Abstract

•Download as DOCX, PDF•

1 like•285 views

Migrant Systems

Abstract:
Users of databases that are hosted on shared servers cannot take for granted that their
queries will not be disclosed to unauthorized parties. Even if the database is encrypted, an
adversary who is monitoring the I/O activity on the server may still be able to infer some
information about a user query. For the particular case of a B+
-tree that has its nodes encrypted,
we identify properties that enable the ordering among the leaf nodes to be deduced. These
properties allow us to construct adversarial algorithms to recover the B+
-tree structure from the
I/O traces generated by range queries. Combining this structure with knowledge of the key
distribution (or the plaintext database itself), the adversary can infer the selection range of user
queries. To counter the threat, we propose a privacy-enhancing PB+
-tree index which ensures
that there is high uncertainty about what data the user has worked on, even to a knowledgeable
adversary who has observed numerous query executions. The core idea in PB+
-tree is to conceal
the order of the leaf nodes in an encrypted B+-tree. In particular, it groups the nodes of the
tree into buckets, and employs homomorphic encryption techniques to prevent the adversary
from pinpointing the exact nodes retrieved by range queries. PB+
-tree can be tuned to balance
its privacy strength with the computational and I/O overheads incurred. Moreover, it can be
adapted to protect access privacy in cases where the attacker additionally knows a priori
the access frequencies of key values. Experiments demonstrate that PB+
-tree effectively impairs
the adversary's ability to recover the B+
-tree structure and deduce the query ranges in all
considered scenarios.

What's hot

Data Mining: Key definitions

DataminingTools Inc

Web Mining & Text Mining

Hemant Sharma

Utility privacy tradeoff in databases an information-theoretic approach

IEEEFINALYEARPROJECTS

Data Mining: Text and web mining

DataminingTools Inc

Data Mining

Unstructured content represents more than 80% of information assets of an enterprise. A triple is a way of encoding information about objects and enables computer to access, mesh, and take action on information. Triples make claims about objects and may be published in knowledge bases accessed by parties that have no particular knowledge of each other. Based an award-winning natural language processing pipeline that analyzes the content, Luxid® extracts information about of the organization’s entities of interests and their relationships to derive precise and relevant triples in 20 languages.

scopeKM: Text analysis with Triples

scopeKM GmbH Knowledge Management

M privacy for collaborative data publishing

IEEEFINALYEARPROJECTS

Gaurav web mining

Gaurav Uniyal

Data Mining: Graph mining and social network analysis

DataminingTools Inc

Data mining introduction

Basma Gamal

M privacy for collaborative data publishing

JPINFOTECH JAYAPRAKASH

=> Data Mining Services We are a full service data mining company. We handle projects both large and small, with the help of competent staff which is able to address any of the data mining needs of your company. - Web Data Mining - Social Media Data Mining - SQL Data Mining - Image Data Mining - Excel Data Mining - Word Data Mining - PDF Data Mining - Open Source Data Mining Website: http://datacleaningservices.com/

Data mining services

RashmiS08

Research Topics in Data Mining

Phdtopiccom

Data mining and privacy preserving in data mining

Needa Multani

K nearest neighbor classification over semantically secure encrypted relation...

ieeepondy

Privacy preserving in data mining with hybrid approach

Narendra Dhadhal

Information Retrieval

Vincent Sabroso

Big Data Patents Data 3Q 2016

Alex G. Lee, Ph.D. Esq. CLP

K-NEAREST NEIGHBOR CLASSIFICATION OVER SEMANTICALLY SECURE ENCRYPTED RELATION...

I3E Technologies

What's hot (19)

Data Mining: Key definitions

Web Mining & Text Mining

Utility privacy tradeoff in databases an information-theoretic approach

Data Mining: Text and web mining

Data Mining

scopeKM: Text analysis with Triples

M privacy for collaborative data publishing

Gaurav web mining

Data Mining: Graph mining and social network analysis

Data mining introduction

M privacy for collaborative data publishing

Data mining services

Research Topics in Data Mining

Data mining and privacy preserving in data mining

K nearest neighbor classification over semantically secure encrypted relation...

Privacy preserving in data mining with hybrid approach

Information Retrieval

Big Data Patents Data 3Q 2016

K-NEAREST NEIGHBOR CLASSIFICATION OVER SEMANTICALLY SECURE ENCRYPTED RELATION...

