Abstract
In this paper, we study the problem of supporting multidimensional range queries on encrypted data. The problem is motivated by secure data outsourcing applications where a client may store his/her data on a remote server in encrypted form and want to execute queries using server’s computational capabilities. The solution approach is to compute a secure indexing tag of the data by applying bucketization (a generic form of data partitioning) which prevents the server from learning exact values but still allows it to check if a record satisfies the query predicate. Queries are evaluated in an approximate manner where the returned set of records may contain some false positives. These records then need to be weeded out by the client which comprises the computational overhead of our scheme. We develop a bucketization procedure for answering multidimensional range queries on multidimensional data. For a given bucketization scheme, we derive cost and disclosure-risk metrics that estimate client’s computational overhead and disclosure risk respectively. Given a multidimensional dataset, its bucketization is posed as an optimization problem where the goal is to minimize the risk of disclosure while keeping query cost (client’s computational overhead) below a certain user-specified threshold value. We provide a tunable data bucketization algorithm that allows the data owner to control the trade-off between disclosure risk and cost. We also study the trade-off characteristics through an extensive set of experiments on real and synthetic data.
Similar content being viewed by others
References
AES: Advanced Encryption Standard. FIPS 197, Computer Security Resource Center, National Institute of Standards and Technology (2001). http://en.wikipedia.org/wiki/Advanced_EncryptionStandard
Aggarwal, G., Bawa, M., Ganesan, P., Garcia-Molina, H., Kenthapadi, K., Srivastava, U., Thomas, D., Xu, Y.: Two can keep a secret: a distributed architecture for secure database services. In: CIDR (2005)
Agrawal, R., Asonov, D., Kantarcioglu, M., Li, Y.: Sovereign joins. In: ICDE (2006)
Agrawal, R., Kiernan, J., Srikant, R., Xu, Y.: Order-preserving encryption for numeric data. In: SIGMOD (2004)
Bayardo, R.J., Agrawal, R.: Data privacy through optimal K-anonymization. In: ICDE (2005)
Boldyreva, A., Chenette, N., Lee, Y., O’Neill, A.: Order-preserving symmetric encryption. In: EUROCRYPT (2009)
Boneh, D., Boyen, X.: Efficient selective-ID secure identity based encryption without random oracles. In: EUROCRYPT (2004)
Boneh, D., Crescenzo, G., Ostrovsky, R., Persiano, G.: Public-key encryption with keyword search. In: EUROCRYPT (2004)
Boneh, D., Waters, B.: Conjunctive, subset, and range queries on encrypted data. In: TCC (2007)
Bouganim, L., Pucheral, P.: Chip-secured data access: confidential data on untrusted servers. In: VLDB (2002)
Brucker, P.: On the complexity of clustering problems. In: Optimizations and Operations Research. Springer (1978)
Capitani di Vimercati, S., Foresti, S., Paraboschi, S., Pelosi, G., Samarati, P.: Efficient and private access to outsourced data. In: ICDCS (2011)
Casella, G., Berger, R.L.: Statistical inference. Duxbury Advanced Series (2001)
Chang, Y., Mitzenmacher, M.: Privacy preserving keyword searches on remote encrypted data. In: ACNS (2005)
Cover T.M., Thomas J.A.: Elements of Information Theory. Wiley, New york (1991)
Damiani, E., Vimercati, S., Jajodia, S., Paraboschi, S., Samarati, P.: Balancing confidentiality and efficiency in untrusted relational DBMSs. In: CCS (2003)
Eavis, T., Lopez, A.: Rk-hist: an r-tree based histogram for multi-dimensional selectivity estimation. In: CIKM (2007)
Gentry, C.: Fully homomorphic encryption using ideal lattices. In: STOC (2009)
Gentry, C.: Computing arbitrary functions of encrypted data. CACM 53(3) (2010)
Goh, E.: Secure Indexes. Unpubished manuscript (2003)
Goldberg D.E.: Genetic Algorithms in Search, Optimization and Machine Learning. Addison-Wesley, Reading (1988)
Goldreich O.: The Foundations of Cryptography, vol. 1. Cambridge University Press, Cambridge (2001)
