Multi-layer Nested Database Encryption Scheme for Multiple Users

doi:10.12068/j.issn.1005-3026.2018.12.004

Journal of Northeastern University Natural Science ›› 2018, Vol. 39 ›› Issue (12): 1691-1696.DOI: 10.12068/j.issn.1005-3026.2018.12.004

• Information & Control • Previous Articles Next Articles

Multi-layer Nested Database Encryption Scheme for Multiple Users

ZHOU Fu-cai， ZHANG Xin-yue， ZENG Kang， QIN Shi-yue

School of Software， Northeastern University， Shenyang 110169， China.

Received:2017-09-20 Revised:2017-09-20 Online:2018-12-15 Published:2018-12-19
Contact: ZHOU Fu-cai
About author:-
Supported by:
-

Abstract

Abstract: Encrypted database scheme about outsourced data confidentiality and user privacy was researched， and a scheme of multi-layer nested database encryption for multiple users was proposed. A data encryption scheme was also proposed based on onion model to perform nested encryption on outsourced data by applying multi-layer theory with a variety of data encryption algorithms to guarantee data confidentiality and to work with SQL queries in different types. Meanwhile， user privacy protection scheme was proposed based on single server private information retrieval(PIR)to enable users to send SQL queries with sensitive data and protect the privacy of users when accessing the database， realizing user anonymous query. The security analysis results show that the scheme protects data confidentiality and user privacy. An evaluation result tested with a benchmark tool Sysbench demonstrates its well query processing efficiency， throughput and robustness.

Key words: outsourced data, onion encryption model, database encryption, private information retrieval(PIR), privacy protection

CLC Number:

TP309.2

ZHOU Fu-cai， ZHANG Xin-yue， ZENG Kang， QIN Shi-yue. Multi-layer Nested Database Encryption Scheme for Multiple Users[J]. Journal of Northeastern University Natural Science, 2018, 39(12): 1691-1696.

References

[1]Zhang Y，Sun Y.Cloud storage management technology ［C］// Proceedings of the 2nd International Conference on Information and Computing Science.Washington，DC，2009:309-311.
[2]Hacigümüs H，Iyer B，Mehrotra S.Providing database as a service［C］// Proceedings of the 18th International Conference on Data Engineering.Washington，DC，2002:29-38.
[3]新京报.50亿条公民信息泄露，京东前员工牵涉其中［EB/OL］.［2017-03-11］.http://www.chinanews.com/sh/2017/03-11/8171115.shtml.(The Beijing News.5 billion citizens’ information disclosure，former staff of Jingdong involved in ［EB/OL］.［2017-03-11］.http://www.chinanews.com/sh/2017/03-11/8171115.shtml.)
[4]Wood C，Fernandez E B，Summers R C.Database security:requirements，policies，and models［J］.IBM Systems Journal，1980，19(2):229-252.
[5]Song D X，Wagner D，Perrig A.Practical techniques for searches on encrypted data［C］// Proceedings of the 2000 IEEE Symposium on Security and Privacy.Washington，DC，2000:44-55.
[6]Agrawal R，Kiernan J，Srikant R，et al.Order preserving encryption for numeric data［C］// Proceedings of the 2004 ACM SIGMOD International Conference on Management of Data.New York，2004:563-574.
[7]Amanatidis G，Boldyreva A，O’Neill A.Provably-secure schemes for basic query support in outsourced databases［C］// Proceedings of the 21st Annual IFIP WG 11.3 Working Conference on Data and Applications Security.Redondo Beach，2007:14-30.
[8]刘念.DAS模型中的数据库加密与密文检索研究［D］.北京:北京邮电大学，2010.(Liu Nian.The study of database encryption and cipher text query in DAS［D］.Beijing:Beijing University of Posts and Telecommunications，2010.)
[9]Popa R A，Redfield C，Zeldovich N，et al.CryptDB:protecting confidentiality with encrypted query processing［C］// Proceedings of the Twenty-Third ACM Symposium on Operating Systems Principles.New York，2011:85-100.
[10]Hang I，Kerschbaum F，Damiani E.ENKI:access control for encrypted query processing ［C］// Proceedings of the 2015 ACM SIGMOD International Conference on Management of Data.Melbourne，2015:183-196.
[11]Poddar R，Boeltert T，Popa R A.Arx:a strongly encrypted database system［EB/OL］.［2016-06-07］.https://eprint.iacr.org/2016/591.pdf.
[12]Paillier P.Public-key cryptosystems based on composite degree residuosity classes［C］// Advances in Cryptology—EUROCRYPT’99.Prague，1999:223-238.
[13]Popa R A，Li F H，Zeldovich N.An ideal-security protocol for order-preserving encoding［C］// Proceedings of the 2013 IEEE Symposium on Security and Privacy.Washington，DC，2013:463-477.
[14]Kushilevitz E，Ostrovsky R.Replication is not needed:single database，computationally-private information retrieval［C］// Proceedings of the 38th Annual Symposium on Foundations of Computer Science.Washington，DC，1997:364-373.
[15]Popa R A.Building practical systems that compute on encrypted data［D］.Cambridge，MA:MIT，2014.

Multi-layer Nested Database Encryption Scheme for Multiple Users

RichHTML

PDF (PC)

Knowledge

Abstract

Cite this article

share this article

References

Related Articles 3

Recommended Articles

Metrics

Comments

[1]	ZHANG Jing， LI Chuan-wen. A Location Privacy Protection Method Based on Secure Index [J]. Journal of Northeastern University(Natural Science), 2022, 43(12): 1702-1708.
[2]	WANG Qiang， XUAN Peng-kai， WANG Hong-wei， ZHOU Fu-cai. A Publicly Verifiable Outsourced Database Scheme with Full Operations [J]. Journal of Northeastern University Natural Science, 2018, 39(8): 1098-1103.
[3]	WANG Lina， PENG Ruiqing， FENG Bo， LI Ye. SpatioTemporal Trajectory Anonymous Algorithm via Map Matching [J]. Journal of Northeastern University Natural Science, 2014, 35(5): 667-670.