查看文章

The thesis involves three research works in the field of privacy-preserving query processing. They focus on the research problems of memory level security and privacy of data querying services in the cloud hosting environment. In such a scenario, the proposed schemes consider not only the direct attacks tampering with the data and the data processing but also the threats from semi-honest adversaries in cloud platforms that attempt to derive sensitive information for inference attacks through analyzing the access pattern leakage. Motivated by these security goals, three privacy-preserving schemes are designed based on different principles and for different types of queries that comprise the body of the thesis. The first work proposes memory-secure DBMS adaptation encapsulating a bare SQL processor into the trusted execution environment (TEE) and optimizes the existing Oblivious RAM scheme to efficiently shuffle the access patterns generated in retrieving data blocks from untrusted memory for processing inside TEE. The second work provides a perturbation mechanism in a two-tier index to obfuscate the access pattern on the trapdoors of the fuzzy keyword search over encrypted document database. The TEE technology is employed to encapsulate the plaintext secondary index which is sensitive and conceals the obfuscation process. The third work gives a middleware solution to obfuscate access frequency patterns for general queries without leaking sensitive information of individual queries in a harsher threat model in which the query boundaries are exposed to attackers. Different from the former two schemes, it introduces a K …