SoK: Cryptographically Protected Database Search

Protected database search systems cryptographically isolate the roles of reading from, writing to, and administering the database. This separation limits unnecessary administrator access and protects data in the case of system breaches. Since protected search was introduced in 2000, the area has grown rapidly; systems are offered by academia, start-ups, and established companies. However, there is no best protected search system or set of techniques. Design of such systems is a balancing act between security, functionality, performance, and usability. This challenge is made more difficult by ongoing database specialization, as some users will want the functionality of SQL, NoSQL, or NewSQL databases. This database evolution will continue, and the protected search community should be able to quickly provide functionality consistent with newly invented databases. At the same time, the community must accurately and clearly characterize the tradeoffs between different approaches. To address these challenges, we provide the following contributions: 1) An identification of the important primitive operations across database paradigms. We find there are a small number of base operations that can be used and combined to support a large number of database paradigms. 2) An evaluation of the current state of protected search systems in implementing these base operations. This evaluation describes the main approaches and tradeoffs for each base operation. Furthermore, it puts protected search in the context of unprotected search, identifying key gaps in functionality. 3) An analysis of attacks against protected search for different base queries. 4) A roadmap and tools for transforming a protected search system into a protected database, including an open-source performance evaluation platform and initial user opinions of protected search.Comment: 20 pages, to appear to IEEE Security and Privac

Description and Experience of the Clinical Testbeds

This deliverable describes the up-to-date technical environment at three clinical testbed demonstrator sites of the 6WINIT Project, including the adapted clinical applications, project components and network transition technologies in use at these sites after 18 months of the Project. It also provides an interim description of early experiences with deployment and usage of these applications, components and technologies, and their clinical service impact

Tunable Security for Deployable Data Outsourcing

Security mechanisms like encryption negatively affect other software quality characteristics like efficiency. To cope with such trade-offs, it is preferable to build approaches that allow to tune the trade-offs after the implementation and design phase. This book introduces a methodology that can be used to build such tunable approaches. The book shows how the proposed methodology can be applied in the domains of database outsourcing, identity management, and credential management

Strategies for Small Scale Vendors in India to Approach Lower Mainland Companies

The top IT companies in India are interested in high value projects from Canada, while several small companies in India would be interested in accepting small-scale projects from Canada. This project develops strategies through which small-scale vendors in India may approach Lower Mainland companies for their smaller projects. Through a survey on Lower Mainland companies, the project recommends that small-scale Indian vendors should differentiate themselves through economies of scope, not necessarily through achieving quality, but by building a strong reference list through previous work with other clients. Vendors should also prepare a differentiation strategy with respect to other countries and provide a strong level of communications with the client through a local contact. Vendors should not accept more than a 20% advance and should finish projects with no time overrun in order to improve client response

Implementing a Business Process Management System Using ADEPT: A Real-World Case Study

This article describes how the agent-based design of ADEPT (advanced decision environment for processed tasks) and implementation philosophy was used to prototype a business process management system for a real-world application. The application illustrated is based on the British Telecom (BT) business process of providing a quote to a customer for installing a network to deliver a specified type of telecommunication service. Particular emphasis is placed upon the techniques developed for specifying services, allowing heterogeneous information models to interoperate, allowing rich and flexible interagent negotiation to occur, and on the issues related to interfacing agent-based systems and humans. This article builds upon the companion article (Applied Artificial Intelligence Vol.14, no 2, pgs. 145-189) that provides details of the rationale and design of the ADEPT technology deployed in this application

Hidden in the Cloud : Advanced Cryptographic Techniques for Untrusted Cloud Environments

