Privacy-preserving complex query evaluation over semantically secure encrypted data

Bharath Kumar Samanthula, Wei Jiang, Elisa Bertino

Research output: Chapter in Book/Report/Conference proceedingConference contribution

14 Citations (Scopus)

Abstract

In the last decade, several techniques have been proposed to evaluate different types of queries (e.g., range and aggregate queries) over encrypted data in a privacy-preserving manner. However, solutions supporting the privacy-preserving evaluation of complex queries over encrypted data have been developed only recently. Such recent techniques, however, are either insecure or not feasible for practical applications. In this paper, we propose a novel privacy-preserving query processing framework that supports complex queries over encrypted data in the cloud computing environment and addresses the shortcomings of previous approaches. At a high level, our framework utilizes both homomorphic encryption and garbled circuit techniques at different stages in query processing to achieve the best performance, while at the same time protecting the confidentiality of data, privacy of the user's input query and hiding data access patterns. Also, as a part of query processing, we provide an efficient approach to systematically combine the predicate results (in encrypted form) of a query to derive the corresponding query evaluation result in a privacy-preserving manner. We theoretically and empirically analyze the performance of this approach and demonstrate its practical value over the current state-of-the-art techniques. Our proposed framework is very efficient from the user's perspective, thus allowing a user to issue queries even using a resource constrained device (e.g., PDAs and cell phones).

Original languageEnglish
Title of host publicationComputer Security, ESORICS 2014 - 19th European Symposium on Research in Compter Security, Proceedings
PublisherSpringer Verlag
Pages400-418
Number of pages19
EditionPART 1
ISBN (Print)9783319112022
DOIs
StatePublished - 1 Jan 2014
Event19th European Symposium on Research in Computer Security, ESORICS 2014 - Wroclaw, Poland
Duration: 7 Sep 201411 Sep 2014

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
NumberPART 1
Volume8712 LNCS
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349

Other

Other19th European Symposium on Research in Computer Security, ESORICS 2014
CountryPoland
CityWroclaw
Period7/09/1411/09/14

Fingerprint

Query Evaluation
Query processing
Privacy Preserving
Query
Query Processing
Data privacy
Personal digital assistants
Cloud computing
Cryptography
Homomorphic Encryption
Data Hiding
Range Query
Networks (circuits)
Confidentiality
Cloud Computing
Predicate
Privacy
Resources
Evaluate
Cell

Keywords

  • cloud computing
  • complex Query
  • encryption
  • privacy

Cite this

Samanthula, B. K., Jiang, W., & Bertino, E. (2014). Privacy-preserving complex query evaluation over semantically secure encrypted data. In Computer Security, ESORICS 2014 - 19th European Symposium on Research in Compter Security, Proceedings (PART 1 ed., pp. 400-418). (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 8712 LNCS, No. PART 1). Springer Verlag. https://doi.org/10.1007/978-3-319-11203-9_23
Samanthula, Bharath Kumar ; Jiang, Wei ; Bertino, Elisa. / Privacy-preserving complex query evaluation over semantically secure encrypted data. Computer Security, ESORICS 2014 - 19th European Symposium on Research in Compter Security, Proceedings. PART 1. ed. Springer Verlag, 2014. pp. 400-418 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); PART 1).
@inproceedings{3d5e6837b1c9499e8420d7256e3764dd,
title = "Privacy-preserving complex query evaluation over semantically secure encrypted data",
abstract = "In the last decade, several techniques have been proposed to evaluate different types of queries (e.g., range and aggregate queries) over encrypted data in a privacy-preserving manner. However, solutions supporting the privacy-preserving evaluation of complex queries over encrypted data have been developed only recently. Such recent techniques, however, are either insecure or not feasible for practical applications. In this paper, we propose a novel privacy-preserving query processing framework that supports complex queries over encrypted data in the cloud computing environment and addresses the shortcomings of previous approaches. At a high level, our framework utilizes both homomorphic encryption and garbled circuit techniques at different stages in query processing to achieve the best performance, while at the same time protecting the confidentiality of data, privacy of the user's input query and hiding data access patterns. Also, as a part of query processing, we provide an efficient approach to systematically combine the predicate results (in encrypted form) of a query to derive the corresponding query evaluation result in a privacy-preserving manner. We theoretically and empirically analyze the performance of this approach and demonstrate its practical value over the current state-of-the-art techniques. Our proposed framework is very efficient from the user's perspective, thus allowing a user to issue queries even using a resource constrained device (e.g., PDAs and cell phones).",
keywords = "cloud computing, complex Query, encryption, privacy",
author = "Samanthula, {Bharath Kumar} and Wei Jiang and Elisa Bertino",
year = "2014",
month = "1",
day = "1",
doi = "10.1007/978-3-319-11203-9_23",
language = "English",
isbn = "9783319112022",
series = "Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)",
publisher = "Springer Verlag",
number = "PART 1",
pages = "400--418",
booktitle = "Computer Security, ESORICS 2014 - 19th European Symposium on Research in Compter Security, Proceedings",
edition = "PART 1",

