Software protection and simulation on oblivious RAMs
Journal of the ACM (JACM)
Manufacturing cheap, resilient, and stealthy opaque constructs
POPL '98 Proceedings of the 25th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Perfectly one-way probabilistic hash functions (preliminary version)
STOC '98 Proceedings of the thirtieth annual ACM symposium on Theory of computing
Protecting data privacy in private information retrieval schemes
STOC '98 Proceedings of the thirtieth annual ACM symposium on Theory of computing
Journal of the ACM (JACM)
Auditable metering with lighweight security
Journal of Computer Security
Communications of the ACM
Watermarking, tamper-proffing, and obfuscation: tools for software protection
IEEE Transactions on Software Engineering
White-Box Cryptography and an AES Implementation
SAC '02 Revised Papers from the 9th Annual International Workshop on Selected Areas in Cryptography
Pricing via Processing or Combatting Junk Mail
CRYPTO '92 Proceedings of the 12th Annual International Cryptology Conference on Advances in Cryptology
Towards Realizing Random Oracles: Hash Functions That Hide All Partial Information
CRYPTO '97 Proceedings of the 17th Annual International Cryptology Conference on Advances in Cryptology
Tamper Resistant Software: An Implementation
Proceedings of the First International Workshop on Information Hiding
Defending Against Denial-of-Service Attacks with Puzzle Auctions
SP '03 Proceedings of the 2003 IEEE Symposium on Security and Privacy
Practical Techniques for Searches on Encrypted Data
SP '00 Proceedings of the 2000 IEEE Symposium on Security and Privacy
On obfuscating point functions
Proceedings of the thirty-seventh annual ACM symposium on Theory of computing
Correcting errors without leaking partial information
Proceedings of the thirty-seventh annual ACM symposium on Theory of computing
Using client puzzles to protect TLS
SSYM'01 Proceedings of the 10th conference on USENIX Security Symposium - Volume 10
Toward privacy in public databases
TCC'05 Proceedings of the Second international conference on Theory of Cryptography
Large-scale collection and sanitization of network security data: risks and challenges
NSPW '06 Proceedings of the 2006 workshop on New security paradigms
Seven privacy worries in ubiquitous social computing
Proceedings of the 3rd symposium on Usable privacy and security
Proceedings of the 9th workshop on Multimedia & security
Introducing privacy in a hospital information system
Proceedings of the fourth international workshop on Software engineering for secure systems
Hiding a Needle in a Haystack Using Negative Databases
Information Hiding
A conceptual model for privacy policies
SEA '07 Proceedings of the 11th IASTED International Conference on Software Engineering and Applications
A Privacy Manager for Cloud Computing
CloudCom '09 Proceedings of the 1st International Conference on Cloud Computing
Zero Knowledge in the Random Oracle Model, Revisited
ASIACRYPT '09 Proceedings of the 15th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
TCC'07 Proceedings of the 4th conference on Theory of cryptography
Emergency Access Authorization for Personally Controlled Online Health Care Data
Journal of Medical Systems
On the (im)possibility of obfuscating programs
Journal of the ACM (JACM)
Temporal context lie detection and generation
SDM'06 Proceedings of the Third VLDB international conference on Secure Data Management
Enhancing privacy in cloud computing via policy-based obfuscation
The Journal of Supercomputing
Towards an understanding of social inference opportunities in social computing
Proceedings of the 17th ACM international conference on Supporting group work
Searchable symmetric encryption: Improved definitions and efficient constructions
Journal of Computer Security
Hi-index | 0.00 |
We investigate whether it is possible to encrypt a database and then give it away in such a form that users can still access it, but only in a restricted way. In contrast to conventional privacy mechanisms that aim to prevent any access to individual records, we aim to restrict the set of queries that can be feasibly evaluated on the encrypted database.We start with a simple form of database obfuscation which makes database records indistinguishable from lookup functions. The only feasible operation on an obfuscated record is to look up some attribute Y by supplying the value of another attribute X that appears in the same record (i.e., someone who does not know X cannot feasibly retrieve Y). We then (i) generalize our construction to conjunctions of equality tests on any attributes of the database, and (ii) achieve a new property we call group privacy. This property ensures that it is easy to retrieve individual records or small subsets of records from the encrypted database by identifying them precisely, but ``mass harvesting'' queries matching a large number of records are computationally infeasible.Our constructions are non-interactive. The database is transformed in such a way that all queries except those explicitly allowed by the privacy policy become computationally infeasible, i.e.,, our solutions do not rely on any access-control software or hardware.