Software protection and simulation on oblivious RAMs
Journal of the ACM (JACM)
On Data Clustering Analysis: Scalability, Constraints, and Validation
PAKDD '02 Proceedings of the 6th Pacific-Asia Conference on Advances in Knowledge Discovery and Data Mining
Practical Techniques for Searches on Encrypted Data
SP '00 Proceedings of the 2000 IEEE Symposium on Security and Privacy
Building castles out of mud: practical access pattern privacy and correctness on untrusted storage
Proceedings of the 15th ACM conference on Computer and communications security
CRYPTO'10 Proceedings of the 30th annual conference on Advances in cryptology
Differentially private data cubes: optimizing noise sources and consistency
Proceedings of the 2011 ACM SIGMOD International Conference on Management of data
CryptDB: protecting confidentiality with encrypted query processing
SOSP '11 Proceedings of the Twenty-Third ACM Symposium on Operating Systems Principles
ICALP'06 Proceedings of the 33rd international conference on Automata, Languages and Programming - Volume Part II
Privacy preserving keyword searches on remote encrypted data
ACNS'05 Proceedings of the Third international conference on Applied Cryptography and Network Security
Privacy-preserving queries on encrypted data
ESORICS'06 Proceedings of the 11th European conference on Research in Computer Security
Calibrating noise to sensitivity in private data analysis
TCC'06 Proceedings of the Third conference on Theory of Cryptography
Dynamic searchable symmetric encryption
Proceedings of the 2012 ACM conference on Computer and communications security
Searchable symmetric encryption: Improved definitions and efficient constructions
Journal of Computer Security
| Hi-index | 0.00 |
In recent years, database as a service (DAS) model where data management is outsourced to cloud service providers has become more prevalent. Although DAS model offers lower cost and flexibility, it necessitates the transfer of potentially sensitive data to untrusted cloud servers. To ensure the confidentiality, encryption of sensitive data before its transfer to the cloud emerges as an important option. Encrypted storage provides protection but it complicates data processing including crucial selective record retrieval. To achieve selective retrieval over encrypted collection, considerable amount of searchable encryption schemes have been proposed in the literature with distinct privacy guarantees. Among the available approaches, oblivious RAM based ones offer optimal privacy. However, they are computationally intensive and do not scale well to very large databases. On the other hand, almost all efficient schemes leak some information, especially data access pattern to the remote servers. Unfortunately, recent evidence on access pattern leakage indicates that adversary's background knowledge could be used to infer the contents of the encrypted data and may potentially endanger individual privacy. In this paper, we introduce a novel construction for practical and privacy-aware selective record retrieval over encrypted databases. Our approach leaks obfuscated access pattern to enable efficient retrieval while ensuring individual privacy. Applied obfuscation is based on differential privacy which provides rigorous individual privacy guarantees against adversaries with arbitrary background knowledge.