Databases Reference
In-Depth Information
doors become eventually vulnerable - e.g., today's access patterns will be
revealed once factoring of today's values will become possible in the future.
We note that these results are beyond existing knowledge of mere “im-
practicality” under unfavorable assumptions. On real hardware,
no
existing
non-trivial single server PIR protocol could have possibly had outperformed
the trivial client-to-server transfer of records in the past, and is likely not to
do so in the future either. Informally, this is due to the fact that it is more
expensive to PIR-process one bit of information than to transfer it over a
network.
PIR's aim is to simply transfer one single remote bit with privacy. We
showed above that theoretical lower bounds prevent current cryptography to
offer ecient solutions in practical settings. Arguably, for more complex query
processing this will also be the case. Thus it is important to design practical
solutions that have the potential to break the PIR computation-privacy trade-
off. We believe a very promising avenue for further research relies on deploying
secure hardware hosted by the server, allowing the delegation of client-logic
in closer data proximity.
And because (as discussed above) trivial “run client ”proxy” inside secure
CPU” approaches are likely to be impractical - as typically such hardware
is orders of magnitude slower than main CPUs - any solution needs to de-
ploy SCPUs eciently, to defeat statistical correlation attacks on data access
patterns.
3 Related Work.
Extensive research has focused on various aspects of DBMS security, including
access control techniques as well as general information security issues [29,31,
51,73,75,80,81,90,106,107,110,112], many of which are discussed elsewhere in
this topic. Additionally, increasing awareness of requirements for data storage
security mechanisms and support can be found with DBMS vendors such as
IBM [10] and Oracle [16].
3.1 Database as a Service
The paradigm of providing a database as a service recently emerged [72] as a
viable alternative, likely due in no small part to the dramatically increasing
availability of fast, cheap networks. Given the global, networked, possibly hos-
tile nature of the operation environments, security assurances are paramount.
Data Sharing.
Statistical and
Hippocratic
databases aim to address the
problem of allowing aggregate queries on confidential data (stored on
trusted
servers) without additional information leaks [24, 25, 50, 51, 89] to the queries.
In [125] Zhang et al. discuss privacy in information sharing scenarios in a
distributed multi-party context, where each party operates a private database.
An leakage measure is defined for information sharing and several privacy
multi-party protocols deploying commutative encryption are defined.
