
A Method for Querying on Encrypted XML Data

Karimi, Maryam | 2009

713 Viewed
  1. Type of Document: M.Sc. Thesis
  2. Language: Farsi
  3. Document No: 39847 (19)
  4. University: Sharif University of Technology
  5. Department: Computer Engineering
  6. Advisor(s): Jalili, Rasool
  7. Abstract:
  8. When organizations prefer to outsource their data, security protection of data will be more important. Using cryptography in addition to access control techniques is a natural way for saving confidentiality of data against untrusted server. However, encryption and decryption of data result in database performance degradation. In such a situation all the information stored in encrypted form, one cannot make the selection on the database content any more. Data should be decrypted first, so an unwilling tradeoff between the security and performance is normally forced. The appropriate approaches to increase the performance are methods to deal directly with the encrypted data without firstly decrypting them. This thesis studies various approaches to query on encrypted XML documents. In these schemes there is the assumption that the attacker has some exact information about the value domains and their occurrence frequencies. So, it is required to protect the sensitive content and structural information. We also assume that the server processes the queries accurately but attempts to acquire some more information about the data. We propose a secure range query enabled approach for encrypting XML documents. We show this approach decreases the probability of various attacks, improves the performance of query processing, and has some preferences because of saving the space and communication bandwidth. In terms of security, our evaluation demonstrates that information leakage of sensitive structures and values is negligible. Also the speed and efficiency of query processing has a perfect improvement.
  9. Keywords:
  10. Encrypted Query ; Encrypted Database ; Database Security ; Cryptography ; Extensible Markup Language (XML)

 Digital Object List
