Security of social information from query analysis in DaaS

  • Authors:

  • Junpei Kawamoto;Masatoshi Yoshikawa

  • Affiliations:

  • Kyoto University, Sakyo-ku, Kyoto, Japan;Kyoto University, Sakyo-ku, Kyoto, Japan

  • Venue:
  • Proceedings of the 2009 EDBT/ICDT Workshops
  • Year:
  • 2009

Quantified Score

Hi-index 0.00

Visualization

Abstract

Databases as a Service (DaaS) are recently in the spotlight as an essential component of the cloud computing framework. We can more easily develop applications to facilitate users' collaboration than without DaaS. Unfortunately, DaaS brings a new risk of data compromise because most data are currently stored and managed by the service provider. Securing users' information, the data are generally encrypted at a trusted client. Although encryption ensures that no one can sneak a look at the data, malicious users still have opportunities to take users' relational information. The relational information, which we name social information as opposed to personal information, has not been adequately examined, but it is becoming important because of improvement of social analysis. As described herein, we first introduce an attack model of obtaining social information from analyses of query logs in DaaS; then we provide a solution to the problem. Our method converts some different queries in the same query, so that malicious attackers cannnot analyze the query logs. We also define an overhead cost of the translation and propose a method that can optimize the conversion using extensible hashing.