Hacıgümüş, H., Iyer, B., Li, C., Mehrotra, S.: Executing sql over encrypted data in database service provider model. In: SIGMOD (2002)
Hacıgümüş, H., Iyer, B., Mehrotra, S.: Providing database as a service. In: ICDE (2002)
Hacıgümüş, H., Iyer, B., Mehrotra, S.: Efficient execution of aggregation queries over encrypted relational databases. In: DASFAA (2004)
Hilbert, D.: Ueber die stetige abbildung einer line auf ein flchenstck. In: Mathematische Annalen (1891)
Hore, B., Jammalamadaka, R.C., Mehrotra, S.: Flexible anonymization for privacy preserving data publishing: a systematic search based approach. In: Siam Conference on Data Mining (2007)
Hore, B., Mehrotra, S., Canim, M., Kantarcioglu, M.: Secure Multidimensional Range Queries Over Outsourced Data (extended version). ICS technical report, UCI, http://www.ics.uci.edu/~bhore/papers/range-queries-in-das(journal-extended).pdf
Hore, B., Mehrotra, S., Tsudik, G.: A privacy-preserving index for range queries. In: VLDB (2004)
Jones, D.R., Beltramo, M.A.: Solving partitioning problems with genetic algorithms. In: Proceedings of the 4th International Conference of Genetic Algorithms (1991)
Khanna, S., Muthukrishnan, S., Paterson, M.: On approximating rectangle tiling and packing. In: SODA (1998)
Khanna, S., Muthukrishnan, S., Skiena, S.: Efficient array partitioning. In: ICALP (1997)
LeFevre, K., DeWitt, D., Ramakrishnan, R.: Mondrian multidimensional K-Anonymity. In: ICDE (2006)
Li, J., Omiecinski, E.: Efficiency and security trade-off in supporting range queries on encrypted databases. In: DBSec (2005)
Machanavajjhala, A., Kifer, D., Gehrke, J., Venkitasubramaniam, M.: L-Diversity: privacy beyond K-Anonymity. In: ICDE (2006)
Muthukrishnan, S., Poosala, V., Suel, T.: On rectangular partitionings in two dimensions: algorithms, complexity and applications. In: ICDT (1997)
Muthukrishnan S., Suel T.: Approximation algorithms for array partitioning problems. J. Algorithms 54, 85–104 (2005)
Pinkas, B., Reinman, T.: Oblivious RAM revisited. In: CRYPTO (2010)
Poosala, V., Ioannidis, Y.: Selectivity estimation without attribute value independence assumption. In: VLDB (1997)
Poosala, V., Ioannidis, Y., Haas, P.J., Shekita, E.J.: Improved histograms for selectivity estimation of range predicates. In: SIGMOD (1996)
Samarati, P.: Protecting respondents’ identities in microdata Release. IEEE TKDE 13(6) (2001)
Samet H.: Foundations of Multidimensional and Metric Data Structures. Morgan Kaufmann, San Francisco (2005)
Shi, E., Bethencourt, J., Chan, H.T.-H., Song, D.X., Perrig, A.: Multi-dimensional range query over encrypted data. In: IEEE S&P (2007)
Song, D.X., Wagner, D., Perrig, A.: Practical techniques for searches on encrypted data. In: IEEE S&P (2000)
Sweeney, L.: Achieving K-anonymity privacy protection using generalization and suppression. Int J Uncertain Fuzz Knowl Base Syst (2002)
UCI Machine Learning Repository. http://kdd.ics.uci.edu
Willenborg L., De Waal T.: Statistical Disclosure Control in Practice. Springer, New York (1996)
Williams, P., Sion, R.: Usable PIR. In: NDSS (2008)
Williams, P., Sion, R., Carbunar, B.: Building castles out of mud: practical access pattern privacy and correctness on untrusted storage. In: CCS (2008)
Witten I.H., Frank E.: Data Mining: Practical Machine Learning Tools and Techniques, 2nd edn. Morgan Kaufmann, San Francisco (2005)
Wong, W.K., Cheung, D.W., Kao, B., Mamoulis, N.: Secure kNN computation on encrypted databases. In: SIGMOD (2009)
Xu, J., Fan, J., Ammar, M.H., Moon, S.B.: Prefix-preserving IP address anonymization: measurement-based security evaluation and a new cryptography based scheme. In: ICNP (2002)
Yiu M.L., Ghinita G., Jensen C.S., Kalnis P.: Enabling search services on outsourced private spatial data. VLDB J. 19(3), 363–384 (2010)
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
About this article
Cite this article
Hore, B., Mehrotra, S., Canim, M. et al. Secure multidimensional range queries over outsourced data. The VLDB Journal 21, 333–358 (2012). https://doi.org/10.1007/s00778-011-0245-7
Received:
Revised:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s00778-011-0245-7