Blind Seer: A Scalable Private DBMS   [open pdf - 630KB]

From the paper abstract: "Query privacy in secure DBMS [Database Management System] is an important feature, although rarely formally considered outside the theoretical community. Because of the high overheads of guaranteeing privacy in complex queries, almost all previous works addressing practical applications consider limited queries (e.g., just keyword search), or provide a weak guarantee of privacy. In this work, we address a major open problem in private DB [Database]: efficient sublinear search for arbitrary Boolean queries. We consider scalable DBMS with provable security for all parties including protection of the data from both server (who stores encrypted data) and client (who searches it), as well as protection of the query, and access control for the query. We design, build, and evaluate the performance of a rich DBMS system, suitable for real-world deployment on today medium- to large-scale DBs. On a modern server, we are able to query a formula over 10TB, 100M-record DB, with 70 searchable index terms per DB row, in time comparable to (insecure) MySQL (many practical queries can be privately executed with work 1.2-3 times slower than MySQL, although some queries are costlier). We support a rich query set, including searching on arbitrary boolean formulas on keywords and ranges, support for stemming and free keyword searches over text fields."

Public Domain
Retrieved From:
Defense Technical Information Center (DTIC): http://www.dtic.mil/dtic/
Media Type:
35th IEEE Symposium on Security & Privacy (S&P), San Jose, CA, 18-21 May 2014
Help with citations