Secure multidimensional range queries over outsourced data

In this paper, we study the problem of supporting multidimensional range queries on encrypted data. The problem is motivated by secure data outsourcing applications where a client may store his/her data on a remote server in encrypted form and want to execute queries using server’s computational cap...

Full description

Saved in:
Bibliographic Details
Published inThe VLDB journal Vol. 21; no. 3; pp. 333 - 358
Main Authors Hore, Bijit, Mehrotra, Sharad, Canim, Mustafa, Kantarcioglu, Murat
Format Journal Article
LanguageEnglish
Published Berlin/Heidelberg Springer-Verlag 01.06.2012
Springer
Subjects
Applied sciences
Computer Science
Computer science; control theory; systems
Database Management
Exact sciences and technology
Information systems. Data bases
Memory and file management (including protection and security)
Memory organisation. Data processing
Regular Paper
Software
Privacy
Confidentiality
Query execution
Relational
Outsourcing
Disclosure
Security
Capability index
Private life
Data privacy
Database query
Data storage
Data partition
Subcontracting
Range query
Metric
Cryptography
Indexing
Mathematical programming
Online AccessGet full text
ISSN1066-8888
0949-877X
DOI10.1007/s00778-011-0245-7

Cover

More Information
Summary:In this paper, we study the problem of supporting multidimensional range queries on encrypted data. The problem is motivated by secure data outsourcing applications where a client may store his/her data on a remote server in encrypted form and want to execute queries using server’s computational capabilities. The solution approach is to compute a secure indexing tag of the data by applying bucketization (a generic form of data partitioning) which prevents the server from learning exact values but still allows it to check if a record satisfies the query predicate. Queries are evaluated in an approximate manner where the returned set of records may contain some false positives. These records then need to be weeded out by the client which comprises the computational overhead of our scheme. We develop a bucketization procedure for answering multidimensional range queries on multidimensional data. For a given bucketization scheme, we derive cost and disclosure-risk metrics that estimate client’s computational overhead and disclosure risk respectively. Given a multidimensional dataset, its bucketization is posed as an optimization problem where the goal is to minimize the risk of disclosure while keeping query cost (client’s computational overhead) below a certain user-specified threshold value. We provide a tunable data bucketization algorithm that allows the data owner to control the trade-off between disclosure risk and cost. We also study the trade-off characteristics through an extensive set of experiments on real and synthetic data.
ISSN:1066-8888
0949-877X
DOI:10.1007/s00778-011-0245-7