scholarly journals A Novel Secure Scheme for Supporting Complex SQL Queries over Encrypted Databases in Cloud Computing

2018 ◽  
Vol 2018 ◽  
pp. 1-15
Author(s):  
Guoxiu Liu ◽  
Geng Yang ◽  
Huaqun Wang ◽  
Yang Xiang ◽  
Hua Dai

With the advance of database-as-a-service (DaaS) and cloud computing, increasingly more data owners are motivated to outsource their data to cloud database for great convenience and economic savings. Many encryption schemes have been proposed to process SQL queries over encrypted data in the database. In order to obtain the desired data, the SQL queries contain some statements to describe the requirement, e.g., arithmetic and comparison operators (+, -, ×, <, >, and =). However, to support different operators (+, -, ×, <, >, and =) in SQL queries over encrypted data, multiple encryption schemes need to be combined and adjusted to work together. Moreover, repeated encryptions will reduce the efficiency of execution. This paper presents a practical and secure homomorphic order-preserving encryption (FHOPE) scheme, which allows cloud server to perform complex SQL queries that contain different operators (such as addition, multiplication, order comparison, and equality checks) over encrypted data without repeated encryption. These operators are data interoperable, so they can be combined to formulate complex SQL queries. We conduct security analysis and efficiency evaluation of the proposed scheme FHOPE. The experiment results show that, compared with the existing approaches, the FHOPE scheme incurs less overhead on computation and communication. It is suitable for large batch complex SQL queries over encrypted data in cloud environment.

2013 ◽  
Vol 10 (2) ◽  
pp. 667-684 ◽  
Author(s):  
Jianfeng Wang ◽  
Hua Ma ◽  
Qiang Tang ◽  
Jin Li ◽  
Hui Zhu ◽  
...  

As cloud computing becomes prevalent, more and more sensitive data is being centralized into the cloud by users. To maintain the confidentiality of sensitive user data against untrusted servers, the data should be encrypted before they are uploaded. However, this raises a new challenge for performing search over the encrypted data efficiently. Although the existing searchable encryption schemes allow a user to search the encrypted data with confidentiality, these solutions cannot support the verifiability of searching result. We argue that a cloud server may be selfish in order to save its computation ability or bandwidth. For example, it may execute only a fraction of the search and returns part of the searching result. In this paper, we propose a new verifiable fuzzy keyword search scheme based on the symbol-tree which not only supports the fuzzy keyword search, but also enjoys the verifiability of the searching result. Through rigorous security and efficiency analysis, we show that our proposed scheme is secure under the proposed model, while correctly and efficiently realizing the verifiable fuzzy keyword search. The extensive experimental results demonstrate the efficiency of the proposed scheme.


Author(s):  
Ahmed El-Yahyaoui ◽  
Mohamed Daifr Ech-Cherif El Kettani

Fully homomorphic encryption schemes (FHE) are a type of encryption algorithm dedicated to data security in cloud computing. It allows for performing computations over ciphertext. In addition to this characteristic, a verifiable FHE scheme has the capacity to allow an end user to verify the correctness of the computations done by a cloud server on his encrypted data. Since FHE schemes are known to be greedy in term of processing consumption and slow in terms of runtime execution, it is very useful to look for improvement techniques and tools to improve FHE performance. Parallelizing computations is among the best tools one can use for FHE improvement. Batching is a kind of parallelization of computations when applied to an FHE scheme, it gives it the capacity of encrypting and homomorphically processing a vector of plaintexts as a single ciphertext. This is used in the context of cloud computing to perform a known function on several ciphertexts for multiple clients at the same time. The advantage here is in optimizing resources on the cloud side and improving the quality of services provided by the cloud computing. In this article, the authors will present a detailed survey of different FHE improvement techniques in the literature and apply the batching technique to a promising verifiable FHE (VFHE) recently presented by the authors at the WINCOM17 conference.


