Cryptography in databases in cloud computing.
Keywords:
Cloud computing, cryptography, homomorphism, security, databasesAbstract
The IT managers of companies who are considering migrating their systems to the cloud computing have their reservations
about the security and reliability of cloud-based services, these are not yet fully convinced that deliver sensitive data companies or their
clients is a good idea, in this context the use of encryption systems, in particular homomorphic encryption schemes are useful, since the
operations in the cloud provider are made with the encrypted information, providing a level of reliability and safety databases from
attacks as well as internal and external in cloud computing. This paper proposes a scheme to protect the different attributes of
information (confidentiality, integrity and authentication), stored in a BD in the Cloud.
References
Zhang Q., Cheng L., Boutaba R.: Cloud computing: State of the art and research challenges. Journal of Internet Services and applications 1, 7-18 (2010)
Sosinsky, B.: Cloud Computing Bible. Wiley Publishing, Indianapolis (2011)
Menezes, A. J., Van Oorschot, P. C., Vanstone S. A.: Handbook of Applied Cryptography. Series: Discrete Mathematics and Its Applications. CRC Press (1996)
Limbek, R., Sziklai, P.: Privacy homomorphisms. Scientific Association for Infocommunications, vol. 6 pp. 37-42 (2004)
Akinwande, M.: Advances in homomorphic cryptosystems. Journal of Universal Computer Science, vol. 15, pp. 506–522 (2009)
Rivest, R., Adleman, L. and Dertouzos, M.: On data banks and privacy homomorphisms. Foundations of Secure Computation. pp. 169 - 177, Academic Press (1978)
Elgamal, T.: A public key cryptosystem and a signature scheme based on discrete logarithms. IEEE Transactions on Information Theory, vol. 31, pp. 469-472 (1985)
Paillier, P: Public-key cryptosystems based on composite degree residuosity classes. Advances in Cryptology EUROCRYPT’99, of LNCS, vol. 1592 pp. 223-238. Springer, Verlag (1999)
Damgard, I., Jurik, M.: A Length-Flexible Threshold Cryptosystem with Applications. In: Proceedings of the 8th Australasian Conference on Information Security and Privacy (ACISP 2003), LNCS 2727, Springer, New York, USA (2003)
Gentry, C.: Fully homomorphic encryption using ideal lattices. In: Proceedings of the 41st annual symposium on Theory of computing, pp. 169–178. ACM press, New York (2009)
Burke, J., McDonald, J. Austin, T.: Architectural support for fast symmetric-key cryptography. In: Proceedings of the 9th International Conference on Architectural Support for Programming Languages and Operating Systems, Cambridge, MA, USA, pp. 178-89. (2000)
Blake-Wilson, S.: Information security, mathematics, and public-key cryptography. Designs, Codes and Cryptography, vol. 19, pp. 77-99. (2000)
Freier, A., Karlton, P. and Kocher, P.: The SSL Protocol Version 3.0, Internet. (1996)
Dierks, T. and Allen, C.: The TLS Protocol - Version 1.0, Internet. (1997)
Hacigümüs, H., Hore, B., Iyer, B., Mehrotra, S.: Search on Encrypted Data. In :Secure Data Management in Decentralized Systems. vol. 33, pp 383-425. Springer US. (2007)
Song, D., Wagner, D., Perrig, A.: Practical Techniques for Search on Encrypted Data. In: Security and Privacy Proceedings. IEEE Symposium on, pp.44-55. (2000)
Chang, Y., Mitzenmacher, M.: Privacy preserving keyword searches on remote encrypted data. In: Ioannidis, J., Keromytis, A., Yung, M. (eds.) Applied Cryptography and Network Security. LNCS, vol. 3531, pp. 391-421. Springer, Heidelberg (2005)
Golle, P., Staddon, J., Waters, B.: Secure conjunctive keyword search over encrypted data. In: Jakobsson, M., Yung, M., Zhou, J. (eds.) Applied Cryptography and Network Security. LNCS, vol. 3089, pp. 31-45. Springer, Heidelberg (2004)
Hacigümüs, H.: Privacy in Database-as-a-Service Model. Ph.D. Thesis, Department of Information and Computer Science, University of California, Irvine, 2003.
