進階搜尋


下載電子全文  
系統識別號 U0026-1007202013235800
論文名稱(中文) uFETCH-DB: 一個適用於隱私保護資料庫管理系統之安全中介軟體
論文名稱(英文) uFETCH-DB: A Security Agent for Privacy-Preserving DBMS
校院名稱 成功大學
系所名稱(中) 資訊工程學系
系所名稱(英) Institute of Computer Science and Information Engineering
學年度 108
學期 2
出版年 109
研究生(中文) 劉珈珈
研究生(英文) Jia-Jia Liu
學號 P76074135
學位類別 碩士
語文別 英文
論文頁數 35頁
口試委員 指導教授-涂嘉恒
口試委員-張大緯
口試委員-陳鵬升
口試委員-何建忠
中文關鍵字 可搜尋式加密  資料庫管理系統  加密資料庫  資料隱私 
英文關鍵字 Searchable Encryption  DBMS  Encrypted Database  Privacy-preserving 
學科別分類
中文摘要 資料隱私(Data Privacy)泛指資料的收集、儲存、共享和使用方式,主要的概念是在使用個人資料的同時,保護其隱私及身份訊息。現今,大眾越來越關注資料隱私,個人資料被收集之後,如何安全的被儲存與使用以避免機敏資料外洩也成為目前研究的焦點。而資料庫作為存儲資料的一個重要的方式,其安全性與隱私性更是資料隱私相關研究的重點所在。在此論文中,我們提出了一個名為uFETCH-DB的安全中介軟體,架構於現有的資料庫管理系統(Database management system)之上,將現有SQL資料庫系統轉化成為具備隱私保護的資料庫系統。實際上,uFETCH-DB會利用妥善保護的金鑰(Key)來進行資料的加解密,並針對使用者所下之SQL的操作,例如新增,搜尋,及更新等命令,轉為操控加密資料之相對應的命令後送至資料庫系統。由於轉化過後的資料庫系統內儲存的是加密過後的資料,就算資料庫系統資料外洩,資料盜用者也無法立即辨識資料內容。uFETCH-DB的運行方式,不需要使用者與資料庫系統改變其操作方式與習慣,因此其可適用於現有的SQL資料庫系統。我們的實驗結果展示uFETCH-DB可以在保護資料隱私性的情況下,兼顧SQL資料庫運行的效率。
英文摘要 Data privacy governs how data is collected, shared and used. It aims to use an individual's data while protecting its privacy preferences and personally identifiable information. Nowadays, the public is paying more and more attention to data privacy. After personal data is collected, how to store and use it safely to avoid leakage of sensitive data has also become the focus of current research. Database is one of the important ways to store data, and its security and privacy are the key points of data privacy research. In this paper, we propose a security agent called uFETCH-DB, which is based on the existing database management system (DBMS), and transforms the existing SQL database system into a database with privacy-preserving. Because the data stored in database are encrypted, even if the data is leaked, the thief cannot identify the content of the data. The operation of uFETCH-DB does not require users and database systems to change their operating methods and habits, so it can be applied to existing SQL database systems. Our experimental results show that uFETCH-DB can take into account the efficiency of SQL database operation while protecting data privacy.
論文目次 摘要i
Abstract ii
誌謝iii
Table of Contents iv
List of Tables v
List of Figures vi
Chapter 1. Introduction 1
1.1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1
1.2. Thesis Organization . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4
Chapter 2. Related Work 5
2.1. Searchable Encrypted Database System . . . . . . . . . . . . . . . . . . . 5
2.2. Unified Searchable Encryption . . . . . . . . . . . . . . . . . . . . . . . . 8
Chapter 3. System Architecture 11
3.1. Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11
3.2. Preprocessing Stage . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13
3.2.1. Text Fields - LanguagePack Framework . . . . . . . . . . . . . . . 14
3.2.2. Numeric Fields - Binary Floating-Point Representation . . . . . . . 17
3.3. Translation Stage . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 20
3.3.1. Level 1 - Basic Translation . . . . . . . . . . . . . . . . . . . . . . 21
3.3.2. Level 2 - Second Stage Filtering . . . . . . . . . . . . . . . . . . . 22
3.3.3. Level 3 - Unique Identifying . . . . . . . . . . . . . . . . . . . . . 24
Chapter 4. Performance Evaluation 26
4.1. Environment and Evaluation Setup . . . . . . . . . . . . . . . . . . . . . . 26
4.2. Evaluation Results . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 27
4.2.1. Level 1 Translation Overhead . . . . . . . . . . . . . . . . . . . . . 27
4.2.2. Level 2 Translation Overhead . . . . . . . . . . . . . . . . . . . . . 28
4.2.3. Level 3 Translation Overhead . . . . . . . . . . . . . . . . . . . . . 30
4.2.4. Precision of Wildcard and Range Queries . . . . . . . . . . . . . . 30
Chapter 5. Conclusion 33
References 34
參考文獻 [1] California consumer privacy act (ccpa). https://oag.ca.gov/privacy/ccpa. Accessed: 2020-06-06.
[2] General data protection regulation. https://gdpr-info.eu/. Accessed: 2020-06-06.
[3] Health information privacy. https://www.hhs.gov/hipaa/index.html. Accessed: 2020-06-06.
