Please use this identifier to cite or link to this item:
|Title||New Methods of Query over Encrypted Data in Database|
High secure data in databases is protected by encryption. When the data is encrypted, query performance decreases. In this work we propose three new mechanisms to query the encrypted data beside make a tradeoff between the performance and the security. We introduce three different methods, the first two works on encrypted data when the condition of the ‘where’ statement is ‘=’ (searching for a specific whole word), the third one used when the condition of the ‘where’ statement is ‘like’ (searching for a part of the word). Our three methods based on replacing the select conditions on the encrypted data with another condition which is faster. In the first method we introduce a one-to-one mapping functions that is used as index for the plain data which will be encrypted; this function is also cannot be reversed without the key so the attackers cannot guess the plain text from the index. For example we will use AES as encryption/decryption function and SHA-1 as hashing function. In the second way we enhance the first way by putting the index on the memory, the index is implemented as a data structure Hash Map, this makes the response time faster but it needs a huge memory size, so this method cannot be used with the huge database size. In the third method we focus on the select statement contains a condition on a part of the cipher text, this makes it harder to implement the index without open a mapping between the plain text and the index. In the third way we work on two steps: creating the index and hiding the index. We notice that when the number of characters in the fuzzy query increase the response time enhance. We also notice that the response time for the fuzzy query contains the characters in the end of the word is better than the response time for the same query contains the characters in the start of the word and the response time for the fuzzy query contains the characters in the start of the word is better than the same query contains the character in the middle of the word. Our mechanisms work over many data-types. We implement our work as a layer above the DBMS; this makes our method compatible with any DBMS. The layer has common components for the three methods and specific components for each method. In the experiments we change the number of records in the database from 100 to 10,000 and measure the response time in mille second for the select query which have a condition on encrypted columns for each of the three proposed methods. The results of the experiments validate our approach. The experiments implement using a structure from a universal benchmark TPC-H. The advantage of our work is that we enhance the response time of the query on the encrypted database beside maintain the security of the data. Our work can be used on equal and fuzzy conditions and can be implemented over any kind of DBMS.
|Publisher||الجامعة الإسلامية - غزة|
|Files in this item|