Bouganim, L. and Pucheral, P.: Chip-Secured Data Access: Confidential Data on Untrusted Servers. In: Proceedings of the 28th Very Large Data Bases Conference, pp. 131-142. Morgan Kaufmann, Hong Kong, China (2002)
Hacigümüs, H., Iyer, B. and Mehrotra, S.: Encrypted Database Integrity in Database Service Provider Model. In: Database Service Provider Model. Certification and Security in E-Services pp. 165-174 (2002)
Hore, B., Mehrotra, S., Tsudik, G.: A Privacy-Preserving Index for Range Queries. In: Proceedings of the Thirtieth international conference on Very Large Data Bases, vol. 30 pp. 720-731 Toronto, Canada (2004)
Goldwasser, S., Micali, S.: Probabilistic Encryption & How To Play Mental Poker Keeping Secret All Partial. Computing pp. 365-377. (1982)
Boneh, D., Goh, E. J., Nissim, K.: Evaluating 2-DNF formulas on ciphertexts. In: Kilian, J. (ed.) Theory of Cryptography. LNCS, vol. 3378, pp. 325–341. Springer, Heidelberg (2005)
Gentry, C.: Toward basing fully homomorphic encryption on worst-case hardness. In: Rabin, T. Advances in Cryptology–CRYPTO 2010, LNCS, pp. 116–137. Springer, Heidelberg (2010)
Rappe, D. K.: Homomorphic Cryptosystems and their Applications. Thesis, Cryptology ePrint Archive, Report (2006)
Davida, G. I., Wells, D. L., Kam, J. B.: A database encryption system with subkeys. ACM Trans. Database Syst. vol. 6, pp.312-328 (1981)
He, J., Wang, M.: Cryptography and relational database management systems. In: Database Engineering & Applications, International Symposium on. pp. 273-284. IEEE press (2001)
Vingralek, R. Gnatdb: A small-footprint, secure database system. In: VLDB, pp. 884–893 Morgan Kaufmann, (2002)
Bouganim, L., Pucheral, P.: Chip-secured data access: Confidential data on untrusted servers. In: Proceedings of the 28th international conference on Very Large Data Bases, pp. 131–142. (2002)
Hacigümüs, H., Iyer, B. andMehrotra, S.: Providing Database as a Service. In: Data Engineering Proceedings. 18th International Conference on, pp. 29-38. (2002)
Harrington, A., Jensen, C. D.: Cryptographic Access Control in a Distributed File System. In: Proceedings of the eighth ACM symposium on Access control models and technologies. pp. 158-165 (2003)
Hacigümüş H, Iyer B, Mehrotra S.: Efficient execution of aggregation queries over encrypted relational databases. In: Lee, Y. Li, J., Whang, K., Lee, D. (eds.) Database Systems for Advanced Applications. LNCS, vol. 2973, pp.125-36. (2004)
Iyer, B., Mehrotra, S., Mykletun, E., Tsudik, G. and Wu, Y.: A framework for efficient storage security in RDMS. In: Bertino, E., Christodoulakis, S., Plexousakis, D., Christophides, V., Koubarakis, M., Böhm, K., Ferrari, E. (eds.) Advances in Database Technology - EDBT 2004. LNCS, vol. 2992, pp. 627-628. Springer, Heidelberg (2004)
Aggarwal, G., Bawa, M., Ganesan, P., Garcia-Molina, H., Kenthapadi, K., Srivastava, U., Thomas, D., Xu, Y.: Two Can Keep a Secret: A Distributed Architecture for Secure Database Services. In: Proc. of CIDR (2005)
Wang, Z., Dai, J., Wang, W., Shi, B.: Fast Query Over Encrypted Character Data in Database. In: Zhang, J., He, J.H., Fu, Y. (eds.) Computational and Information Science. LNCS, vol. 3314, pp. 1027-1033. Springer, Heidelberg (2005)
Chung, S. S., Ozsoyoglu, G.: Anti-Tamper Databases: Processing Aggregate Queries over Encrypted Databases. In: Data Engineering Workshops, 22nd International Conference on, pp. 98. (2006)
Wang, Z., Wang, W., Shi, B.: Storage and Query over Encrypted Character and Numerical Data in Database. Computer and Information Technology. The Fifth International Conference on, pp.77-81. (2005)
Mykletun, E. and Tsudik, G.: Aggregation Queries in the Database-As-a-Service Model. In: Damiani, E., Liu, P. (eds.) Data and Applications Security XX. LNCS, vol. 4127, pp. 89-103. Springer, Heidelberg (2006)
Evdokimov, S. and Günther, O.: Encryption Techniques for Secure Database Outsourcing. In: Biskup, J., López, J. (eds.) Computer Security – ESORICS 2007. LNCS, vol. 4734, pp. 327-342. (2007)
Sanka, S., Hota, C., Rajarajan, M.: Secure data access in cloud computing. In: Internet Multimedia Services Architecture and Application (IMSAA). IEEE 4th International Conference on, pp.1-6, 15-17 (2010)
Yan, S. Y. and Maple, C.: On-Line Database Encryption and Authentication. In: Tan, H.(ed.). Technology for Education and Learning.Advances in Intelligent and Soft Computing. vol. 136, pp. 363-370. Springer, Heidelberg (2012)
General Services Administration. Agency Office of the Director of National Intelligence “Security and Privacy Assurance Research" https://www.fbo.gov [Accessed: 17-Jul-2012].
Technology, “Programming Computation on Encrypted Data y abreviado PROCEED,” http://www.grants.gov [Accessed: 17-Jul-2012].
Cloutage - Open Security Foundation, http://cloutage.org/. [Accessed: 26-Mar-2012].
Hacigümüs, H., Iyer, B., Li, C. and Mehrotra, S.: Executing SQL over encrypted data in the database-service-provider model. In: Proceedings of the ACM SIGMOD international conference on Management of data. (2002)
Kamara, S., Lauter, K.: Cryptographic Cloud Storage. In: Sion, R., Curtmola, R., Dietrich, S., Kiayias, A., Miret, J., Sako, K., Sebé, F. (eds.) Financial Cryptography and Data Security. LNCS, pp. 136-149. Springer-Verlag (2010)
Agrawal, R., Kiernan, J., Srikant, R., Xu, Y.: Order preserving encryption for numeric data. In: Proceedings of the 2004 ACM SIGMOD international conference on Management of data, pp. 563–574. (2004)
Boldyreva, A., Chenette, N., Lee, Y, O'Neill, A.: Order-preserving symmetric Encryption. In Advances in Cryptology- Eurocrypt 2009 Proceedings, (2009)
Downloads
Published
How to Cite
Issue
Section
Downloads
License
The journal offers open access under a Creative Commons Attibution License
This work is under license Creative Commons Attribution (CC BY 4.0).