2019 ◽  
Vol 8 (2) ◽  
pp. 5333-5342

In cloud computing, user database is stored at remote site instead of user computer’s hard disk where the connection between remote site and user computer is provided by internet connection. As cloud computing essentially places data outside the custody of owner of data, it inexorably hosts security disputes. The distance among the physical and the client location of data generates a barrier as the data can be accessed by an unauthorized party and this would influence the solitude of client’s data. The utilization of traditional encryption systems to encrypt the data prior to transmitting to the cloud provider has been most extensively utilized technique to link this security gap. Be that as it may, the customer will require offering the private key to the server to unscramble the information in front of playing out the figuring’s fundamental. Homomorphic encryption techniques permits computations on encrypted data devoid of decryption. This paper deals with the utilization of Fully Mature Homomorphic Encryption (FMHE) to encode the client’s data on cloud server and as well it facilitates to perform required computations on the encrypted data


Author(s):  
Ahmed El-Yahyaoui ◽  
Mohamed Daifr Ech-Cherif El Kettani

Fully homomorphic encryption schemes (FHE) are a type of encryption algorithm dedicated to data security in cloud computing. It allows for performing computations over ciphertext. In addition to this characteristic, a verifiable FHE scheme has the capacity to allow an end user to verify the correctness of the computations done by a cloud server on his encrypted data. Since FHE schemes are known to be greedy in term of processing consumption and slow in terms of runtime execution, it is very useful to look for improvement techniques and tools to improve FHE performance. Parallelizing computations is among the best tools one can use for FHE improvement. Batching is a kind of parallelization of computations when applied to an FHE scheme, it gives it the capacity of encrypting and homomorphically processing a vector of plaintexts as a single ciphertext. This is used in the context of cloud computing to perform a known function on several ciphertexts for multiple clients at the same time. The advantage here is in optimizing resources on the cloud side and improving the quality of services provided by the cloud computing. In this article, the authors will present a detailed survey of different FHE improvement techniques in the literature and apply the batching technique to a promising verifiable FHE (VFHE) recently presented by the authors at the WINCOM17 conference.


2018 ◽  
Vol 2018 ◽  
pp. 1-7 ◽  
Author(s):  
Run Xie ◽  
Chanlian He ◽  
Dongqing Xie ◽  
Chongzhi Gao ◽  
Xiaojun Zhang

With the advent of cloud computing, data privacy has become one of critical security issues and attracted much attention as more and more mobile devices are relying on the services in cloud. To protect data privacy, users usually encrypt their sensitive data before uploading to cloud servers, which renders the data utilization to be difficult. The ciphertext retrieval is able to realize utilization over encrypted data and searchable public key encryption is an effective way in the construction of encrypted data retrieval. However, the previous related works have not paid much attention to the design of ciphertext retrieval schemes that are secure against inside keyword-guessing attacks (KGAs). In this paper, we first construct a new architecture to resist inside KGAs. Moreover we present an efficient ciphertext retrieval instance with a designated tester (dCRKS) based on the architecture. This instance is secure under the inside KGAs. Finally, security analysis and efficiency comparison show that the proposal is effective for the retrieval of encrypted data in cloud computing.


2019 ◽  
Vol 37 (6) ◽  
pp. 970-983 ◽  
Author(s):  
Zongda Wu ◽  
Jian Xie ◽  
Xinze Lian ◽  
Jun Pan

Purpose The security of archival privacy data in the cloud has become the main obstacle to the application of cloud computing in archives management. To this end, aiming at XML archives, this paper aims to present a privacy protection approach that can ensure the security of privacy data in the untrusted cloud, without compromising the system availability. Design/methodology/approach The basic idea of the approach is as follows. First, the privacy data before being submitted to the cloud should be strictly encrypted on a trusted client to ensure the security. Then, to query the encrypted data efficiently, the approach constructs some key feature data for the encrypted data, so that each XML query defined on the privacy data can be executed correctly in the cloud. Findings Finally, both theoretical analysis and experimental evaluation demonstrate the overall performance of the approach in terms of security, efficiency and accuracy. Originality/value This paper presents a valuable study attempting to protect privacy for the management of XML archives in a cloud environment, so it has a positive significance to promote the application of cloud computing in a digital archive system.


