Databases Reference
In-Depth Information
SII enables two or more enterprises to run queries across their databases
that do not reveal any information among the databases apart from the re-
sults of the query. This technology is designed to foster beneficial uses of
information without violating any of the HDB principles. Figure 6 shows the
architecture of an arbitrary SII application. The SII data provider enables
sovereign information sharing for its data. The SII server maintains the meta-
data needed to retrieve information from the data providers' databases. The
SII client provides the necessary functionality to map the application schema
to the data providers' schemas, construct and invoke query requests against
multiple data providers, and receive query responses. The application is a thin
layer on top of the SII client, which invokes the required SII operations. For ex-
ample, suppose that a commercial airline and a government agency would like
to compare a passenger manifest and a suspicious traveler database to identify
any common names, without revealing any names that are not in common.
SII processes such secure information sharing operations by applying a set of
commutative encryption functions to data in different orders and at different
locations. Only encrypted information is exchanged between participants and
both data providers must participate in order to encrypt values and identify
the values that are in common to both providers. SII compares the multiply-
encrypted values and provides the query results without compromising the
security or privacy of either data set. This technology is also useful in the
clinical genomics arena, allowing enterprises to conduct secure join operations
among sovereign databases to discover and investigate correlations between
genetic sequences and phenotypic data.
Unlike other data integration approaches, such as centralized data ware-
houses and mediator-based data federations, which reveal all data among the
databases, SII only reveals query results. SII is a software solution that can be
integrated seamlessly into existing data environments without the need for any
perturbation or anonymization of the original data. It enables multiple parties
to conduct a range of useful operations over autonomous databases. SII has
been implemented on a web services infrastructure to process sovereign join
operations [14]. Recent research has also explored game theoretic approaches
to assure that a dishonest SII participant cannot gain more information that
an honest participant by providing false input data [15].
3.4 Encryption
An essential feature of a Hippocratic database is safety, which involves se-
curing sensitive data against theft or misappropriation. Encryption prevents
unauthorized users from circumventing database security by directly access-
ing the database files without using the database software. However, most
encryption techniques significantly degrade system performance because they
do not preserve the order of encrypted values and therefore, do not allow
the use of indexes to compute range queries. To address this problem, an
order preserving encryption scheme (OPES) was proposed for numeric data