}

Samanthula, BK, Jiang, W & Bertino, E 2014, Privacy-preserving complex query evaluation over semantically secure encrypted data. in Computer Security, ESORICS 2014 - 19th European Symposium on Research in Compter Security, Proceedings. PART 1 edn, Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), no. PART 1, vol. 8712 LNCS, Springer Verlag, pp. 400-418, 19th European Symposium on Research in Computer Security, ESORICS 2014, Wroclaw, Poland, 7/09/14. https://doi.org/10.1007/978-3-319-11203-9_23

Privacy-preserving complex query evaluation over semantically secure encrypted data. / Samanthula, Bharath Kumar; Jiang, Wei; Bertino, Elisa.

Computer Security, ESORICS 2014 - 19th European Symposium on Research in Compter Security, Proceedings. PART 1. ed. Springer Verlag, 2014. p. 400-418 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 8712 LNCS, No. PART 1).

Research output: Chapter in Book/Report/Conference proceedingConference contribution

TY - GEN

T1 - Privacy-preserving complex query evaluation over semantically secure encrypted data

AU - Samanthula, Bharath Kumar

AU - Jiang, Wei

AU - Bertino, Elisa

PY - 2014/1/1

Y1 - 2014/1/1

N2 - In the last decade, several techniques have been proposed to evaluate different types of queries (e.g., range and aggregate queries) over encrypted data in a privacy-preserving manner. However, solutions supporting the privacy-preserving evaluation of complex queries over encrypted data have been developed only recently. Such recent techniques, however, are either insecure or not feasible for practical applications. In this paper, we propose a novel privacy-preserving query processing framework that supports complex queries over encrypted data in the cloud computing environment and addresses the shortcomings of previous approaches. At a high level, our framework utilizes both homomorphic encryption and garbled circuit techniques at different stages in query processing to achieve the best performance, while at the same time protecting the confidentiality of data, privacy of the user's input query and hiding data access patterns. Also, as a part of query processing, we provide an efficient approach to systematically combine the predicate results (in encrypted form) of a query to derive the corresponding query evaluation result in a privacy-preserving manner. We theoretically and empirically analyze the performance of this approach and demonstrate its practical value over the current state-of-the-art techniques. Our proposed framework is very efficient from the user's perspective, thus allowing a user to issue queries even using a resource constrained device (e.g., PDAs and cell phones).

AB - In the last decade, several techniques have been proposed to evaluate different types of queries (e.g., range and aggregate queries) over encrypted data in a privacy-preserving manner. However, solutions supporting the privacy-preserving evaluation of complex queries over encrypted data have been developed only recently. Such recent techniques, however, are either insecure or not feasible for practical applications. In this paper, we propose a novel privacy-preserving query processing framework that supports complex queries over encrypted data in the cloud computing environment and addresses the shortcomings of previous approaches. At a high level, our framework utilizes both homomorphic encryption and garbled circuit techniques at different stages in query processing to achieve the best performance, while at the same time protecting the confidentiality of data, privacy of the user's input query and hiding data access patterns. Also, as a part of query processing, we provide an efficient approach to systematically combine the predicate results (in encrypted form) of a query to derive the corresponding query evaluation result in a privacy-preserving manner. We theoretically and empirically analyze the performance of this approach and demonstrate its practical value over the current state-of-the-art techniques. Our proposed framework is very efficient from the user's perspective, thus allowing a user to issue queries even using a resource constrained device (e.g., PDAs and cell phones).

KW - cloud computing

KW - complex Query

KW - encryption

KW - privacy

UR - http://www.scopus.com/inward/record.url?scp=84906500207&partnerID=8YFLogxK

U2 - 10.1007/978-3-319-11203-9_23

DO - 10.1007/978-3-319-11203-9_23

M3 - Conference contribution

AN - SCOPUS:84906500207

SN - 9783319112022

T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

SP - 400

EP - 418

BT - Computer Security, ESORICS 2014 - 19th European Symposium on Research in Compter Security, Proceedings

PB - Springer Verlag

ER -

Samanthula BK, Jiang W, Bertino E. Privacy-preserving complex query evaluation over semantically secure encrypted data. In Computer Security, ESORICS 2014 - 19th European Symposium on Research in Compter Security, Proceedings. PART 1 ed. Springer Verlag. 2014. p. 400-418. (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); PART 1). https://doi.org/10.1007/978-3-319-11203-9_23