Researchers have been studying security challenges of database outsourcing for almost a decade. Privacy of outsourced data is one of the main challenges when the “Database As a Service” model is adopted in the service oriented trend of the cloud computing paradigm. This is due to the insecurity of the network environment or even the untrustworthiness of the service providers. This paper proposes a method to preserve privacy of outsourced data based on Shamir’s secret sharing scheme. We split attribute values into several parts and distribute them among untrusted servers. The problem of using secret sharing in data outsourcing scenario is how to search efficiently within the randomly generated pool of shares. In this paper, at first, we customize Shamir’s scheme to have A Searchable Secret Sharing Scheme (AS4) that enables the efficient execution of different kinds of queries over distributed shares. Then, we extend our method for sharing values to A Secure Searchable Secret Sharing Scheme (AS5) to tolerate statistical attacks based on adversary’s knowledge about outsourced data distribution. In AS5 data shares are generated uniformly across a domain to prevent information leakage about the outsourced data.
AS5 : a secure searchable secret sharing scheme for privacy preserving database outsourcing / M.A. Hadavi, E. Damiani, R. Jalili, S. Cimato, Z. Ganjei - In: Data privacy management and autonomous spontaneous security : 7th International Workshop, DPM 2012, and 5th International Workshop, SETOP 2012 : Pisa, Italy, september 13-14, 2012 : revised selected papers / [a cura di] R. Di Pietro, J. Herranz, E. Damiani, R. State. - Berlin : Springer, 2013. - ISBN 9783642358890. - pp. 201-216 (( Intervento presentato al 7. convegno International Workshop DPM and International Workshop SETOP tenutosi a Pisa, Italy nel 2012.
|Titolo:||AS5 : a secure searchable secret sharing scheme for privacy preserving database outsourcing|
DAMIANI, ERNESTO (Secondo)
CIMATO, STELVIO (Penultimo)
|Parole Chiave:||data confidentiality; query processing; secret sharing; Secure database outsourcing|
|Settore Scientifico Disciplinare:||Settore INF/01 - Informatica|
|Data di pubblicazione:||2013|
|Digital Object Identifier (DOI):||http://dx.doi.org/10.1007/978-3-642-35890-6_15|
|Tipologia:||Book Part (author)|
|Appare nelle tipologie:||03 - Contributo in volume|