Secure query processing against encrypted XML data using Query-Aware Decryption

Authors:
Jae-Gil Lee;Kyu-Young Whang
Affiliations:
Department of Computer Science and Advanced Information Technology Research Center (AITrc), Korea Advanced Institute of Science and Technology (KAIST), 373-1 Guseong-dong, Yuseong-gu, Daejeon 305- ...;Department of Computer Science and Advanced Information Technology Research Center (AITrc), Korea Advanced Institute of Science and Technology (KAIST), 373-1 Guseong-dong, Yuseong-gu, Daejeon 305- ...
Venue:
Information Sciences: an International Journal
Year:
2006

Citing 11
Cited 2

Access methods for text

ACM Computing Surveys (CSUR) - Annals of discrete mathematics, 24
Processing encrypted data

Communications of the ACM
Secure databases: protection against user influence

ACM Transactions on Database Systems (TODS)
On supporting containment queries in relational database management systems

SIGMOD '01 Proceedings of the 2001 ACM SIGMOD international conference on Management of data
Secure and selective dissemination of XML documents

ACM Transactions on Information and System Security (TISSEC)
Holistic twig joins: optimal XML pattern matching

Proceedings of the 2002 ACM SIGMOD international conference on Management of data
P2P Networking: An Information-Sharing Alternative

Computer
Practical Techniques for Searches on Encrypted Data

SP '00 Proceedings of the 2000 IEEE Symposium on Security and Privacy
A formal analysis of information disclosure in data exchange

SIGMOD '04 Proceedings of the 2004 ACM SIGMOD international conference on Management of data
XMark: a benchmark for XML data management

VLDB '02 Proceedings of the 28th international conference on Very Large Data Bases
Controlling access to published data using cryptography

VLDB '03 Proceedings of the 29th international conference on Very large data bases - Volume 29

Integration of a secure type-2 fuzzy ontology with a multi-agent platform: A proposal to automate the personalized flight ticket booking domain

Information Sciences: an International Journal
Secure XML querying based on authorization graphs

Information Systems Frontiers

Quantified Score

Hi-index	0.07

Visualization

Abstract

Dissemination of XML data on the internet could breach the privacy of data providers unless access to the disseminated XML data is carefully controlled. Recently, the methods using encryption have been proposed for such access control. However, in these methods, the performance of processing queries has not been addressed. A query processor cannot identify the contents of encrypted XML data unless the data are decrypted. This limitation incurs overhead of decrypting the parts of the XML data that would not contribute to the query result. In this paper, we propose the notion of Query-Aware Decryption for efficient processing of queries against encrypted XML data. Query-Aware Decryption allows us to decrypt only those parts that would contribute to the query result. For this purpose, we disseminate an encrypted XML index along with the encrypted XML data. This index, when decrypted, informs us where the query results are located in the encrypted XML data, thus preventing unnecessary decryption for other parts of the data. Since the size of this index is much smaller than that of the encrypted XML data, the cost of decrypting this index is negligible compared with that for unnecessary decryption of the data itself. The experimental results show that our method improves the performance of query processing by up to six times compared with those of existing methods. Finally, we formally prove that dissemination of the encrypted XML index does not compromise security.