WO2008090014A3 - Query integrity assurance in database outsourcing - Google Patents

Query integrity assurance in database outsourcing Download PDF

Info

Publication number
WO2008090014A3
WO2008090014A3 PCT/EP2008/050115 EP2008050115W WO2008090014A3 WO 2008090014 A3 WO2008090014 A3 WO 2008090014A3 EP 2008050115 W EP2008050115 W EP 2008050115W WO 2008090014 A3 WO2008090014 A3 WO 2008090014A3
Authority
WO
WIPO (PCT)
Prior art keywords
data
query
data set
primary
result
Prior art date
Application number
PCT/EP2008/050115
Other languages
French (fr)
Other versions
WO2008090014A2 (en
Inventor
Chang-Shing Perng
Haixun Wang
Jian Yin
Philip Yu
Original Assignee
Ibm
Ibm Uk
Chang-Shing Perng
Haixun Wang
Jian Yin
Philip Yu
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Ibm, Ibm Uk, Chang-Shing Perng, Haixun Wang, Jian Yin, Philip Yu filed Critical Ibm
Publication of WO2008090014A2 publication Critical patent/WO2008090014A2/en
Publication of WO2008090014A3 publication Critical patent/WO2008090014A3/en

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/64Protecting data integrity, e.g. using checksums, certificates or signatures
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/20Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • G06F21/6245Protecting personal data, e.g. for financial or medical purposes
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2115Third party

Abstract

A method, system and computer program product for confirming the validity of data returned from a data store. A data store contains a primary data set encrypted using a first encryption and a secondary data set using a second encryption. The secondary data set is a subset of the primary data set. A client issues a substantive query against the data store to retrieve a primary data result belonging to the primary data set. A query interface issues at least one validating query against the data store. Each validating query returns a secondary data result belonging to the secondary data set. The query interface receives the secondary data result and provides a data invalid notification if data satisfying the substantive query included in an unencrypted form of the secondary data result is not contained in an unencrypted form of the primary data result.
PCT/EP2008/050115 2007-01-25 2008-01-08 Query integrity assurance in database outsourcing WO2008090014A2 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US11/626,847 2007-01-25
US11/626,847 US7870398B2 (en) 2007-01-25 2007-01-25 Integrity assurance of query result from database service provider

Publications (2)

Publication Number Publication Date
WO2008090014A2 WO2008090014A2 (en) 2008-07-31
WO2008090014A3 true WO2008090014A3 (en) 2008-10-02

Family

ID=39276088

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/EP2008/050115 WO2008090014A2 (en) 2007-01-25 2008-01-08 Query integrity assurance in database outsourcing

Country Status (2)

Country Link
US (1) US7870398B2 (en)
WO (1) WO2008090014A2 (en)

