ESPOONERBAC: Enforcing security policies in outsourced environments

Asghar, Muhammad Rizwan; Ion, Mihaela; Russello, Giovanni; Crispo, Bruno

doi:10.1016/j.cose.2012.11.010

Cited by 10 publications

(1 citation statement)

References 29 publications

(42 reference statements)

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The complex queries with multiple predicates can be performed by issuing multiple simple queries and combing their results on the user side. To support range queries, the technique used in [40] can be adopted.…”

Section: B Select Querymentioning

confidence: 99%

Privacy-preserving Dynamic Symmetric Searchable Encryption with Controllable Leakage

Cui

Song

Asghar

et al. 2021

ACM Trans. Priv. Secur.

Self Cite

View full text Add to dashboard Cite

Searchable Encryption (SE) is a technique that allows Cloud Service Providers to search over encrypted datasets without learning the content of queries and records. In recent years, many SE schemes have been proposed to protect outsourced data. However, most of them leak sensitive information, from which attackers could still infer the content of queries and records by mounting leakage-based inference attacks, such as the count attack and file-injection attack . In this work, first we define the leakage in searchable encrypted databases and analyse how the leakage is leveraged in existing leakage-based attacks. Second, we propose a <underline>P</underline>rivacy-preserving <underline>M</underline>ulti-<underline>c</underline>loud based dynamic symmetric SE scheme for relational <underline>D</underline>ata<underline>b</underline>ase ( P-McDb ). P-McDb has minimal leakage, which not only ensures confidentiality of queries and records but also protects the search, intersection, and size patterns. Moreover, P-McDb ensures both forward and backward privacy of the database. Thus, P-McDb could resist existing leakage-based attacks, e.g., active file/record-injection attacks. We give security definition and analysis to show how P-McDb hides the aforementioned patterns. Finally, we implemented a prototype of P-McDb and tested it using the TPC-H benchmark dataset. Our evaluation results show that users can get the required records in 2.16 s when searching over 4.1 million records.

show abstract

Section: B Select Querymentioning

confidence: 99%