Query Execution over Encrypted Database

Rapid changes in internet and network technologies facilitated easy to access online applications, services and database. Database as a service (DaaS) is a model that offer its users to perform data processing (store, modify and retrieve) as long as they are connect to internet. Providing security to database as service model became a challenging work due to malicious network administrator, they exploit software bugs and retrieve confidential data of enterprise and users. Two privacy issues are important in DaaS, First data stored in database is secure from outsiders i.e. It should be ensured that, stored data is secure from data thefts. Second, data is secure from the DaaS service provider i.e. Data is secure from curious or malicious database administrators. In this work, emphasis is on second challenge. We have proposed a system in which data stored at server site is in encrypted form and encrypted query is forwarded to server for processing. Encryption of queries and decryption of encrypted query result are done at client site. The system is secured through symmetric key encryption and authentication using digital signature. The proposed system provides confidentiality, integrity, availability, and authentication services to the data users.