面向云数据库服务的隐私字符串加密查询方案
|
摘要
面向云数据库的字符串型隐私信息的加密查询问题,提出了一个有效解决方案。为了确保字符串数据在不可信云数据库中安全性,在客户端,首先对其进行加密并为其构建特征索引。特征索引通过子字段划分、子字段值域分区、分区标识符分配等步骤,能有效地获取字符串的关键特征,而丢弃非关键特征,具有很好的安全性和有效性。然后,数据查询时,方案将定义在隐私字段上的用户查询转换为定义在索引字段上的新查询,使其可以在云数据库上正确执行,而无需解密数据,有效地提高了查询效率。最后,理论分析和实验评估验证了方案的安全性、有效性、高效性和灵活性。
This paper presents an effective scheme for encrypting and querying private character sequences in Cloud DB.To ensure the security of character sequences in the untrusted Cloud DB, the scheme would encrypt the private data in a client-side, and then construct feature index for them. The feature index is constructed based on such steps as subfield partition, subfield domain partition and partition identified assignment, which can capture the key feature information of character sequences and discard non-key feature information, thus has good security and effectiveness. When querying data, the query operations over the private fields would be translated into the new query operations over the corresponding index fields, making them able to be executed correctly over the Cloud DB, without the need to decrypt the data, consequently improving the query efficiency. Finally, both theoretical analysis and experimental evaluation validate the security,effectiveness, efficiency and flexibility of the proposed scheme.
This paper presents an effective scheme for encrypting and querying private character sequences in Cloud DB.To ensure the security of character sequences in the untrusted Cloud DB, the scheme would encrypt the private data in a client-side, and then construct feature index for them. The feature index is constructed based on such steps as subfield partition, subfield domain partition and partition identified assignment, which can capture the key feature information of character sequences and discard non-key feature information, thus has good security and effectiveness. When querying data, the query operations over the private fields would be translated into the new query operations over the corresponding index fields, making them able to be executed correctly over the Cloud DB, without the need to decrypt the data, consequently improving the query efficiency. Finally, both theoretical analysis and experimental evaluation validate the security,effectiveness, efficiency and flexibility of the proposed scheme.
引文
[1]束柬,梁昌勇,陆文星,等.基于云的企业管理信息系统再造研究综述[J].情报学报,2015(5):549-560.
[2]王柠,刘国华,赵春红,等.一种适用于外包数据库的综合密文索引技术[J].小型微型计算机系统,2010(9).
[3]Bharath K,Samanthual,Wei Jiang.Efficient privacy-preserving range queries over encrypted data in cloud computing[C]//2013 IEEE Sixth International Conference on Cloud Computing,2013.
[4]Zhang Wei,Lin Yaping,Xiao Sheng,et al.Privacy preserving ranked multi-keyword search for multiple data owners in cloud computing[J].IEEE Transactions on Computers,2016,65(5):1566-1577.
[5]崔宾阁,刘大昕,王桐.支持快速查询的数据库加密方法的研究[J].计算机科学,2006,33(6):115-118.
[6]Li J,Wang Q,Wang C,et al.Fuzzy keyword search over encrypted data in cloud computing[C]//Proc of the 31st Conference on Computer Communications.New York:ACM Press,2012:1-5.
[7]Domingo F J.A new privacy homomorphism and applications[J].Information Processing Letters,1996,60(5):277-282.
[8]Chung S S,Ozsoyoglu G.Anti-tamper databases:Processing aggregate queries over encrypted databases[C]//Proc of the 22nd International Conference on Data Engineering Workshops.Atlanta,GA,USA:IEEE Computer Society,2006.
[9]Wu Z,Xu G,Zong Y,et al.Executing SQL queries over encrypted character strings in the database-as-service model[J].Knowledge-Based Systems,2012,35:332-348.
[10]Wang Z,Dai J,Wang W,et al.Fast query over encrypted character data in database[J].Communications in Information and Systems,2004,4(4):289-300.
[11]俞志斌,周彦晖.基于关键字的云加密数据索引保护检索[J].计算机科学,2015,42(6A):365-369.
[12]Fu Zhangjie,Sun Xingming,Xia Zhihua,et al.Multi-keyword ranked search supporting synonym query over encrypted data in cloud computing[C]//Performance Computing and Communications Conference(IPCCC),2013:1-8.
[13]Xu Zhiyong,Kang Wansheng,Li Ruixuan,et al.Efficient multi-keyword ranked query on encrypted data in the cloud[C]//2012 IEEE 18th International Conference on Parallel and Distributed Systems(ICPADS),2012:244-251.
[14]Cao Ning,Wang Cong,Li Ming,et al.Privacy-preserving multi-keyword ranked serach over encrypted cloud data[J].IEEE Transactions on Parallel and Distributed Systems,2014,25(1):222-233.
[15]卢成浪,刘明雍,吴宗大,等.针对网络信息系统的个人隐私保护方案[J].小型微型计算机系统,2015,36(6):1291-1295.
[2]王柠,刘国华,赵春红,等.一种适用于外包数据库的综合密文索引技术[J].小型微型计算机系统,2010(9).
[3]Bharath K,Samanthual,Wei Jiang.Efficient privacy-preserving range queries over encrypted data in cloud computing[C]//2013 IEEE Sixth International Conference on Cloud Computing,2013.
[4]Zhang Wei,Lin Yaping,Xiao Sheng,et al.Privacy preserving ranked multi-keyword search for multiple data owners in cloud computing[J].IEEE Transactions on Computers,2016,65(5):1566-1577.
[5]崔宾阁,刘大昕,王桐.支持快速查询的数据库加密方法的研究[J].计算机科学,2006,33(6):115-118.
[6]Li J,Wang Q,Wang C,et al.Fuzzy keyword search over encrypted data in cloud computing[C]//Proc of the 31st Conference on Computer Communications.New York:ACM Press,2012:1-5.
[7]Domingo F J.A new privacy homomorphism and applications[J].Information Processing Letters,1996,60(5):277-282.
[8]Chung S S,Ozsoyoglu G.Anti-tamper databases:Processing aggregate queries over encrypted databases[C]//Proc of the 22nd International Conference on Data Engineering Workshops.Atlanta,GA,USA:IEEE Computer Society,2006.
[9]Wu Z,Xu G,Zong Y,et al.Executing SQL queries over encrypted character strings in the database-as-service model[J].Knowledge-Based Systems,2012,35:332-348.
[10]Wang Z,Dai J,Wang W,et al.Fast query over encrypted character data in database[J].Communications in Information and Systems,2004,4(4):289-300.
[11]俞志斌,周彦晖.基于关键字的云加密数据索引保护检索[J].计算机科学,2015,42(6A):365-369.
[12]Fu Zhangjie,Sun Xingming,Xia Zhihua,et al.Multi-keyword ranked search supporting synonym query over encrypted data in cloud computing[C]//Performance Computing and Communications Conference(IPCCC),2013:1-8.
[13]Xu Zhiyong,Kang Wansheng,Li Ruixuan,et al.Efficient multi-keyword ranked query on encrypted data in the cloud[C]//2012 IEEE 18th International Conference on Parallel and Distributed Systems(ICPADS),2012:244-251.
[14]Cao Ning,Wang Cong,Li Ming,et al.Privacy-preserving multi-keyword ranked serach over encrypted cloud data[J].IEEE Transactions on Parallel and Distributed Systems,2014,25(1):222-233.
[15]卢成浪,刘明雍,吴宗大,等.针对网络信息系统的个人隐私保护方案[J].小型微型计算机系统,2015,36(6):1291-1295.