Authentication in the Taos operating system
ACM Transactions on Computer Systems (TOCS) - Special issue on operating systems principles
Algorithm 668: H2PEC: sampling from the hypergeometric distribution
ACM Transactions on Mathematical Software (TOMS)
Executing SQL over encrypted data in the database-service-provider model
Proceedings of the 2002 ACM SIGMOD international conference on Management of data
New Paradigms for Constructing Symmetric Encryption Schemes Secure against Chosen-Ciphertext Attack
CRYPTO '00 Proceedings of the 20th Annual International Cryptology Conference on Advances in Cryptology
Practical Techniques for Searches on Encrypted Data
SP '00 Proceedings of the 2000 IEEE Symposium on Security and Privacy
Balancing confidentiality and efficiency in untrusted relational DBMSs
Proceedings of the 10th ACM conference on Computer and communications security
Extending query rewriting techniques for fine-grained access control
SIGMOD '04 Proceedings of the 2004 ACM SIGMOD international conference on Management of data
Order preserving encryption for numeric data
SIGMOD '04 Proceedings of the 2004 ACM SIGMOD international conference on Management of data
Query execution assurance for outsourced databases
VLDB '05 Proceedings of the 31st international conference on Very large data bases
Finding application errors and security flaws using PQL: a program query language
OOPSLA '05 Proceedings of the 20th annual ACM SIGPLAN conference on Object-oriented programming, systems, languages, and applications
Foundations of Cryptography: Volume 1
Foundations of Cryptography: Volume 1
Query Assurance Verification for Dynamic Outsourced XML Databases
ARES '07 Proceedings of the The Second International Conference on Availability, Reliability and Security
Secure untrusted data repository (SUNDR)
OSDI'04 Proceedings of the 6th conference on Symposium on Opearting Systems Design & Implementation - Volume 6
Finding security vulnerabilities in java applications with static analysis
SSYM'05 Proceedings of the 14th conference on USENIX Security Symposium - Volume 14
Multi-Dimensional Range Query over Encrypted Data
SP '07 Proceedings of the 2007 IEEE Symposium on Security and Privacy
Answering aggregation queries in a secure system model
VLDB '07 Proceedings of the 33rd international conference on Very large data bases
WOWCS'08 Proceedings of the conference on Organizing Workshops, Conferences, and Symposia for Computer Systems
Lest we remember: cold boot attacks on encryption keys
SS'08 Proceedings of the 17th conference on Security symposium
Order-Preserving Symmetric Encryption
EUROCRYPT '09 Proceedings of the 28th Annual International Conference on Advances in Cryptology: the Theory and Applications of Cryptographic Techniques
Fully homomorphic encryption using ideal lattices
Proceedings of the forty-first annual ACM symposium on Theory of computing
CLAMP: Practical Prevention of Large-Scale Data Leaks
SP '09 Proceedings of the 2009 30th IEEE Symposium on Security and Privacy
Improving application security with data flow assertions
Proceedings of the ACM SIGOPS 22nd symposium on Operating systems principles
Public-key cryptosystems based on composite degree residuosity classes
EUROCRYPT'99 Proceedings of the 17th international conference on Theory and application of cryptographic techniques
Conjunctive, subset, and range queries on encrypted data
TCC'07 Proceedings of the 4th conference on Theory of cryptography
Provably-secure schemes for basic query support in outsourced databases
Proceedings of the 21st annual IFIP WG 11.3 working conference on Data and applications security
Private query on encrypted data in multi-user settings
ISPEC'08 Proceedings of the 4th international conference on Information security practice and experience
Differential privacy: a survey of results
TAMC'08 Proceedings of the 5th international conference on Theory and applications of models of computation
Keep a few: outsourcing data while maintaining confidentiality
ESORICS'09 Proceedings of the 14th European conference on Research in computer security
Non-interactive verifiable computing: outsourcing computation to untrusted workers
CRYPTO'10 Proceedings of the 30th annual conference on Advances in cryptology
Static checking of dynamically-varying security policies in database-backed applications
OSDI'10 Proceedings of the 9th USENIX conference on Operating systems design and implementation
Depot: cloud storage with minimal trust
OSDI'10 Proceedings of the 9th USENIX conference on Operating systems design and implementation
SPORC: group collaboration using untrusted cloud resources
OSDI'10 Proceedings of the 9th USENIX conference on Operating systems design and implementation
Enabling security in cloud storage SLAs with CloudProof
USENIXATC'11 Proceedings of the 2011 USENIX conference on USENIX annual technical conference
Security issues in querying encrypted data
DBSec'05 Proceedings of the 19th annual IFIP WG 11.3 working conference on Data and Applications Security
Privacy-preserving queries on encrypted data
ESORICS'06 Proceedings of the 11th European conference on Research in Computer Security
CryptDB: processing queries on an encrypted database
Communications of the ACM
Secure and privacy-preserving data services in the cloud: a data centric view
Proceedings of the VLDB Endowment
Query encrypted databases practically
Proceedings of the 2012 ACM conference on Computer and communications security
