Encrypted Distributed Data Store
Year: 2018 Version: v1.0

Abstract

In order to manage the persistently growing amount of data, distributed data stores have become the backbone of many public cloud services. However, with increasing data breaches, privacy concerns in data outsourcing become even more pressing than before. To address those concerns, we start from the most widely adopted data store, i.e., key-value stores, and build an encrypted, distributed, and searchable key-value store. Specifically, we cope with the following challenges so that the proposed system will not sacrifice the benefits of existing systems.

  1. How to securely distribute encrypted data across distributed nodes?

  2. How to design an overlay that supports multiple data models with strong security guarantees?

  3. How to design a framework for encrypted and distributed indexes that enable secure queries on secondary attributes of data?



Fig. 1: Encrypted Key-value Store Architecture

Our proposed encrypted key-value store achieves strong protection on data privacy while preserving prominent features of key-value stores. It is built on a secure data partition algorithm that distributes encrypted data evenly across a cluster of nodes. It also supports multiple data models in a privacy-preserving manner. To enable secure queries for encrypted secondary attributes of data, our design provides searchable encryption based encrypted secondary indexes which consider security, efficiency, and data locality simultaneously.


Publication

  • Xingliang Yuan, Xinyu Wang, Cong Wang, Chen Qian, and Jianxiong Lin, "Building an Encrypted, Distributed, and Searchable Key-value Store", In ACM Asia Conference on Computer and Communications Security (ASIACCS), Xi’an, PRC, 30 May - 3 June, 2016.
  • Xingliang Yuan, Yu Guo, Xinyu Wang, Cong Wang, Baochun Li, and Xiaohua Jia, "EncKV: An Encrypted Key-value Store with Rich Queries", In ACM Asia Conference on Computer and Communications Security (ASIACCS), Abu Dhabi, UAE, 2 - 6 April, 2017.

Demo/Video



BlindDB - an Encrypted, Distributed, and Searchable Key-value Store

People

Xingliang Yuan <xyuancs@gmail.com>
Xinyu Wang <xinywang-c@my.cityu.edu.hk>
Yu Guo <yuguo22-c@my.cityu.edu.hk>
Cong Wang <congwang@cityu.edu.hk>