Families Citing this family (58)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR100926880B1 (en) * 2007-05-21 2009-11-16 엔에이치엔(주) Data replication method and system in DVMS
US8600966B2 (en) 2007-09-20 2013-12-03 Hal Kravcik Internet data mining method and system
US20090177892A1 (en) * 2008-01-09 2009-07-09 Microsoft Corporation Proximity authentication
US9425960B2 (en) * 2008-10-17 2016-08-23 Sap Se Searchable encryption for outsourcing data analytics
US8291509B2 (en) * 2008-10-17 2012-10-16 Sap Ag Searchable encryption for outsourcing data analytics
US8458451B2 (en) * 2009-01-20 2013-06-04 New York University Database outsourcing with access privacy
US8209313B2 (en) * 2009-01-28 2012-06-26 Rovi Technologies Corporation Structuring and searching data in a hierarchical confidence-based configuration
US8332655B2 (en) * 2009-01-30 2012-12-11 International Business Machines Corporation Method for order invariant correlated encrypting of data and SQL queries for maintaining data privacy and securely resolving customer defects
US8819451B2 (en) * 2009-05-28 2014-08-26 Microsoft Corporation Techniques for representing keywords in an encrypted search index to prevent histogram-based attacks
US9165043B2 (en) * 2009-11-25 2015-10-20 Maobing Jin Logical object search framework and application programming interface
US8516267B2 (en) * 2009-12-18 2013-08-20 Adrian Spalka Computer readable storage medium for generating an access key, computer implemented method and computing device
EP2348447B1 (en) 2009-12-18 2014-07-16 CompuGroup Medical AG A computer implemented method for generating a set of identifiers from a private key, computer implemented method and computing device
EP2348452B1 (en) 2009-12-18 2014-07-02 CompuGroup Medical AG A computer implemented method for sending a message to a recipient user, receiving a message by a recipient user, a computer readable storage medium and a computer system
EP2348443B1 (en) * 2009-12-18 2013-10-02 CompuGroup Medical AG A computer readable storage medium for generating an access key, computer implemented method and computing device
US8719587B2 (en) 2009-12-18 2014-05-06 CompuGroup Medical AG Computer implemented method for generating a pseudonym, computer readable storage medium and computer system
EP2348450B1 (en) * 2009-12-18 2013-11-06 CompuGroup Medical AG Database system, computer system, and computer-readable storage medium for decrypting a data record
EP2365456B1 (en) * 2010-03-11 2016-07-20 CompuGroup Medical SE Data structure, method and system for predicting medical conditions
US8572385B2 (en) * 2010-07-29 2013-10-29 Brown University System and method for optimal verification of operations on dynamic sets
US20120121080A1 (en) * 2010-11-11 2012-05-17 Sap Ag Commutative order-preserving encryption
KR101418992B1 (en) * 2010-11-15 2014-07-11 한국전자통신연구원 Mobile iptv system and method
US8769302B2 (en) 2011-10-14 2014-07-01 International Business Machines Corporation Encrypting data and characterization data that describes valid contents of a column
US10075471B2 (en) 2012-06-07 2018-09-11 Amazon Technologies, Inc. Data loss prevention techniques
US10102390B2 (en) * 2012-06-28 2018-10-16 Honeywell International Inc. Memory authentication with redundant encryption
GB2503655A (en) * 2012-06-28 2014-01-08 Ibm Secure storage and deletion of objects
US9600522B2 (en) 2012-08-20 2017-03-21 Oracle International Corporation Hardware implementation of the aggregation/group by operation: filter method
US9727606B2 (en) * 2012-08-20 2017-08-08 Oracle International Corporation Hardware implementation of the filter/project operations
US9563658B2 (en) 2012-08-20 2017-02-07 Oracle International Corporation Hardware implementation of the aggregation/group by operation: hash-table method