Viewers also liked

Research (specific tools)

Squalicum High School

Eclipse democamp2012 broerkens_requirementsmanagementwitheclipse

Mark Brörkens

Ap ch 16

Squalicum High School

Google and beyond

Squalicum High School

[福井]Amimoto ハンズオン

Hiromichi Koga

[四国クラウドお遍路2014]小さな会社のゲームチェンジ

Hiromichi Koga

[沖縄レキサスセミナー]小さな会社のゲームチェンジ

Hiromichi Koga

m-Privacy for Collaborative Data Publishing

Migrant Systems

Secure Mining of Association Rules in Horizontally Distributed Databases

Migrant Systems

NICE: Network Intrusion Detection and Countermeasure Selection in Virtual Net...

Migrant Systems

Viewers also liked (10)

Research (specific tools)

Eclipse democamp2012 broerkens_requirementsmanagementwitheclipse

Ap ch 16

Google and beyond

[福井]Amimoto ハンズオン

[四国クラウドお遍路2014]小さな会社のゲームチェンジ

[沖縄レキサスセミナー]小さな会社のゲームチェンジ

m-Privacy for Collaborative Data Publishing

Secure Mining of Association Rules in Horizontally Distributed Databases

NICE: Network Intrusion Detection and Countermeasure Selection in Virtual Net...

Similar to Abstract

Enhancing access privacy of range retrievals over b+trees

Migrant Systems

A Survey on Access Control Scheme for Data in Cloud with Anonymous Authentica...

IRJET Journal

A Survey on Cross-License Cloud Storage Environment of Revelatory, Proficient...

IRJET Journal

Protecting Global Records Sharing with Identity Based Access Control List

Editor IJCATR

Generally, the information is stored in the database. Protecting sensitive information are encrypted before outsourcing to a service provider. We send the request to service provider through SQL queries. The query expressiveness is limited by means of any software-based cryptographical constructs then deployed, for server-side query working on the encrypted data.Data sharing in the service provider is emerging as a promising technique for allowing users to access data. The growing number of customers who stores their data in service provider is increasingly challenging users’ privacy and the security of data. The TrustedDB an outsourced database prototype that allows clients to execute SQL queries with privacy and under regulatory compliance constraints by leveraging server-hosted. Tamper-proof believed hardware in crucial query processing levels, thereby removing any limits on the type of supported queries. It focuses on providing a dependable and secure data sharing service that allows users dynamic access to their information. TrustedDB is constructed and runs on hardware, and its performance and costs are evaluated here.

Protecting Global Records Sharing with Identity Based Access Control List

Editor IJCATR

Cloud storage services have become increasingly popular. Because of the importance of privacy, many cloud storage encryption schemes have been proposed to protect data from those who do not have access. All such schemes assumed that cloud storage providers are safe and cannot be hacked; however, in practice, some authorities (i.e., coercers) may force cloud storage providers to reveal user secrets or confidential data on the cloud, thus altogether circumventing storage encryption schemes. In this paper, we present our design for a new cloud storage encryption scheme that enables cloud storage providers to create convincing fake user secrets to protect user privacy. Since coercers cannot tell if obtained secrets are true or not, the cloud storage providers ensure that user privacy is still securely protected. Most of the proposed schemes assume cloud storage service providers or trusted third parties handling key management are trusted and cannot be hacked; however, in practice, some entities may intercept communications between users and cloud storage providers and then compel storage providers to release user secrets by using government power or other means. In this case, encrypted data are assumed to be known and storage providers are requested to release user secrets.

Audit free cloud storage via deniable attribute based encryption

Kamal Spring

Enforcing secure and privacy preserving information brokering in distributed ...

JPINFOTECH JAYAPRAKASH

IRJET- A Review Paper on an Efficient File Hierarchy Attribute Based Encr...

IRJET Journal

A Personal Privacy Data Protection Scheme for Encryption and Revocation of High-Dimensional Attri Shakas Technologies ( Galaxy of Knowledge) #11/A 2nd East Main Road, Gandhi Nagar, Vellore - 632006. Mobile : +91-9500218218 / 8220150373| land line- 0416- 3552723 Shakas Training & Development | Shakas Sales & Services | Shakas Educational Trust|IEEE projects | Research & Development | Journal Publication | Email : info@shakastech.com | shakastech@gmail.com | website: www.shakastech.com Facebook: https://www.facebook.com/pages/Shakas-Technologies

A Personal Privacy Data Protection Scheme for Encryption and Revocation of Hi...

Shakas Technologies

Secure data retrieval for decentralized disruption tolerant military networks

IGEEKS TECHNOLOGIES

IRJET- An Efficient Ranked Multi-Keyword Search for Multiple Data Owners Over...

IRJET Journal

JAVA 2013 IEEE NETWORKSECURITY PROJECT Utility privacy tradeoff in databases ...

