Considerations of Extending SQL on Encrypted Data in UniSQL

摘要

The scope and character of todays computing environments are progressively shifting from traditional, one-on-one client-server interaction to the new cooperative paradigm. It then becomes primary importance to provide means of protecting secrecy of information, while guaranteeing its availability to legitimate clients. Operating online querying services securely on open networks is very difficu therefore many enterprises outsource their data center operations to external application service providers. A promising direction toward prevention of unauthorized access to outsourced data is represented by encryption. However, data encryption is often supported for the sole purpose of protecting the data in storage while allowing access to plaintext values by the server, which decrypts data for query execution. In this paper, we present a simple yet robust solution for SQL (structured query language) querying over database system containing encrypted data. Our approach is based on the UniSQL commercial relational database management system version 6.3 that is extended with encryption and decryption module within DBMS engine which can be used by the server to select the data to be returned in response to a query with the need of accessing the plaintext and encrypted database content. Regarding encrypting system, there are many related research subjects area such as encryption key management, speeding up processing performance, ensuring secure encryption algorithms, and so on. This paper focuses on how to query encrypted data with minimal amendment of previous SQL and response to the query over encrypted data based on our implementation experience of SAMS construction.