US8856102B2 (en) * 2012-11-07 2014-10-07 International Business Machines Corporation Modifying structured query language statements
US9213867B2 (en) * 2012-12-07 2015-12-15 Microsoft Technology Licensing, Llc Secure cloud database platform with encrypted database queries
US9705674B2 (en) 2013-02-12 2017-07-11 Amazon Technologies, Inc. Federated key management
US9608813B1 (en) 2013-06-13 2017-03-28 Amazon Technologies, Inc. Key rotation techniques
US9367697B1 (en) * 2013-02-12 2016-06-14 Amazon Technologies, Inc. Data security with a security module
US10467422B1 (en) 2013-02-12 2019-11-05 Amazon Technologies, Inc. Automatic key rotation
US9286488B2 (en) 2013-03-13 2016-03-15 Northrop Grumman Systems Corporation System and method for secure database queries
CN103345526B (en) * 2013-07-22 2016-12-28 武汉大学 A kind of efficient secret protection cryptogram search method under cloud environment
US9037860B1 (en) * 2013-11-22 2015-05-19 Sap Se Average-complexity ideal-security order-preserving encryption
US9438421B1 (en) 2014-06-27 2016-09-06 Amazon Technologies, Inc. Supporting a fixed transaction rate with a variably-backed logical cryptographic key
US9866392B1 (en) 2014-09-15 2018-01-09 Amazon Technologies, Inc. Distributed system web of trust provisioning
US11556542B2 (en) * 2015-02-07 2023-01-17 International Business Machines Corporation Optionally compressed output from command-line interface
US10013363B2 (en) 2015-02-09 2018-07-03 Honeywell International Inc. Encryption using entropy-based key derivation
US9917820B1 (en) * 2015-06-29 2018-03-13 EMC IP Holding Company LLC Secure information sharing
US10073981B2 (en) 2015-10-09 2018-09-11 Microsoft Technology Licensing, Llc Controlling secure processing of confidential data in untrusted devices
FR3042625B1 (en) * 2015-10-14 2017-12-15 Commissariat Energie Atomique METHOD OF CONFIDENTIAL INTERROGATION OF A DATABASED DATABASE
WO2017103970A1 (en) * 2015-12-14 2017-06-22 株式会社日立製作所 Data processing system and data processing method
US10708073B2 (en) 2016-11-08 2020-07-07 Honeywell International Inc. Configuration based cryptographic key generation
US10721057B2 (en) 2017-01-20 2020-07-21 Enveil, Inc. Dynamic channels in secure queries and analytics
US11777729B2 (en) 2017-01-20 2023-10-03 Enveil, Inc. Secure analytics using term generation and homomorphic encryption
US11507683B2 (en) * 2017-01-20 2022-11-22 Enveil, Inc. Query processing with adaptive risk decisioning
US10771237B2 (en) 2017-01-20 2020-09-08 Enveil, Inc. Secure analytics using an encrypted analytics matrix
US11196541B2 (en) 2017-01-20 2021-12-07 Enveil, Inc. Secure machine learning analytics using homomorphic encryption
US10880275B2 (en) 2017-01-20 2020-12-29 Enveil, Inc. Secure analytics using homomorphic and injective format-preserving encryption
US10580225B2 (en) * 2017-03-31 2020-03-03 Toyota Motor Engineering & Manufacturing North America, Inc. Privacy-aware signal monitoring systems and methods
WO2019008158A1 (en) * 2017-07-06 2019-01-10 Chromaway Ab Method and system for a distributed computing system
US10733176B2 (en) 2017-12-04 2020-08-04 International Business Machines Corporation Detecting phantom items in distributed replicated database
US10902133B2 (en) 2018-10-25 2021-01-26 Enveil, Inc. Computational operations in enclave computing environments
CN109840423B (en) * 2018-11-27 2023-12-05 吴晓军 Recording method, device and equipment of data relationship
US11645424B2 (en) * 2020-04-27 2023-05-09 International Business Machines Corporation Integrity verification in cloud key-value stores
US11601258B2 (en) 2020-10-08 2023-03-07 Enveil, Inc. Selector derived encryption systems and methods