Author(s):  
Zeeshan Sharief

Searchable encryption allows a cloud server to conduct keyword search over encrypted data on behalf of the data users without learning the underlying plaintexts. However, most existing searchable encryption schemes only support single or conjunctive keyword search, while a few other schemes that can perform expressive keyword search are computationally inefficient since they are built from bilinear pairings over the composite-order groups. In this paper, we propose an expressive public-key searchable encryption scheme in the prime-order groups, which allows keyword search policies i.e., predicates, access structures to be expressed in conjunctive, disjunctive or any monotonic Boolean formulas and achieves significant performance improvement over existing schemes. We formally define its security and prove that it is selectively secure in the standard model. Also, we implement the proposed scheme using a rapid prototyping tool called Charm and conduct several experiments to evaluate it performance. The results demonstrate that our scheme is much more efficient than the ones built over the composite-order groups. INDEX TERMS - Searchable encryption, cloud computing, expressiveness, attribute-based encryption


The challenging task is protecting the data which are uploaded to the cloud becomes bigger worries in a cloud environment system. In this type of security is needed for monitoring of data access in a cloud environment and is getting more and more attention in recent days. Few strategies which can be afford for top-secret and an unknown authentication for delicate information and it is more efficient than doing the encrypting data first and then sign or doing the sign first then encrypting the data. However, in so many previous work, delicate information of data users can be reveal to authority, and only the authority is responsible to answer to that type of attribute management and generation of key in the system. The proposed system states that confidentiality and protective of data access control over the cipher text scheme based on cloud security. It is provide a control measure, attribute confidentiality and guard the data’s of user concurrently in a multiple authority cloud system. Both the attributes of designcryptor and signcryptor can be kept secret by not knowing to the authorities and cloud storage server. Besides, decryption in the clouds for users as becomes meaningfully reduced by outsourcing the unwanted bilinear pairing process to the cloud server without humiliating the attribute privacy. The planned scheme is confirmed for protecting the standard model and has the skill to provide top secret, unforged, unknown authentication, and verifiability of public. The security analysis which are relating to comparison of difficulty and results of execution will indicate that the proposed system has the capacity to balance the security issues with respect to computation in hypothetical efficiency.


2019 ◽  
Vol 16 (8) ◽  
pp. 3237-3241 ◽  
Author(s):  
K. E. Gnanesh ◽  
T. Dheeraj Bhavan Narayana ◽  
M. D. Kamalesh

Cloud computing is a well-known innovation which licenses putting away and getting to information over Internet as opposed to putting away it on nearby machines’ hard drive. Cloud clients can empower to store their information on cloud with no nervousness about its exactness and dependability. Anyway putting away information on cloud forces certain security challenges. Redistributing information in cloud result may lose physical authority over their information. Putting away and recovering such a lot of information devours part of time as information in the cloud should be constantly put away in encoded arrangement while putting away and should be decoded while looking. There are various recommendations for executing questions over encoded information. This actualizes the customer to scramble information before re-appropriating it to the cloud in a database conspire. To stay away from this monstrous utilization of time, information looking rate can be expanded by straightforwardly seeking over scrambled information in the cloud. There are numerous techniques utilized for looking through the encoded information over cloud. In catchphrase based hunt plans overlook the semantic portrayal data of clients recovery, and can’t totally meet with clients seek goal. In this paper, propose ECSED, a novel semantic inquiry plot dependent on the idea chain of importance and the semantic connection between ideas in the scrambled datasets. ECSED utilizes two cloud servers. One cloud server is utilized to store the reCloud datasets and restore the positioned outcomes to information clients. The other cloud server is utilized to figure the comparability scores between the archives and the question and send the scores to the principal server. To additionally enhance the hunt proficiency, framework uses a tree-based file structure to sort out all the archive list vectors. At that point utilize the multi watchword positioned hunt over scrambled cloud information as our essential casing to propose two secure plans.


To enhance the potency of knowledge looking out, most knowledge house owners store their knowledge files in numerous cloud servers within the kind of ciphertext. Thus, economical search victimization fuzzy keywords become a vital issue in such a cloud computing atmosphere. Searchable cryptography will support knowledge user to select and retrieve the cipher documents over encrypted cloud knowledge by keyword-based search. Most of the prevailing searchable encryption schemes solely specialize in the precise keyword search. When knowledge user makes writing system errors, these schemes fail to come to the results of interest. In searchable encryption, the cloud server may come to the invalid result to knowledge user for saving the computation price or alternative reasons. Therefore, these precise keyword search schemes notice very little sensible significance in real-world applications. So as to deal with these problems, we tend to propose unique verifiable fuzzy keyword search theme over encrypted cloud knowledge. We tend to propose a verifiable precise keyword search theme which extend this theme to the fuzzy keyword search theme. Here we tend to thus propose a system for fuzzy keyword sets rather than precise word search. This will help us drastically to reduce the costs and it also allows to have multi-users using the system simultaneously.


Sign in / Sign up

Export Citation Format

Share Document