IEEEGLOBALSOFTTECHNOLOGIES

Firewall architectures

Arun Mahajan

IRJET - Identifying Information Relocate with Reliable Estimation and Sec...

IRJET Journal

Mobile nodes in military environments such as a battlefield or a hostile region are likely to suffer from intermittent network connectivity and frequent partitions. Disruption-tolerant network (DTN) technologies are becoming successful solutions that allow wireless devices carried by soldiers to communicate with each other and access the confidential information or command reliably by exploiting external storage nodes. However, the problem of applying CP-ABE in decentralized DTNs introduces several security and privacy challenges with regard to the attribute revocation, key escrow, and coordination of attributes issued from different authorities. In this paper, we propose a secure data retrieval scheme using CP-ABE for decentralized DTNs where multiple key authorities manage their attributes independently. We demonstrate how to apply the proposed mechanism to securely and efficiently manage the confidential data distributed in the disruption-tolerant military network. Since some users may change their associated attributes at some point (for example, moving their region), or some private keys might be compromised, key revocation (or update) for each attribute is necessary in order to make systems secure. This implies that revocation of any attribute or any single user in an attribute group would affect the other users in the group. It may result in bottleneck during rekeying procedure, or security degradation due to the windows of vulnerability if the previous attribute key is not updated immediately.

Authentic Data Access Scheme for Variant Disruption- Tolerant Networks

Editor IJCATR

Attribute-based Encryption is observed as a promising cryptographic leading tool to assurance data owners’ direct regulator over their data in public cloud storage. The former ABE schemes include only one authority to maintain the whole attribute set, which can carry a single-point bottleneck on both security and performance. Then, certain multi-authority schemes are planned, in which numerous authorities distinctly maintain split attribute subsets. However, the single-point bottleneck problem remains unsolved. In this survey paper, from another perspective, we conduct a threshold multi-authority CP-ABE access control scheme for public cloud storage, named TMACS, in which multiple authorities jointly manage a uniform attribute set. In TMACS, taking advantage of (t, n) threshold secret allocation, the master key can be shared among multiple authorities, and a lawful user can generate his/her secret key by interacting with any t authorities. Security and performance analysis results show that TMACS is not only verifiable secure when less than t authorities are compromised, but also robust when no less than t authorities are alive in the system. Also, by efficiently combining the traditional multi-authority scheme with TMACS, we construct a hybrid one, which satisfies the scenario of attributes coming from different authorities as well as achieving security and system-level robustness.

A robust and verifiable threshold multi authority access control system in pu...

IJARIIT

Data Access Control Schemes in Cloud Computing: A Review

IRJET Journal

The infrastructure cloud (IaaS) service model offers improved resource flexibility and availability, where tenants – insulated from the minutiae of hardware maintenance – rent computing resources to deploy and operate complex systems. Large-scale services running on IaaS platforms demonstrate the viability of this model; nevertheless, many organizations operating on sensitive data avoid migrating operations to IaaS platforms due to security concerns. In this paper, we describe a framework for data and operation security in IaaS, consisting of protocols for a trusted launch of virtual machines and domain-based storage protection. We continue with an extensive theoretical analysis with proofs about protocol resistance against attacks in the defined threat model. The protocols allow trust to be established by remotely attesting host platform configuration prior to launching guest virtual machines and ensure confidentiality of data in remote storage, with encryption keys maintained outside of the IaaS domain. Presented experimental results demonstrate the validity and efficiency of the proposed protocols. The framework prototype was implemented on a test bed operating a public electronic health record system, showing that the proposed protocols can be integrated into existing cloud environments.

Providing user security guarantees in public infrastructure clouds

Kamal Spring

Proving ownerships rights on outsourced relational database is a crucial issue in today\'s internet based application environments and in many content distribution applications. Here mechanism is proposed for proof of ownership based on the secure embedding of a robust imperceptible watermark in relational data. Watermarking of relational databases as a constrained optimization problem and discus efficient techniques to solve the optimization problem and to handle the constraints. This watermarking technique is resilient to watermark synchronization errors because it uses a partioning approach that does not require marker tuple. This approach overcomes a major weakness in previously proposed watermarking techniques. Watermark decoding is based on a threshold-based technique characterized by an optimal threshold that minimizes the probability of decoding errors. An implemented a proof of concept implementation of our watermarking technique and showed by experimental results that our technique is resilient to tuple deletion, alteration and insertion attacks.

Data Security In Relational Database Management System

CSCJournals

Detecting Password brute force attack and Protecting the cloud data with AES ...

IRJET Journal

Similar to Abstract (20)