Design And Implement Of Searchable Database Encryption System In Cloud Computing Environment

Data security has become a challenge due to the rapid development of cloud computing,especially being in face of large-scale data,the data privacy preservation has become urgent to be dealed with,a simple solution is to encrypt the data privacy before being stored in the database,but the query has to decrypt all the encrypted data firstly.The disadvantage of this method is that the plaintext data is encrypted,some attributes such as the order of the plaintext cannot be preserved,the operation on the plaintext also cannot be performed on the ciphertext,so all the cipertext must be decrypted before completing the operation,the efficency of this solution is much lower than original,especially meeting the challenge of very large database.In order to solve the problem of query and operation on ciphertext,researchers has proposed various searchable encryption algorithms and homomorphic encryption algorithms.However,there is lack of an efficient schema which can be applied to the acutal application.From the point of view of practical application,the processing system that supports the ciphertext operation can not only take into account the data privacy protection,but also ensure the efficiency of operations.Based on the above situation and the study of the previous research,a searchable database encryption system--SSDB(Searchable and Secure Database)is designed and implemented as well as new encryption algorithms and system model.The core function of SSDB are deparsing SQL statements,encryption algorithms and querying on cipertext directly,and beside that,the database server does not expose sensitive information.The innovation of SSDB lies in three aspects:First of all,SSDB has improved the existing algorithm and redesigned three kinds of encryption model: the Deterministic Encryption model,the Order-preserving encryption model and the Homomorphic encryption model.SSDB has the capacity of adaptively selecting the corresponding model according to the operation type;Secondly,in order to strengthen the security,two layers of encryption methods has been designed,the inner ciper layer support the specific operation directly,while the outer ciper layer plays the role of ciphertext confusion,does not reveal any private information,and in the practical application,the inner layer and the outer layer can switch dynamic by removing the outer query before the query and re-encrypting after the query;Finally,the system is transparent to both the users and the database servers,they do not need to care about the process of the system.SSDB has a good external interface in order to improve the ease of use.