In the contemporary digital age, the ability to search and perform operations on encrypted data has become increasingly important. This significance is primarily due to the exponential growth of data, often referred to as the "new oil," and the corresponding rise in data privacy concerns. As more and more data is stored in the cloud, the need for robust security measures to protect this data from unauthorized access and misuse has become paramount. One of the key challenges in this context is the ability to perform meaningful operations on the data while it remains encrypted. Traditional encryption techniques, while providing a high level of security, render the data unusable for any practical purpose other than storage. This is where advanced cryptographic protocols like Symmetric Searchable Encryption (SSE), Functional Encryption (FE), Homomorphic Encryption (HE), and Hybrid Homomorphic Encryption (HHE) come into play. These protocols not only ensure the confidentiality of data but also allow computations on encrypted data, thereby offering a higher level of security and privacy. The ability to search and perform operations on encrypted data has several practical implications. For instance, it enables efficient Boolean queries on encrypted databases, which is crucial for many "big data" applications. It also allows for the execution of phrase searches, which are important for many machine learning applications, such as intelligent medical data analytics. Moreover, these capabilities are particularly relevant in the context of sensitive data, such as health records or financial information, where the privacy and security of user data are of utmost importance. Furthermore, these capabilities can help build trust in digital systems. Trust is a critical factor in the adoption and use of digital services. By ensuring the confidentiality, integrity, and availability of data, these protocols can help build user trust in cloud services. This trust, in turn, can drive the wider adoption of digital services, leading to a more inclusive digital society. However, it is important to note that while these capabilities offer significant advantages, they also present certain challenges. For instance, the computational overhead of these protocols can be substantial, making them less suitable for scenarios where efficiency is a critical requirement. Moreover, these protocols often require sophisticated key management mechanisms, which can be challenging to implement in practice. Therefore, there is a need for ongoing research to address these challenges and make these protocols more efficient and practical for real-world applications. The research publications included in this thesis offer a deep dive into the intricacies and advancements in the realm of cryptographic protocols, particularly in the context of the challenges and needs highlighted above. Publication I presents a novel approach to hybrid encryption, combining the strengths of ABE and SSE. This fusion aims to overcome the inherent limitations of both techniques, offering a more secure and efficient solution for key sharing and access control in cloud-based systems. Publication II further expands on SSE, showcasing a dynamic scheme that emphasizes forward and backward privacy, crucial for ensuring data integrity and confidentiality. Publication III and Publication IV delve into the potential of MIFE, demonstrating its applicability in real-world scenarios, such as designing encrypted private databases and additive reputation systems. These publications highlight the transformative potential of MIFE in bridging the gap between theoretical cryptographic concepts and practical applications. Lastly, Publication V underscores the significance of HE and HHE as a foundational element for secure protocols, emphasizing its potential in devices with limited computational capabilities. In essence, these publications not only validate the importance of searching and performing operations on encrypted data but also provide innovative solutions to the challenges mentioned. They collectively underscore the transformative potential of advanced cryptographic protocols in enhancing data security and privacy, paving the way for a more secure digital future

Encryption Performance Improvements of the Paillier Cryptosystem

Homomorphic encryption methods provide a way to outsource computations to the cloud while protecting the confidentiality of the data. In order to deal with the large and growing data sets that are being processed nowadays, good encryption performance is an important step for practicality of homomorphic encryption methods. In this article, we study the encryption performance of the Paillier cryptosystem, a partially homomorphic cryptosystem that allows to perform sums on encrypted data without having to decrypt first. With a combination of both new and known methods, we increase the encryption performance by orders of magnitude compared to a naïve implementation. The new methods reduce the bottleneck of noise calculation by using pre-computed noise to generate new noise in a much faster way than by using standard methods

Practical yet Provably Secure: Complex Database Query Execution over Encrypted Data

Encrypted databases provide security for outsourced data. In this work novel encryption schemes supporting different database query types are presented enabling complex database queries over encrypted data. For specific constructions enabling exact keyword queries, range queries, database joins and substring queries over encrypted data we prove security in a formal framework, present a theoretical runtime analysis and provide an assessment of practical performance characteristics

On the Effects of Forced Trust on Implementations of Small Smart Cities

As an increasing number of cities pursue the idea of becoming smart cities, the variety in different approaches to reach this goal also grows. They cover the use of a spectrum of implementations for, inter alia, information systems, smart networks, and public services. In order to operate, these smart cities have to process multiple types of data including personal information. Ultimately, the systems and services that process these data are decided by the city with limited opportunities for their citizens to influence the details of their implementations. In these situations the citizens have no choice but to trust their city with the operation of these systems and the processing of their personal information. This type of a relationship, forced trust, affects the smart city implementation both directly and indirectly. These effects include additional considerations by the city to guarantee the protection of the citizens’ privacy and the security of their personal data, as well as the impacts of forced trust on the willingness of the citizens to adopt the offered services. In this thesis, privacy protection, data protection and security, system reliability and safety, and user avoidance were identified as the four major domains of concern for citizens with regard to forced trust. These domains cover most of the main impacts smart city projects have on their citizens, such as ubiquitous data collection, scarcity of control over the utilisation of one’s personal data, and uncertainty of the dependability of critical information systems. Additionally, technological and methodological approaches were proposed to address each of the discussed concerns. These include implementation of privacy by design in the development of the smart city, use of trusted platforms in data processing, detection and alleviation of potential fault chains, and providing the citizens the means to monitor their personal data. Finally, these recommendations were considered in the context of a small smart city. The Salo smart city project was used as an example and the recommendations were applied to the planned aspects of the upcoming smart city, such as knowledge-based management, a smart city application for information sharing, and increased transparency and justifiability in governance