SECURUS: Composition of Confidentiality Preserving Indexing Approaches for Secure Database-as-a-Service

The Database-as-a-Service (DaaS) paradigm addresses the outsourcing of databases to specialized storage providers, potentially reducing costs and increasing robustness. A common DaaS requirement is to prevent the storage provider from retrieving information from the outsourced data while still allowing it to execute queries. Various confidentiality preserving indexing approaches (CPIs) have been proposed that preserve confidentiality while allowing the SP to participate in query execution. However, these approaches only allow the execution of specific kinds of queries, for instance queries that select records based on the equality of a certain attribute to a search term. Choosing an optimal set of CPIs that matches the users specific requirements is a hard task, as it requires expert knowledge about both the scenario and the available CPIs. In this article, we provide an overview of the Securus framework [10] that tackles this issue. Securus allows the user to define her confidentiality needs and query workload in a Policy Profile. Securus then computes a set of CPIs that matches the specified requirements. Furthermore, a software adapter called Mediator is generated that implements the chosen CPIs and can be used to seamlessly outsource and query data.