Confidential database-as-a-service approaches: taxonomy and survey

Köhler, Jens; Jünemann, Konrad; Hartenstein, Hannes

doi:10.1186/s13677-014-0025-1

Journal of Cloud Computing

Advances, Systems and Applications

Table 3 CPI catalog

From: Confidential database-as-a-service approaches: taxonomy and survey

CPI approach	Satisfiable deployment requirements															CPI security properties
	Functionality							Prot. level	Attacker model
	Queries				Modification				Monitoring cap.			Knowledge				_{(Properties in brackets are only}
	ES	RS	LS	AG	Insert	Update	Delete		Data	Mod.	Quer.	NBK	BKS	BKD	BKQ	^{provided to a certain degree.)}
Deterministic Indexes	X				X	X	X	C	✓	✓	✓	✓	✓			Distinguishable ciphertexts
Deterministic Indexes _(Flattened) [10]	X				X	X	X	P	✓			✓	✓	✓	✓	(Indistinguishable ciphertexts)
Bucketization [11,12]		X			X	X	X	C	✓			✓	✓			Distinguishable ciphertexts
		X			X	X	X	C	✓	✓	✓	✓
		X			X			C	✓	✓		✓	✓
Bucketization _(Flattened) [11,12]		X			X	X	X	P	✓			✓	✓	✓	✓	(Indistinguishable ciphertexts)
Order-Preserving Encryption [13,14]	X	X			X	X	X	C	✓	✓	✓	✓				Order-preserving ciphertexts
Searchable Encryption [15-20]	X	X	X		X	X	X	C	✓			✓	✓	✓	✓	Indistinguishable ciphertexts
	X	X	X		X	X	X	C	✓	✓	✓	✓
	X				X	X	X	C	✓	✓	✓	✓	✓
	X				X			C	✓	✓		✓	✓	✓
Encrypted B-Trees [10,22]	X	X	x^a		X	X	X	C	✓			✓	✓	✓	✓	Indistinguishable ciphertexts
	X	X	x^a		X	X	X	C	✓	✓	✓	✓
	X	X	x^a		X			C	✓	✓		✓	✓	✓
Encrypted B-Trees _(Shuffled) [24]	X	X	x^a		X	X	X	P	✓	✓	✓	✓	✓	✓	✓	Indistinguishable ciphertexts
																(Access & pattern confidentiality)
Fragmentation [25]	X	X	X	X	X	X	X	P	✓			✓	✓	✓	✓	(Indistinguishable ciphertexts)
Fragmentation _{(Non-colluding SPs)} [26-28]	X	X	X	X	X	X	X	C	✓	✓	✓	✓	✓	✓		Indistinguishable ciphertexts
																Access confidentiality
Homomorphic Encryption [29-33]				X	X	X	X	C	✓	✓	✓	✓	✓	✓	✓	Indistinguishable ciphertexts
																Access & pattern confidentiality
Oblivious RAM [34,35]	X	X	x^a		X	X	X	C	✓	✓	✓	✓	✓	✓	✓	Indistinguishable ciphertexts
Oblivious RAM _{(Non-colluding SPs)} [36]	X	X	x^a		X	X	X	C	✓	✓	✓	✓	✓	✓	✓	Access & pattern confidentiality
Private Information Retrieval [39-42]	X	X	x^a					C	✓	✓	✓	✓	✓	✓	✓	Indistinguishable ciphertexts
Private Information Retrieval _{(Non-colluding SPs)} [37,43,44]	X	X	x^a					C	✓	✓	✓	✓	✓	✓	✓	Access & pattern confidentiality

^aLike selections are supported to a limited degree (e.g., prefix matching).
Legend
ES: Equality selection; NBK: No background knowledge; C: Computational record protection RS: Range selection; BKS: Background knowledge of the data’s schema P: Probabilistic record protection; LS: Like selection; BKD: Background knowledge of the data’s content; AG: Aggregation; BKQ: Background knowledge of the data’s content and queries.

Back to article page