Visible to the public Ensuring Query Completeness in Outsourced Database Using Order-Preserving Encryption

TitleEnsuring Query Completeness in Outsourced Database Using Order-Preserving Encryption
Publication TypeConference Paper
Year of Publication2019
AuthorsShen, N., Yeh, J., Chen, C., Chen, Y., Zhang, Y.
Conference Name2019 IEEE Intl Conf on Parallel Distributed Processing with Applications, Big Data Cloud Computing, Sustainable Computing Communications, Social Computing Networking (ISPA/BDCloud/SocialCom/SustainCom)
Date Publisheddec
Keywordsbusiness owners, cloud computing, composability, cryptography, data completeness protecting scheme, data confidentiality protection aspect, data correctness, data integrity, data integrity protection aspect, data owners, data privacy, database management systems, database outsourcing, database service providers, Databases, Encryption, high communication, Metrics, OPE encrypted, ORDER BY, order-preserving encryption, outsourced data secure, Outsourced Database, Outsourced Database Integrity, outsourcing, Probabilistic logic, pubcrawl, query completeness, query processing, range queries, Resiliency, security protection, Servers, widely used encryption scheme
AbstractNowadays database outsourcing has become business owners' preferred option and they are benefiting from its flexibility, reliability, and low cost. However, because database service providers cannot always be fully trusted and data owners will no longer have a direct control over their own data, how to make the outsourced data secure becomes a hot research topic. From the data integrity protection aspect, the client wants to make sure the data returned is correct, complete, and up-to-date. Previous research work in literature put more efforts on data correctness, while data completeness is still a challenging problem to solve. There are some existing works that tried to protect the completeness of data. Unfortunately, these solutions were considered not fully solving the problem because of their high communication or computation overhead. The implementations and limitations of existing works will be further discussed in this paper. From the data confidentiality protection aspect, order-preserving encryption (OPE) is a widely used encryption scheme in protecting data confidentiality. It allows the client to perform range queries and some other operations such as GROUP BY and ORDER BY over the OPE encrypted data. Therefore, it is worthy to develop a solution that allows user to verify the query completeness for an OPE encrypted database so that both data confidentiality and completeness are both protected. Inspired by this motivation, we propose a new data completeness protecting scheme by inserting fake tuples into databases. Both the real and fake tuples are OPE encrypted and thus the cloud server cannot distinguish among them. While our new scheme is much more efficient than all existing approaches, the level of security protection remains the same.
Citation Keyshen_ensuring_2019