Publication Type
Journal Article
Version
publishedVersion
Publication Date
2-2011
Abstract
Privacy protection is one of the fundamental security requirements for database outsourcing. A major threat is information leakage from database access patterns generated by query executions. The standard private information retrieval (PIR) schemes, which are widely regarded as theoretical solutions, entail O(n) computational overhead per query for a database with items. Recent works propose to protect access patterns by introducing a trusted component with constant storage size. The resulting privacy assurance is as strong as PIR, though with O(1) online computation cost, they still have O(n) amortized cost per query due to periodically full database shuffles. In this paper, we design a novel scheme in the same model with provable security, which only shuffles a portion of the database. The amortized server computational complexity is reduced to With a secure storage storing thousands of items, our scheme can protect the access pattern privacy of databases of billions of entries, at a lower cost than those using ORAM-based poly-logarithm algorithms.
Keywords
Database, data privacy, information security.
Discipline
Information Security
Research Areas
Information Security and Trust
Publication
IEEE Transactions on Information Forensics and Security
Volume
6
Issue
1
First Page
189
Last Page
201
ISSN
1556-6013
Identifier
10.1109/TIFS.2010.2101062
Publisher
IEEE
Citation
DING, Xuhua; YANG, Yanjiang; and DENG, Robert H..
Database access pattern protection without full-shuffles. (2011). IEEE Transactions on Information Forensics and Security. 6, (1), 189-201.
Available at: https://ink.library.smu.edu.sg/sis_research/1362
Creative Commons License
This work is licensed under a Creative Commons Attribution-NonCommercial-No Derivative Works 4.0 International License.
Additional URL
https://doi.org/10.1109/TIFS.2010.2101062