On a security model for a retrieval system over encrypted database

Hyun A. Park, Jin Wook Byun, Jae Hyun Park, Dong Hoon Lee

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

Although most proposed security schemes have scrutinized their own security models for protecting different types of threats and attacks, this naturally causes a problem as follows if a security analysis tool would fit a certain scheme, it may not be proper to other schemes. In order to address this problem, this paper analyzes how security requirements of each paper could be different by comparing with two schemes: Agrawal et al.'s scheme OPES (Order Preserving Encryption Scheme) and Zdonik et al.'s FCE (Fast Comparison Encryption) Zdonik et al. have formally disproved the security of Agrawal et al.'s scheme OPES. Thereafter, some scholars have wondered whether the OPES can guarantee its applicability in a real world for its insecurity or not. However, the analysis by Zdonik et al. does not have valid objectivity because they used the security model INFO-CPA-DB for their scheme FCE to analyze Agrawal et al.'s scheme OPES, in spite of the differences between two schemes. In order to analyze any scheme correctly and apply it to a real world properly, the analysis tool should be comprehensively standardized. We re-analyze Zdonik et al.'s analysis for OPES and then propose general formalizations of security and privacy for all of the encrypted retrieval systems. Finally, we recommend the minimum level of security requirements under our formal definitions. Additional considerations should be also supplemented in accordance with the conditions of each system.

Original languageEnglish
Title of host publicationProceedings - 7th International Conference on Information Processing and Management, ICIPM 2011
Pages76-82
Number of pages7
Publication statusPublished - 2011
Event7th International Conference on Information Processing and Management, ICIPM 2011 - Jeju Island, Korea, Republic of
Duration: 2011 Nov 292012 Dec 1

Publication series

NameProceedings - 7th International Conference on Information Processing and Management, ICIPM 2011

Other

Other7th International Conference on Information Processing and Management, ICIPM 2011
Country/TerritoryKorea, Republic of
CityJeju Island
Period11/11/2912/12/1

ASJC Scopus subject areas

  • Information Systems

Fingerprint

Dive into the research topics of 'On a security model for a retrieval system over encrypted database'. Together they form a unique fingerprint.

Cite this