Introducing a Technique for Searching Data in a Cryptographically Protected SQL Database
Mathematics and Computer Science: Contemporary Developments Vol. 1,
20 July 2024,
Page 1-29
https://doi.org/10.9734/bpi/mcscd/v1/8460E
In recent eras, storing and processing data on third-party remote cloud servers has been widely used, showing explosive growth. The growing popularity of data outsourcing to third-party cloud servers has a downside, related to the serious concerns of data owners about their security due to possible leakage. The desire to reduce the risk of loss of data confidentiality has become a motivating start to developing mechanisms that provide the ability to effectively use encryption to protect data. However, the use of traditional encryption methods faces a problem. Namely, traditional encryption, by making it impossible for insiders and outsiders to access data without knowing the keys, excludes the possibility of searching. This paper presents a solution that provides a strong level of confidentiality when searching, inserting, modifying, and deleting the required sensitive data in a remote database whose data are encrypted.
The proposed SQL query processing technique allows the DBMS server to perform search functions over encrypted data in the same way as in an unencrypted database. This study also offers a basis for implementing the solution on the server side of the Oracle DBMS using unmodified DBMS software using our own developed persistent stored modules (PSM). This is achieved through the organization of automatic decryption by specially developed secure software of the corresponding data required for search, without the possibility of viewing these data itself. We tested our prototype on a single machine that simulates both a proxy and a database server. At that, we guarantee the integrity of the stored procedures used and special tables that store encrypted modules of special software and decryption keys, the relevance and completeness of the results returned to the application. The results of the analysis of the feasibility and effectiveness of the proposed solution show that the proper privacy of the stored data can be achieved at a reasonable overhead. Future studies may focus on the conduct of an in-depth performance evaluation of this proposed solution, including a comparison with existing implementations, to show its practicality in various real-life situations.