Secure Normal Form: Mediation among Cross Cryptographic Leakages in Encrypted Databases

Shufan Zhang, Xi He, Ashish Kundu, Sharad Mehrotra, Shantanu Sharma

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

Existing secure data outsourcing systems offer users ways to select from different cryptographic primitives supported by the system to encrypt their data to strike a balance between data confidentiality and query performance. Though prior work have identified the danger of mixing cryptographic primitives, they fall short of providing a systematic approach to guide users to prevent such cross-cryptographic leakages. Inspired by the database design theory, we envision Secure Normal Form, a new approach to normalize encrypted databases such that the leakages of the partitioned databases are limited to the users' specifications. In this work, we propose a new architecture to support secure normal form. This system includes several new components for secure data outsourcing: (i) an inference mechanism that reasons about additional leakages from weaker encryption techniques, based on semantic data properties (e.g., dependence between attribute values); (ii) a normalization mechanism that converts relational data into secure normal forms, so that the information leaked by the representation is limited to that specified by the user; and (iii) a secure query execution approach over encrypted data in secure normal forms. Our initial experimental results validate the performance improvement over naïve baseline and show that a careful data representation can be allowed without compromising security. We believe that our paper opens a new direction in secure data management.

Original languageEnglish (US)
Title of host publicationProceedings - 2024 IEEE 40th International Conference on Data Engineering, ICDE 2024
PublisherIEEE Computer Society
Pages5560-5573
Number of pages14
ISBN (Electronic)9798350317152
DOIs
StatePublished - 2024
Event40th IEEE International Conference on Data Engineering, ICDE 2024 - Utrecht, Netherlands
Duration: May 13 2024May 17 2024

Publication series

NameProceedings - International Conference on Data Engineering
ISSN (Print)1084-4627
ISSN (Electronic)2375-0286

Conference

Conference40th IEEE International Conference on Data Engineering, ICDE 2024
Country/TerritoryNetherlands
CityUtrecht
Period5/13/245/17/24

All Science Journal Classification (ASJC) codes

  • Software
  • Signal Processing
  • Information Systems

Keywords

  • Encryption
  • Holistic Leakage Accounting
  • Inference Control
  • Secure Data Management

Fingerprint

Dive into the research topics of 'Secure Normal Form: Mediation among Cross Cryptographic Leakages in Encrypted Databases'. Together they form a unique fingerprint.

Cite this