Database outsourcing is becoming increasingly popular introducing a new paradigm, called database-as-a-service, where an encrypted client's database is stored at an external service provider. Existing proposals for querying encrypted databases are based on the association, with each encrypted tuple, of additional indexing information obtained from the plaintext values of attributes that can be used in the queries. However, the relationship between indexes and data should not open the door to inference and linking attacks that can compromise the protection granted by encryption. In this paper, we present a simple yet robust indexing technique and investigate quantitative measures to model inference exposure. We present different techniques to compute an aggregate measure from the infer- ence exposure associated with each single index. Our approach can take into account the importance of plaintext attributes associated with indexes and/or can allow the user to weight the inference exposure values supplied in relation to their relative ordering.
Measuring inference exposure in outsourced encrypted databases / E. Damiani, S. De Capitani di Vimercati, S. Foresti, P. Samarati, M. Viviani (ADVANCES IN INFORMATION SECURITY). - In: Quality of protection : security measurements and metrics / [a cura di] D. Gollmann, F. Massacci, A. Yautsiukhin. - [s.l] : Springer, 2005. - ISBN 0387290168. - pp. 185-195 (( Intervento presentato al 1. convegno Workshop on Quality of Protection tenutosi a Milano nel 2005.
Measuring inference exposure in outsourced encrypted databases
E. DamianiPrimo
;S. De Capitani di VimercatiSecondo
;S. Foresti;P. SamaratiPenultimo
;M. VivianiUltimo
2005
Abstract
Database outsourcing is becoming increasingly popular introducing a new paradigm, called database-as-a-service, where an encrypted client's database is stored at an external service provider. Existing proposals for querying encrypted databases are based on the association, with each encrypted tuple, of additional indexing information obtained from the plaintext values of attributes that can be used in the queries. However, the relationship between indexes and data should not open the door to inference and linking attacks that can compromise the protection granted by encryption. In this paper, we present a simple yet robust indexing technique and investigate quantitative measures to model inference exposure. We present different techniques to compute an aggregate measure from the infer- ence exposure associated with each single index. Our approach can take into account the importance of plaintext attributes associated with indexes and/or can allow the user to weight the inference exposure values supplied in relation to their relative ordering.
| File | Dimensione | Formato | |
|---|---|---|---|
|
10.1007%2F978-0-387-36584-8.pdf
accesso riservato
Tipologia:
Publisher's version/PDF
Dimensione
12.36 MB
Formato
Adobe PDF
|
12.36 MB | Adobe PDF | Visualizza/Apri Richiedi una copia |
Pubblicazioni consigliate
I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.
