12,337 research outputs found
SoK: Cryptographically Protected Database Search
Protected database search systems cryptographically isolate the roles of
reading from, writing to, and administering the database. This separation
limits unnecessary administrator access and protects data in the case of system
breaches. Since protected search was introduced in 2000, the area has grown
rapidly; systems are offered by academia, start-ups, and established companies.
However, there is no best protected search system or set of techniques.
Design of such systems is a balancing act between security, functionality,
performance, and usability. This challenge is made more difficult by ongoing
database specialization, as some users will want the functionality of SQL,
NoSQL, or NewSQL databases. This database evolution will continue, and the
protected search community should be able to quickly provide functionality
consistent with newly invented databases.
At the same time, the community must accurately and clearly characterize the
tradeoffs between different approaches. To address these challenges, we provide
the following contributions:
1) An identification of the important primitive operations across database
paradigms. We find there are a small number of base operations that can be used
and combined to support a large number of database paradigms.
2) An evaluation of the current state of protected search systems in
implementing these base operations. This evaluation describes the main
approaches and tradeoffs for each base operation. Furthermore, it puts
protected search in the context of unprotected search, identifying key gaps in
functionality.
3) An analysis of attacks against protected search for different base
queries.
4) A roadmap and tools for transforming a protected search system into a
protected database, including an open-source performance evaluation platform
and initial user opinions of protected search.Comment: 20 pages, to appear to IEEE Security and Privac
A Rational and Efficient Algorithm for View Revision in Databases
The dynamics of belief and knowledge is one of the major components of any
autonomous system that should be able to incorporate new pieces of information.
In this paper, we argue that to apply rationality result of belief dynamics
theory to various practical problems, it should be generalized in two respects:
first of all, it should allow a certain part of belief to be declared as
immutable; and second, the belief state need not be deductively closed. Such a
generalization of belief dynamics, referred to as base dynamics, is presented,
along with the concept of a generalized revision algorithm for Horn knowledge
bases. We show that Horn knowledge base dynamics has interesting connection
with kernel change and abduction. Finally, we also show that both variants are
rational in the sense that they satisfy certain rationality postulates stemming
from philosophical works on belief dynamics
- …