Abstract:
Query processing over encrypted database is one of the key issues to the DAS (database as a service) modal encryption. Due to the unique trust modal and system structure of the DAS modal, data encryption and decryption can only be carried out at the client site. The server is not trusted and sensitive data should be protected from potentially malicious database administrators. Current studies employ query rewriting techniques based on tuple level encryption, which are inefficient in encryption operations. They may waste a great deal of computational power on encrypting data that are not secret, especially when only one or a few attributes in a relation need to be protected. In this paper, a query rewriting algorithm is proposed, which supports attribute grain database encryption in the DAS model. The algorithm rewrites user queries according to relational algebra formulas, and it discriminates those encryption involving predicates from the others that do not use encrypted attributes. New queries are reconstructed and executed respectively on the client and the server so that optimization can be achieved. The algorithm is capable of processing correlated subquery with any depth in a recursive manner. Experiments show that the algorithm can reduce the network traffic caused by temporary query result transferring and shorten the query execution time effectively.