In this paper, we explore a new paradigm for data management in which a third party service provider hosts "database as a service" providing its customers seamless mechanisms to create, store, and access their databases at the host site. Such a model alleviates the need for organizations to purchase expensive hardware and software, deal with software upgrades, and hire professionals for administrative and maintenance tasks which are taken over by the service provider. We have developed and deployed a database service on the Internet, called NetDB2, which is in constant use. In a sense, data management model supported by NetDB2 provides an effective mechanism for organizations to purchase data management as a service, thereby freeing them to concentrate on their core businesses. Among the primary challenges introduced by "database as a service" are additional overhead of remote access to data, an infrastructure to guarantee data privacy, and user interface design for such a service. These issues are investigated in the study. We identify data privacy as a particularly vital problem and propose alternative solutions based on data encryption. This paper is meant as a challenges paper for the database community to explore a rich set of research issues that arise in developing such a service.

The scope and character of today’s computing environments are progressively shifting from traditional, one-on-one client-server interaction to the new cooperative paradigm. It then becomes of primary importance to provide means of protecting the secrecy of the information, while guaranteeing its availability to legitimate clients. Operating online querying services securely on open networks is very difficult; therefore many enterprises outsource their data center operations to external application service providers. A promising direction toward prevention of unauthorized access to outsourced data is represented by encryption. However, data encryption is often supported for the sole purpose of protecting the data in storage while allowing access to plaintext values by the server, which decrypts data for query execution. In this paper, we present a simple yet robust single-server solution for remote querying of encrypted databases on external servers. Our approach is based on the use of indexing information attached to the encrypted database, which can be used by the server to select the data to be This paper extends the previous work by the authors appeared under the title “Balancing

Several architectures have been recently proposed that store relational data in encrypted form on untrusted relational databases. Such architectures permit the creation of novel Internet services and also offer an opportunity for a better construction of ASP solutions. Environments where there are limited resources that do not permit an efficient management of databases or where it is critical to offer a robust Internet access to private data may all benefit from the above architectures. In this paper we analyze the impact that this architecture has on the typical services of a database. The analysis is based on the experience gained in the construction of a prototype of a complete architecture for the management of encrypted databases. Specifically, we illustrate the impact on query translation and optimization, and the main components of the software architecture of the prototype.

Database outsourcing is becoming increasingly popular introducing a new paradigm, called database-as-a-service (DAS), where an organization’s database is stored at an external service provider. In such a scenario, access control is a very important issue, especially if the data owner wishes to publish her data for external use. In this paper, we first present our approach for the implementation of access control through selective encryption. The focus of the paper is then the presentation of the experimental results, which demonstrate the applicability of our proposal.

Abstract. Data confidentiality is a major concern in database systems. Encryption is a useful tool for protecting the confidentiality of sensitive data. However, when data is encrypted, performing queries becomes more challenging. In this paper, we study efficient and provably secure methods for queries on encrypted data stored in an outsourced database that may be susceptible to compromise. Specifically, we show that, in our system, even if an intruder breaks into the database and observes some interactions between the database and its users, he only learns very little about the data stored in the database and the queries performed on the data. Our work consists of several components. First, we consider databases in which each attribute has a finite domain and give a basic solution for certain kinds of queries on such databases. Then, we present two enhanced solutions, one with a stronger security guarantee and the other with accelerated queries. In addition to providing proofs of our security guarantees, we provide empirical performance evaluations. Our experiments demonstrate that our solutions are fast on large-sized real data. 1

Abstract. There are a lot of very important data in database, which need to be protected from attacking. Cryptographic support is an important mechanism of securing them. People, however, must tradeoff performance to ensure the security because the operation of encryption and decryption greatly degrades query performance. To solve such a problem, an approach is proposed that can implement SQL query on the encrypted character data. When the character data are stored in the form of cipher, we not only store the encrypted character data, but also turn the character data into the characteristic values via a characteristic function, and store them in an additional field. When querying the encrypted character data, we apply the principle of two-phase query. Firstly, we implement a coarse query over the encrypted data in order to filter the records not related to the querying conditions. Secondly, we decrypt the rest records and implement a refined query over them again. Results of a set of experiments validate the functionality and usability of our approach. Key words: database security, characteristic values, coarse query, refined query 1. Introduction. Traditionally

Abstract. A new simple and efficient database encryption scheme is presented. The new scheme enables encrypting the entire content of the database without changing its structure. In addition, the scheme suggests how to convert the conventional database index to a secure index on the encrypted database so that the time complexity of all queries is maintained. No one with access to the encrypted database can learn anything about its content without having the encryption key. 1

This paper suggests an improvement to the scheme by Bayer and Metzger for the encipherment of B-Tmes. Search keys are “disguised ” instead of en-crypted, and together with the data pointers and tree pointers which remain encrypted, prevents the opponent or attacker from recreating the correct shape of the B-Tree. Combinatorial block designs are used as a method to substitute the search keys contained within the nodes of the B-Tree. The substitution provides advantages in terms of the number of decryptions necessary to traverse the B-Tnze, while the use of block designs are advanta-geous in terms of the small amount of information that needs to be kept secret. The method is aimed at enhancing the use of encryption for the nodes of the B-Tree, and not as a replacement of the en-cryption algorithm. Although in this paper it is used in the context of B-Trees, the method may be applicable to other reconi storage organizations.

This paper explores some of the many issues in developing security enhanced versions of MPI. The problems that arise in creating a security enhanced MPI for embedded real-time systems supporting the Department of Defense’s Multi-level Security policy (DoD MLS) are presented along with the preliminary design for such an MPI variant. In addition some of the many issues that need to be addressed in creating security enhanced versions of MPI for other domains are discussed. 1

In a hierarchical structure, a user in a security class has access to information items of another class if and only if the former class is a predecessor of latter. Based upon cryptographic techniques, several schemes have been proposed for solving the problem of access control in hierarchical structures. In this paper, we propose a new scheme for an access control in tree structural hierarchies based on asymmetric cryptographic key assignment scheme. Further, our encryption and decryption procedures are based on asymmetric cryptographic technique. We show that proposed scheme requires less amount of storage space to store public parameters and also retains the same security level compared to the previous published schemes. Furthermore, our scheme achieves better generality compared to the Hwang’s scheme.