Family Cites Families (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7152165B1 (en) * 1999-07-16 2006-12-19 Intertrust Technologies Corp. Trusted storage systems and methods
US7228416B2 (en) * 2001-01-26 2007-06-05 Hitachi, Ltd. Database access method and system capable of concealing the contents of query
US7610265B2 (en) * 2005-04-29 2009-10-27 Sap Ag Data query verification

Non-Patent Citations (4)

* Cited by examiner, † Cited by third party
Title
DAMIANI ERNESTO ET AL: "Balancing confidentiality and efficiency in untrusted relational DBMSs", PROC ACM CONF COMPUTER COMMUN SECUR; PROCEEDINGS OF THE ACM CONFERENCE ON COMPUTER AND COMMUNICATIONS SECURITY; PROCEEDINGS OF THE 10TH ACM CONFERENCE ON COMPUTER AND COMMUNICATIONS SECURITY, CCS 2003 2003, 2003, pages 93 - 102, XP002491419, Retrieved from the Internet <URL:http://doi.acm.org/10.1145/948109.948124> *
GEROME MIKLAU ET AL: "Implementing a Tamper-Evident Database System", ADVANCES IN COMPUTER SCIENCE - ASIAN 2005 LECTURE NOTES IN COMPUTER SCIENCE;;LNCS, SPRINGER-VERLAG, BE, vol. 3818, 1 January 2005 (2005-01-01), pages 28 - 48, XP019025768, ISBN: 978-3-540-30767-9 *
HAKAN HACIGÜMÜS ET AL: "Executing SQL over Encrypted Data in the Database-Service-Provider Model", SIGMOD 2002. PROCEEDINGS OF THE ACM SIGMOD INTERNATIONAL CONFERENCE ON MANAGEMENT OF DATA. MADISON, WI, JUNE 4 - 6, 2002; [PROCEEDINGS OF THE ACM SIGMOD INTERNATIONAL CONFERENCE ON MANAGEMENT OF DATA], NEW YORK, NY : ACM, US, 1 June 2002 (2002-06-01), pages 216 - 227, XP002306244, ISBN: 978-1-58113-497-1 *
HWEEHWA PANG ET AL: "Verifying Completeness of Relational Query Results in Data Publishing", SIGMOD 2005. PROCEEDINGS OF THE ACM SIGMOD INTERNATIONAL CONFERENCE ON MANAGEMENT DATA. BALTIMORE, MD, JUNE 14 - 16, 2005; [PROCEEDINGS OF THE ACM SIGMOD INTERNATIONAL CONFERENCE ON MANAGEMENT OF DATA], NEW YORK, NY : ACM, US, 14 June 2005 (2005-06-14), pages 407 - 418, XP002479510, ISBN: 978-1-59593-060-6 *

Also Published As

Publication number Publication date
US20080183656A1 (en) 2008-07-31
US7870398B2 (en) 2011-01-11
WO2008090014A2 (en) 2008-07-31

Similar Documents

Publication Publication Date Title
WO2008090014A3 (en) Query integrity assurance in database outsourcing
US9881164B1 (en) Securing data
US10509768B2 (en) Method and system for secure data storage and retrieval from cloud based service environment
WO2012040231A3 (en) Systems and methods for secure data sharing
WO2008030704A3 (en) Method and system for secure processing of authentication key material in an ad hoc wireless network
WO2011127440A3 (en) Systems and methods for file access auditing
EP3356988A1 (en) Method and system for verifiable searchable symmetric encryption
WO2010132251A3 (en) Protection of encryption keys in a database
WO2006101554A3 (en) Computer system for searching static data
WO2007092658B1 (en) Method of transferring digital rights
JP2016200938A5 (en)
EP2624500A1 (en) Encrypted database system, client terminal, encrypted database server, natural joining method, and program
CN106936771A (en) A kind of secure cloud storage method and system based on graded encryption
PH12018502160A1 (en) Systems and methods for secure storage of user information in a user profile
CN103906054A (en) Method and system for authorization of software function modules of internet of things
CN105512570A (en) E-government internal network electronic certificate authentication method and system
WO2011115839A3 (en) Computer relational database method and system having role based access control
WO2015063905A1 (en) Data analysis system
CN102143159A (en) Database key management method in DAS (database-as-a-service) model
Wang et al. A traditional Chinese medicine traceability system based on lightweight blockchain
GB201217507D0 (en) Database management system
CN106326666A (en) Health record information management service system
WO2007089264A3 (en) Distributed database systems and methods
Choi et al. The effective management of length of stay for patients with acute myocardial infarction in the era of digital hospital
CN104036201A (en) Application-layer file hiding method on Windows operating system

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 08707832

Country of ref document: EP

Kind code of ref document: A2

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 08707832

Country of ref document: EP

Kind code of ref document: A2