Symmetrically-Private Database Search in Cloud Computing

Database outsourcing has gained importance in the past few years due to the emergence of the cloud computing. In Database-as-a-Service (DaaS), which is a category of cloud computing services, the database owner outsources both databases and querying services to a cloud server and clients issue queries over the database to the cloud server. In this context, privacy is a primary challenge and it is necessary to fulfill main privacy requirements of database owners and clients. This paper presents protocols for executing keyword search and aggregate SQL queries that preserve the privacy of both the client and the database owner. Client privacy is preserved such that the database owner and the cloud server cannot infer the constants contained in the query predicates. Database owner privacy is preserved such that the client cannot obtain any additional information beyond the query result. The primitives that are utilized in designing these protocols include symmetric private information retrieval and private integer comparison. We experimentally evaluate the performance of the proposed protocols and report on the experimental results.