1,737 research outputs found
SoK: Cryptographically Protected Database Search
Protected database search systems cryptographically isolate the roles of
reading from, writing to, and administering the database. This separation
limits unnecessary administrator access and protects data in the case of system
breaches. Since protected search was introduced in 2000, the area has grown
rapidly; systems are offered by academia, start-ups, and established companies.
However, there is no best protected search system or set of techniques.
Design of such systems is a balancing act between security, functionality,
performance, and usability. This challenge is made more difficult by ongoing
database specialization, as some users will want the functionality of SQL,
NoSQL, or NewSQL databases. This database evolution will continue, and the
protected search community should be able to quickly provide functionality
consistent with newly invented databases.
At the same time, the community must accurately and clearly characterize the
tradeoffs between different approaches. To address these challenges, we provide
the following contributions:
1) An identification of the important primitive operations across database
paradigms. We find there are a small number of base operations that can be used
and combined to support a large number of database paradigms.
2) An evaluation of the current state of protected search systems in
implementing these base operations. This evaluation describes the main
approaches and tradeoffs for each base operation. Furthermore, it puts
protected search in the context of unprotected search, identifying key gaps in
functionality.
3) An analysis of attacks against protected search for different base
queries.
4) A roadmap and tools for transforming a protected search system into a
protected database, including an open-source performance evaluation platform
and initial user opinions of protected search.Comment: 20 pages, to appear to IEEE Security and Privac
Equivalence-based Security for Querying Encrypted Databases: Theory and Application to Privacy Policy Audits
Motivated by the problem of simultaneously preserving confidentiality and
usability of data outsourced to third-party clouds, we present two different
database encryption schemes that largely hide data but reveal enough
information to support a wide-range of relational queries. We provide a
security definition for database encryption that captures confidentiality based
on a notion of equivalence of databases from the adversary's perspective. As a
specific application, we adapt an existing algorithm for finding violations of
privacy policies to run on logs encrypted under our schemes and observe low to
moderate overheads.Comment: CCS 2015 paper technical report, in progres
Data Querying with Ciphertext Policy Attribute Based Encryption
Data encryption limits the power and efficiency of queries. Direct processing
of encrypted data should ideally be possible to avoid the need for data
decryption, processing, and re-encryption. It is vital to keep the data
searchable and sortable. That is, some information is intentionally leaked.
This intentional leakage technology is known as "querying over encrypted data
schemes", which offer confidentiality as well as querying over encrypted data,
but it is not meant to provide flexible access control. This paper suggests the
use of Ciphertext Policy Attributes Based Encryption (CP-ABE) to address three
security requirements, namely: confidentiality, queries over encrypted data,
and flexible access control. By combining flexible access control and data
confidentiality, CP-ABE can authenticate who can access data and possess the
secret key. Thus, this paper identifies how much data leakage there is in order
to figure out what kinds of operations are allowed when data is encrypted by
CP-ABE
Enabling Secure Database as a Service using Fully Homomorphic Encryption: Challenges and Opportunities
The database community, at least for the last decade, has been grappling with
querying encrypted data, which would enable secure database as a service
solutions. A recent breakthrough in the cryptographic community (in 2009)
related to fully homomorphic encryption (FHE) showed that arbitrary computation
on encrypted data is possible. Successful adoption of FHE for query processing
is, however, still a distant dream, and numerous challenges have to be
addressed. One challenge is how to perform algebraic query processing of
encrypted data, where we produce encrypted intermediate results and operations
on encrypted data can be composed. In this paper, we describe our solution for
algebraic query processing of encrypted data, and also outline several other
challenges that need to be addressed, while also describing the lessons that
can be learnt from a decade of work by the database community in querying
encrypted data
Privacy Preserving Cyber Threat Intelligence Sharing Framework for Encrypted Analytics
This research focuses on the creation of an encrypted Cyber Threat Intelligence (CTI) sharing framework that supports encrypted data analytics with privacy preservation. It aims to support analytical computation in a centralized node without allowing that node to see any of the plain-text data.To enable privacy preservation of the data and its users, we structured the data into a graph structure that allows traversal over the encrypted data. We used Ciphertext-Policy Attribute-Based Encryption (CPABE), Deterministic Encryption (DE), and Order Revealing Encryption(ORE) to ensure end-to-end encrypted sharing of Cyber threat data. In this work we also cover CYBersecurity information EXchange with Privacy (CYBEX-P) and CYBEX-P with Encrypted Analytics, the precursor projects onwhich the framework is based. Our research aims to solve one of the biggest problems that CTI sharing has: securing the privacy of the data once it leaves the user’s premises. We focus on eliminating attack surfaces present in centralized systems, that is, the attack surface attackers had over the Backend and the surface the Backend has against the system. We also focused on maintaining as many capabilities of a CTI sharing platform, that is, CTI sharing and centralized analytics
- …