Securus: From Confidentiality and Access Requirements to Data Outsourcing Solutions

To preserve data confidentiality in database outsourcing scenarios, various techniques have been proposed that preserve a certain degree of confidentiality while still allowing to efficiently execute certain queries. Typically, several of those techniques have to be combined to achieve a certain degree of confidentiality. However, finding an appropriate combination is not a trivial task, as expert knowledge is required and interdependencies between the techniques exist. Securus, an approach we previously proposed, addresses this problem. Securus allows users to model their requirements regarding the information in the outsourced dataset that has to be protected. Furthermore, queries that have to be efficiently executable on the outsourced data can be specified. Based on these requirements, Securus uses Integer Linear Programming (ILP) to find a suitable combination of confidentiality enhancing techniques and generates a software adapter. This software adapter transparently applies the techniques to fulfill the specified requirements and can be used to seamlessly outsource and query the data. In this paper, we present an outline of Securus and extend our previous work by highlighting the differences to other approaches in the field. ... mehrFurthermore, we show how Securus can be extended to allow for more efficient solutions if the attackers capabilities can be modeled by the user.