A Scalable Approach for Encrypted Query Routing on Encrypted Databases
Keywords:
DBMS server, CryptDB proxy server, SQL-aware Encryption and Adjustable Query-based EncryptionAbstract
Online applications are powerless against robbery of sensitive data since adversaries can abuse programming bugs to access private information, and in light of the fact that curious or malware administrators may catch and break information. CryptDB is a framework that gives practical or provable confidentiality even with these attacks for applications backed by SQL databases. It works by executing SQL queries over encoded information utilizing an accumulation of effective SQL-aware encryption models. CryptDB can likewise link encryption keys to client passwords, with the goal that an information item can be decoded just by utilizing the secret key of one of the clients with access to that information. Accordingly, a database administrator never accesses decrypted information, and regardless of the possibility that all servers are compromised, an enemy can't decrypt the information of any client who isn't signed in. An investigation of a trace of 126 million SQL queries from a generation MySQL server appears that CryptDB can support operations over encoded information for 99.5% of the 128,840 columns found in the trace. Our assessment appears that CryptDB has low overhead, decreasing throughput by 14.5% for phpBB, a web forum application, and by 26% for queries from TPCC, contrasted with unmodified MySQL. Fastening encryption keys to client passwords requires 11– 13 special pattern annotations to secure more than 20 sensitive fields and 2– 7 lines of source code changes for three multi-client web applications.
References
- F. Bao, R. H. Deng, X. Ding, and Y. Yang. Private query on encrypted data in multi-user settings. In Proceedings of the 4th International Conference on Information Security Practice and Experience, Sydney, Australia, April 2008.
- A. Boldyreva, N. Chenette, Y. Lee, and A. O’Neill. Orderpreserving symmetric encryption. In Proceedings of the 28th Annual International Conference on the Theory and Applications of Cryptographic Techniques (EUROCRYPT), Cologne, Germany, April 2009.
- D. Boneh and B. Waters. Conjunctive, subset, and range queries on encrypted data. In Proceedings of the 4th Conference on Theory of Cryptography, 2007.
- A. Chen. GCreep: Google engineer stalked teens, spied on chats. Gawker, September 2010. http://gawker.com/5637234/.
- A. Chlipala. Static checking of dynamically-varying security policies in database-backed applications. In Proceedings of the 9th Symposium on Operating Systems Design and Implementation, Vancouver, Canada, October 2010.
- S. S. M. Chow, J.-H. Lee, and L. Subramanian. Two-party computation model for privacy-preserving queries over distributed databases. In Proceedings of the 16th Network and Distributed System Security Symposium, February 2009.
- V. Ciriani, S. D. C. di Vimercati, S. Foresti, S. Jajodia, S. Paraboschi, and P. Samarati. Keep a few: Outsourcing data while maintaining confidentiality. In Proceedings of the 14th European Symposium on Research in Computer Security, September 2009.
- M. Cooney. IBM touts encryption innovation; new technology performs calculations on encrypted data without decrypting it. Computer World, June 2009.
Downloads
Published
Issue
Section
License
Copyright (c) IJSRSET
This work is licensed under a Creative Commons Attribution 4.0 International License.