Secure and Fast Aggregation of Financial Data in Cloud-Based Expense Tracking Applications
Journal of Network and Systems Management
CleanOS: limiting mobile data exposure with idle eviction
OSDI'12 Proceedings of the 10th USENIX conference on Operating Systems Design and Implementation
DJoin: differentially private join queries over distributed databases
OSDI'12 Proceedings of the 10th USENIX conference on Operating Systems Design and Implementation
A security aware stream data processing scheme on the cloud and its efficient execution methods
Proceedings of the fourth international workshop on Cloud data management
Symmetric inner-product predicate encryption based on three groups
ProvSec'12 Proceedings of the 6th international conference on Provable Security
Management and search of private data on storage clouds
Proceedings of the Workshop on Secure and Dependable Middleware for Cloud Monitoring and Management
New approaches to security and availability for cloud data
Communications of the ACM
Protecting data confidentiality in cloud systems
Proceedings of the Fourth Asia-Pacific Symposium on Internetware
Supporting security and consistency for cloud database
CSS'12 Proceedings of the 4th international conference on Cyberspace Safety and Security
Controlled joining on encrypted relational database
Pairing'12 Proceedings of the 5th international conference on Pairing-Based Cryptography
Searching over encrypted data in cloud systems
Proceedings of the 18th ACM symposium on Access control models and technologies
Secure database-as-a-service with Cipherbase
Proceedings of the 2013 ACM SIGMOD International Conference on Management of Data
πBox: a platform for privacy-preserving apps
nsdi'13 Proceedings of the 10th USENIX conference on Networked Systems Design and Implementation
SplitX: high-performance private analytics
Proceedings of the ACM SIGCOMM 2013 conference on SIGCOMM
Enabling secure query processing in the cloud using fully homomorphic encryption
Proceedings of the Second Workshop on Data Analytics in the Cloud
Processing analytical queries over encrypted data
Proceedings of the VLDB Endowment
Searching private data in a cloud encrypted domain
Proceedings of the 10th Conference on Open Research Areas in Information Retrieval
MrCrypt: static analysis for secure cloud computations
Proceedings of the 2013 ACM SIGPLAN international conference on Object oriented programming systems languages & applications
DEMO: Adjustably encrypted in-memory column-store
Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security
POSTER: CRYPTSERVER: strong data protection in commodity LAMP servers
Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security
AUTOCRYPT: enabling homomorphic computation on servers to protect sensitive web content
Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security
Supporting complex queries and access policies for multi-user encrypted databases
Proceedings of the 2013 ACM workshop on Cloud computing security workshop
SilverLine: preventing data leaks from compromised web applications
Proceedings of the 29th Annual Computer Security Applications Conference
DBSec'13 Proceedings of the 27th international conference on Data and Applications Security and Privacy XXVII
Optimal re-encryption strategy for joins in encrypted databases
DBSec'13 Proceedings of the 27th international conference on Data and Applications Security and Privacy XXVII
TMS: a trusted mail repository service using public storage clouds
Proceedings of the 8th Workshop on Middleware for Next Generation Internet Computing
Inference attack against encrypted range queries on outsourced databases
Proceedings of the 4th ACM conference on Data and application security and privacy
Efficient privacy-aware search over encrypted databases
Proceedings of the 4th ACM conference on Data and application security and privacy
A Patient Privacy Protection Scheme for Medical Information System
Journal of Medical Systems
Building web applications on top of encrypted data using Mylar
NSDI'14 Proceedings of the 11th USENIX Conference on Networked Systems Design and Implementation
Hi-index | 0.03 |
Online applications are vulnerable to theft of sensitive information because adversaries can exploit software bugs to gain access to private data, and because curious or malicious administrators may capture and leak data. CryptDB is a system that provides practical and provable confidentiality in the face of these attacks for applications backed by SQL databases. It works by executing SQL queries over encrypted data using a collection of efficient SQL-aware encryption schemes. CryptDB can also chain encryption keys to user passwords, so that a data item can be decrypted only by using the password of one of the users with access to that data. As a result, a database administrator never gets access to decrypted data, and even if all servers are compromised, an adversary cannot decrypt the data of any user who is not logged in. An analysis of a trace of 126 million SQL queries from a production MySQL server shows that CryptDB can support operations over encrypted data for 99.5% of the 128,840 columns seen in the trace. Our evaluation shows that CryptDB has low overhead, reducing throughput by 14.5% for phpBB, a web forum application, and by 26% for queries from TPC-C, compared to unmodified MySQL. Chaining encryption keys to user passwords requires 11--13 unique schema annotations to secure more than 20 sensitive fields and 2--7 lines of source code changes for three multi-user web applications.