[4] Transparent data encryption (tde). https://docs.microsoft.com/en-us/previousversions/sql/sql-server-2012/bb934049(v=sql.110)?redirectedfrom=MSDN. Accessed: 2020-06-08.
[5]“popular baby names, national data.”. https://www.ssa.gov/OACT/babynames/names.zip. Accessed: 2020-05-08.
[6] Frederik Armknecht, Colin Boyd, Christopher Carr, Kristian Gjøsteen, Angela Jäschke, Christian A Reuter, and Martin Strand. A guide to fully homomorphic encryption. IACR Cryptology ePrint Archive, 2015:1192, 2015.
[7] Alexandra Boldyreva, Nathan Chenette, Younho Lee, and Adam O’neill. Order-preserving symmetric encryption. In Annual International Conference on the Theory and Applications of Cryptographic Techniques, pages 224–241. Springer, 2009.
[8] Qi Chai and Guang Gong. Verifiable symmetric searchable encryption for semi-honest-but- curious cloud servers. In 2012 IEEE International Conference on Communications (ICC), pages 917–922. IEEE, 2012.
[9] Nathan Chenette, Kevin Lewi, Stephen A Weis, and David J Wu. Practical order-revealing encryption with limited leakage. In International Conference on Fast Software Encryption, pages 474–493. Springer, 2016.
[10] S. Chung, M. Shieh, T. Chiueh, C. Liu, and C. Tu. ufetch: A unified searchable encryption scheme and its saas-native to make dbms privacy-preserving. IEEE Access, 8:93894–93906, 2020.
[11] Dawn Xiaoding Song, D. Wagner, and A. Perrig. Practical techniques for searches on encrypted data. In Proceeding 2000 IEEE Symposium on Security and Privacy. S P 2000, pages 44–55, 2000.
[12] Vidhi Doshi. A security breach in india has left a billion people at risk of identity theft. https://www.washingtonpost.com/news/worldviews/wp/2018/01/04/a-securitybreach-in-india-has-left-a-billion-people-at-risk-of-identity-theft/. Accessed: 2020-06-08.
[13] Philippe Golle, Jessica Staddon, and Brent Waters. Secure conjunctive keyword search over encrypted data. In International Conference on Applied Cryptography and Network Security, pages 31–45. Springer, 2004.
[14] Jin Li, Zheli Liu, Xiaofeng Chen, Fatos Xhafa, Xiao Tan, and Duncan S Wong. Lencdb: A lightweight framework for privacy-preserving data queries in cloud computing. Knowledge-Based Systems, 79:18–26, 2015.
[15] Jin Li, Qian Wang, Cong Wang, Ning Cao, Kui Ren, and Wenjing Lou. Fuzzy keyword search over encrypted data in cloud computing. In 2010 Proceedings IEEE INFOCOM, pages 1–5. IEEE, 2010.
[16] Zheli Liu, Haoyu Ma, Jin Li, Chunfu Jia, Jingwei Li, and Ke Yuan. Secure storage and fuzzy query over encrypted databases. pages 439–450, 01 2013.
[17] Pascal Paillier. Public-key cryptosystems based on composite degree residuosity classes. In International conference on the theory and applications of cryptographic techniques, pages 223–238. Springer, 1999.
[18] Antonis Papadimitriou, Ranjita Bhagwan, Nishanth Chandran, Ramachandran Ramjee, Andreas Haeberlen, Harmeet Singh, Abhishek Modi, and Saikrishna Badrinarayanan. Big data analytics over encrypted datasets with seabed. In 12th {USENIX} Symposium on Operating Systems Design and Implementation ({OSDI} 16), pages 587–602, 2016.
[19] Rishabh Poddar, Tobias Boelter, and Raluca Ada Popa. Arx: A strongly encrypted database system. IACR Cryptology ePrint Archive, 2016:591, 2016.
[20] Raluca Ada Popa, Catherine M. S. Redfield, Nickolai Zeldovich, and Hari Balakrishnan. Cryptdb: Protecting confidentiality with encrypted query processing. In Proceedings of the Twenty-Third ACM Symposium on Operating Systems Principles, SOSP ’11, page 85–100, New York, NY, USA, 2011. Association for Computing Machinery.
[21] Ashwin Swaminathan, Yinian Mao, Guan-Ming Su, Hongmei Gou, Avinash L Varna, Shan He, Min Wu, and Douglas W Oard. Confidentiality-preserving rank-ordered search. In Proceedings of the 2007 ACM workshop on Storage security and survivability, pages 7–12, 2007.
[22] Stephen Tu, M. Frans Kaashoek, Samuel Madden, and Nickolai Zeldovich. Processing analytical queries over encrypted data. Proc. VLDB Endow., 6(5):289–300, March 2013.
[23] Xiaofeng CHEN Yunling WANG, Jianfeng WANG. Secure searchable encryption: a survey. Journal of Communications and Information Networks, 1(4):52, 2016.
論文全文使用權限
  • 同意授權校內瀏覽/列印電子全文服務,於2020-07-23起公開。
  • 同意授權校外瀏覽/列印電子全文服務,於2020-07-23起公開。


  • 如您有疑問,請聯絡圖書館
    聯絡電話:(06)2757575#65773
    聯絡E-mail:etds@email.ncku.edu.tw