SQL queries over encrypted databases: a survey
Limited by the local storage resource, data users have to encrypt their data and outsource the encrypted databases to cloud servers to enjoy low-cost, professional data management services, which promotes the rapid development of outsourcing database technology. Despite this, the complex underlying...
Main Authors: | , , |
---|---|
Format: | Article |
Language: | English |
Published: |
Taylor & Francis Group
2024-12-01
|
Series: | Connection Science |
Subjects: | |
Online Access: | https://www.tandfonline.com/doi/10.1080/09540091.2024.2323059 |
Summary: | Limited by the local storage resource, data users have to encrypt their data and outsource the encrypted databases to cloud servers to enjoy low-cost, professional data management services, which promotes the rapid development of outsourcing database technology. Despite this, the complex underlying setting and loosely coupled database architecture lead to various security risks and performance bottlenecks, while there is currently no work to achieve a comprehensive evaluation of existing encrypted database solutions from the aspects of underlying settings, security levels, functions, etc. In this work, we first propose an evaluation model to assess SQL functionalities and security from multiple dimensions. Secondly, we categorise the existing SQL query schemes into three categories: software-based construction, hardware-based construction, and hybrid-based construction, that is, a combination of software and hardware components. On this basis, we analyse the framework, advantages, and limitations of classic and state-of-the-art schemes. Finally, we summarise the software-based and hardware-based approaches from dimensions of SQL functionality, security, and efficiency, thus clarifying their ideal application scenarios. Notably, SQL query schemes that exhibit minimal equality of pair leakage and support strong obliviousness can achieve higher levels of security. In addition, hardware-based solutions can achieve more complex SQL queries and superior performance without designing complex and functionally-limited cryptographic tools. |
---|---|
ISSN: | 0954-0091 1360-0494 |