{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2023,9,13]],"date-time":"2023-09-13T20:56:50Z","timestamp":1694638610424},"reference-count":17,"publisher":"IGI Global","issue":"1","content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2010,1,1]]},"abstract":"<p>Database outsourcing has become popular in recent years, although it introduces substantial security and privacy risks. In many applications, users may not want to reveal their data even to a generally trusted database service provider. Several researchers have proposed encryption schemes, such as privacy homomorphisms, that allow service providers to process confidential data sets without learning too much about them. In this paper, the authors discuss serious flaws of these solutions. The authors then present a new definition of security for homomorphic database encryption schemes that avoids these flaws and show that it is difficult to build a privacy homomorphism that complies with this definition. As a practical compromise, the authors present a relaxed variant of the security definition and discuss arising security implications. They present a new method to construct encryption schemes for exact selects and prove that the resulting schemes satisfy this notion.<\/p>","DOI":"10.4018\/jisp.2010010101","type":"journal-article","created":{"date-parts":[[2010,4,19]],"date-time":"2010-04-19T23:03:07Z","timestamp":1271718187000},"page":"1-17","source":"Crossref","is-referenced-by-count":2,"title":["Provable Security for Outsourcing Database Operations"],"prefix":"10.4018","volume":"4","author":[{"given":"Sergei","family":"Evdokimov","sequence":"first","affiliation":[{"name":"Humboldt-Universit\u00e4t zu Berlin, Germany"}]},{"given":"Matthias","family":"Fischmann","sequence":"additional","affiliation":[{"name":"Humboldt-Universit\u00e4t zu Berlin, Germany"}]},{"given":"Oliver","family":"G\u00fcnther","sequence":"additional","affiliation":[{"name":"Humboldt-Universit\u00e4t zu Berlin, Germany"}]}],"member":"2432","reference":[{"key":"jisp.2010010101-0","doi-asserted-by":"crossref","unstructured":"Boneh, D., Crescenzo, G., Ostrovsky, G., & Persiano, G. (2004). Public-key Encryption with Keyword Search. In Proceedings of the European Conference on Cryptology (EUROCRYPT).","DOI":"10.1007\/978-3-540-24676-3_30"},{"key":"jisp.2010010101-1","doi-asserted-by":"crossref","unstructured":"Boneh, D., Kushilevitz, E., Ostrovsky, R., & Skeith, W. (2007). Public Key Encryption that Allows PIR Queries (Cryptology ePrint Archive, Rep. No. 2007\/073). Retrieved from http:\/\/eprint.iacr.org\/","DOI":"10.1007\/978-3-540-74143-5_4"},{"key":"jisp.2010010101-2","doi-asserted-by":"crossref","unstructured":"Boyens, C., & Fischmann, M. (2003). Profiting from Untrusted Parties in Web-Based Applications. In Proceedings of the 4th International Conference on Electronic Commerce and Web Technologies (EC-Web).","DOI":"10.1007\/978-3-540-45229-4_22"},{"key":"jisp.2010010101-3","doi-asserted-by":"crossref","unstructured":"Boyens, C., & G\u00fcnther, O. (2002). Trust Is not Enough: Privacy and Security in ASP and Web Service Environments. In Proceedings of the Sixth East-European Conference on Advances in Databases and Information Systems.","DOI":"10.1007\/3-540-45710-0_2"},{"key":"jisp.2010010101-4","doi-asserted-by":"crossref","unstructured":"Chang, Y., & Mitzenmacher, M. (2005). Privacy Preserving Keyword Searches on Remote Encrypted Data. In Proceedings of the Applied Cryptography and Network Security, Third International Conference, New York (pp. 442-455).","DOI":"10.1007\/11496137_30"},{"key":"jisp.2010010101-5","doi-asserted-by":"crossref","unstructured":"Chor, B., & Gilboa, N. (1997). Computationally private information retrieval (extended abstract). In STOC '97: Proceedings of the Twenty-Ninth Annual ACM Symposium on Theory of Computing (pp. 304-313). New York: ACM Press.","DOI":"10.1145\/258533.258609"},{"key":"jisp.2010010101-6","doi-asserted-by":"crossref","unstructured":"Chor, B., Goldreich, O., Kushilevitz, E., & Sudan, M. (1995). Private Information Retrieval. In Proceedings of the IEEE Symposium on Foundations of Computer Science.","DOI":"10.1109\/SFCS.1995.492461"},{"key":"jisp.2010010101-7","doi-asserted-by":"crossref","unstructured":"Damiani, E., De Capitani Vimercati, S., Jajodia, S., Paraboschi, S., & Samarati, P. (2003). Balancing Confidentiality and Efficiency in Untrusted Relational DBMSs. In CCS '03: Proceedings of the 10th ACM Conference on Computer and Communications Security. New York: ACM Press.","DOI":"10.1145\/948109.948124"},{"key":"jisp.2010010101-8","doi-asserted-by":"crossref","unstructured":"Domingo-Ferrer, J. (2002). A Provably Secure Additive and Multiplicative Privacy Homomorphism. In Proceedings of the Information Security, 5th International Conference.","DOI":"10.1007\/3-540-45811-5_37"},{"key":"jisp.2010010101-9","unstructured":"Fischmann, M., & G\u00fcnther, O. (2003). Privacy Tradeoffs in Database Service Architectures. In Proceedings of the First ACM Workshop on Business Driven Security Engineering (BIZSEC)."},{"key":"jisp.2010010101-10","doi-asserted-by":"crossref","unstructured":"Goh, E.-J. (2003). Secure Indexes (Cryptology ePrint Archive: Rep. No. 2003\/216). Retrieved from http:\/\/eprint.iacr.org\/2003\/216\/","DOI":"10.1108\/09696470310476981"},{"key":"jisp.2010010101-11","unstructured":"Goldreich, O. (2001) Foundations of Cryptography -- Volume I Basic Tools. Cambridge, UK: Cambridge University Press. ISBN 0-521-79172-3."},{"key":"jisp.2010010101-12","unstructured":"Goldreich, O. (2004). Foundations of Cryptography -- Volume II Basic Applications. Cambridge, UK: Cambridge University Press. ISBN 0-521-83084-2."},{"key":"jisp.2010010101-13","doi-asserted-by":"crossref","unstructured":"Hac\u0131g\u00fcm\u00fcs, H., Iyer, B., Li, C., & Mehrotra, S. (2002). Executing SQL over Encrypted Data in the Database-Service-Provider Model. In Proceedings of the 28th SIGMOD Conference on the Management of Data. New York: ACM.","DOI":"10.1145\/564691.564717"},{"key":"jisp.2010010101-14","unstructured":"Kantarcioglu, M., & Clifton, C. (2004). Security Issues in Querying Encrypted Data (Tech. Rep. TR-04-013). West Lafayette, IN: Purdue University."},{"key":"jisp.2010010101-15","article-title":"On Data Banks and Privacy Homomorphisms","author":"R.Rivest","year":"1978","journal-title":"Foundations of Secure Computation"},{"key":"jisp.2010010101-16","unstructured":"Song, D., Wagner, D., & Perrig, A. (2000). Practical Techniques for Searches on Encrypted Data. In Proceedings of the IEEE Symposium on Security and Privacy."}],"container-title":["International Journal of Information Security and Privacy"],"original-title":[],"language":"ng","link":[{"URL":"https:\/\/www.igi-global.com\/viewtitle.aspx?TitleId=43054","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2022,6,2]],"date-time":"2022-06-02T03:08:46Z","timestamp":1654139326000},"score":1,"resource":{"primary":{"URL":"https:\/\/services.igi-global.com\/resolvedoi\/resolve.aspx?doi=10.4018\/jisp.2010010101"}},"subtitle":[""],"short-title":[],"issued":{"date-parts":[[2010,1,1]]},"references-count":17,"journal-issue":{"issue":"1","published-print":{"date-parts":[[2010,1]]}},"URL":"https:\/\/doi.org\/10.4018\/jisp.2010010101","relation":{},"ISSN":["1930-1650","1930-1669"],"issn-type":[{"value":"1930-1650","type":"print"},{"value":"1930-1669","type":"electronic"}],"subject":[],"published":{"date-parts":[[2010,1,1]]}}}