th ACM SIGSAC symposium on Information, computer and communications security

When outsourcing data to third-party servers, searchable encryption is an important enabling technique which simultaneously allows the data owner to keep his data in encrypted form and the third-party servers to search in the ciphertexts. Motivated by ...

Comments

Information & Contributors

Information

Published In

SACMAT '15: Proceedings of the 20th ACM Symposium on Access Control Models and Technologies

June 2015

242 pages

ISBN:9781450335560

DOI:10.1145/2752952

General Chair:
Edgar Weippl
SBA Research, Austria
,
Program Chairs:
Florian Kerschbaum
SAP, Germany
,
Adam J. Lee
University of Pittsburgh, USA

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than the author(s) must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected].

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 01 June 2015

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Conference

SACMAT '15

Sponsor:

SIGSAC

SACMAT '15: 20th ACM Symposium on Access Control Models and Technologies

June 1 - 3, 2015

Vienna, Austria

Acceptance Rates

SACMAT '15 Paper Acceptance Rate 17 of 59 submissions, 29%;

Overall Acceptance Rate 177 of 597 submissions, 30%

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

1
Total Citations
View Citations
298
Total Downloads

Downloads (Last 12 months)2
Downloads (Last 6 weeks)0

Reflects downloads up to 05 Mar 2025

Other Metrics

View Author Metrics

Citations

Cited By

View all

Kayem AVester CMeinel C(2016)Automated k-Anonymization and l-Diversity for Shared Data PrivacyProceedings, Part I, 27th International Conference on Database and Expert Systems Applications - Volume 982710.1007/978-3-319-44403-1_7(105-120)Online publication date: 5-Sep-2016
https://dl.acm.org/doi/10.1007/978-3-319-44403-1_7

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

Abstract

References

Cited By

Index Terms

Recommendations

Symmetric Searchable Encryption for Database Applications

Mis-operation Resistant Searchable Homomorphic Encryption

Towards asymmetric searchable encryption with message recovery and flexible search authorization

Comments

Information

Published In

Sponsors

Publisher

Publication History

Permissions

Check for updates

Author Tags

Qualifiers

Conference

Acceptance Rates

Contributors

Other Metrics

Bibliometrics

Article Metrics

Other Metrics

Citations

Cited By

Login options

Full Access

View options

PDF

eReader

Share

Share this Publication link

Share on social media

Affiliations