A Comparative Study and Analysis of Query in Encrypted Databases

تعد البيانات اليوم هي الموجود الرئيسي للشركات وأعمالها. عادة ما يتم تخزين هذه البيانات في قاعدة البيانات. يجب أن تكون جميع أنظمة قواعد البيانات قادرة على الاستجابة لطلبات الحصول على معلومات من المستخدم وهي استعلامات العمليات. هناك حاجة إلى خوارزميات التشفير التي توفر القدرة على الاستعلام عبر قاعدة البيانات المشفرة وتتيح تحسين تشفير وفك تشفير البيانات. ومع ذلك ، تطبيق خوارزميات التشفير على قاعدة البيانات المشفرة يعتبر التحدي الذي ينشأ هو في  انخفاض اداء النظام الناتج عن نشر خوارزمية التشفير في وقت التشغيل. لذلك ، تعرض هذه الورقة معظم الأعمال الحديثة التي تم إجراؤها على معالجة الاستعلام في  قاعدة البيانات المشفرة وتحليلها لتوضيح تحليل الأداء ، بناءً على مقاييس أداء مختلفة في كل عمل ذي صلةData is the main asset of the modern companies and their businesses. Typically, it is stored in the data-base. Every database system has to be capable of responding to information requests from users, which is queries of the process. Encryption mechanisms are required, which give the capability to the query over the encrypted data-base and permit the optimization of data encryption and decryption. However, applying encryption algorithms on Encrypted database then challenge arises that the efficiency of the system degrades on deploying encryption algorithm on the runtime. Therefore, this paper presents most of the recent works that have been conducted on the query preprocessing of encrypted database and analyzes them to clarify the performance analysis, based on different performance metrics in each related work

Tunable Security for Deployable Data Outsourcing

Security mechanisms like encryption negatively affect other software quality characteristics like efficiency. To cope with such trade-offs, it is preferable to build approaches that allow to tune the trade-offs after the implementation and design phase. This book introduces a methodology that can be used to build such tunable approaches. The book shows how the proposed methodology can be applied in the domains of database outsourcing, identity management, and credential management

Enforcing database security on cloud using a trusted third party based model

Cloud computing offers a considerable number of advantages to clients and organizations that use several capabilities to store sensitive data, interact with applications, or use technology infrastructure to perform daily activities. The development of new models in cloud computing brings with it a series of elements that must be considered by companies, particularly when the sensitive data needs to be protected. There are some concerns related to security that need to be taken into consideration when a service provider manage and store the data in a location outside the company. In this research, a model that uses a trusted third party (TPP) to enforce the database security in the cloud is proposed. The model describes how a client processes a query securely by using encryption mechanisms and partitioning methods. The client establishes the communication with the TPP to retrieve the data from a cloud storage service. The TPP has two primary functions. First, perform a partition process over the data by using an index from one of the attributes in the table. As a result, the TPP sends to the cloud server the records in encrypted format with an index. Second, the TPP analyzes the client query to retrieve a segment of the data from the cloud based on the query conditions. The final result is submitted to the client in which a minimum workload is executed. Some simulations were performed to evaluate the efficiency of the model by using two partition techniques: Histogram based and Mondrian or Bisection Tree based partition. The strategy of the model is to process as much of the work at the TPP site and securely transmit the result. Using encrypted record in the cloud storage service prevents the provider to have any knowledge about the data and enforces the security of the database

Confidential Data-Outsourcing and Self-Optimizing P2P-Networks: Coping with the Challenges of Multi-Party Systems

This work addresses the inherent lack of control and trust in Multi-Party Systems at the examples of the Database-as-a-Service (DaaS) scenario and public Distributed Hash Tables (DHTs). In the DaaS field, it is shown how confidential information in a database can be protected while still allowing the external storage provider to process incoming queries. For public DHTs, it is shown how these highly dynamic systems can be managed by facilitating monitoring, simulation, and self-adaptation

Confidentiality Protection in Large Databases

A growing trend in today\u2019s society is outsourcing large databases to the cloud. This permits to move the management burden from the data owner to external providers, which can make vast and scalable infrastructures available at competitive prices. Since large databases can include sensitive information, effective protection of data confidentiality is a key issue to fully enable data owners to enjoy the benefits of cloud-based solutions. Data encryption and data fragmentation have been proposed as two natural solutions for protecting data confidentiality. However, their adoption does not permit to completely delegate query evaluation at the provider. In this chapter, we illustrate some encryption-based and fragmentation-based solutions for protecting data confidentiality, discussing also how they support query execution

Harnessing the Power of Distributed Computing: Advancements in Scientific Applications, Homomorphic Encryption, and Federated Learning Security

Data explosion poses lot of challenges to the state-of-the art systems, applications, and methodologies. It has been reported that 181 zettabytes of data are expected to be generated in 2025 which is over 150\% increase compared to the data that is expected to be generated in 2023. However, while system manufacturers are consistently developing devices with larger storage spaces and providing alternative storage capacities in the cloud at affordable rates, another key challenge experienced is how to effectively process the fraction of large scale of stored data in time-critical conventional systems. One transformative paradigm revolutionizing the processing and management of these large data is distributed computing whose application requires deep understanding. This dissertation focuses on exploring the potential impact of applying efficient distributed computing concepts to long existing challenges or issues in (i) a widely data-intensive scientific application (ii) applying homomorphic encryption to data intensive workloads found in outsourced databases and (iii) security of tokenized incentive mechanism for Federated learning (FL) systems.The first part of the dissertation tackles the Microelectrode arrays (MEAs) parameterization problem from an orthogonal viewpoint enlightened by algebraic topology, which allows us to algebraically parametrize MEAs whose structure and intrinsic parallelism are hard to identify otherwise. We implement a new paradigm, namely Parma, to demonstrate the effectiveness of the proposed approach and report how it outperforms the state-of-the-practice in time, scalability, and memory usage.The second part discusses our work on introducing the concept of parallel caching of secure aggregation to mitigate the performance overhead incurred by the HE module in outsourced databases. The key idea of this optimization approach is caching selected radix-ciphertexts in parallel without violating existing security guarantees of the primitive/base HE scheme. A new radix HE algorithm was designed and applied to both batch and incremental HE schemes, and experiments carried out on six workloads show that the proposed caching boost state-of-the-art HE schemes by high orders of magnitudes.In the third part, I will discuss our work on leveraging the security benefit of blockchains to enhance or protect the fairness and reliability of tokenized incentive mechanism for FL systems. We designed a blockchain-based auditing protocol to mitigate Gaussian attacks and carried out experiments with multiple FL aggregation algorithms, popular data sets and a variety of scales to validate its effectiveness