Research And Implementation Of Database Encryption System Based On Onion Model

With the rapid development of cloud storage technology,database outsourcing service attracts a large number of users with its efficient computing power,massive storage resources and convenient administration.People are increasingly inclined to migrate their own database to third-party databases.However,the outsourced data are facing severe challenges because of the attackers' enhanced hacking techniques towards these third-party databases that have full rights over user data.The internal threats toward outsourced data is especially strong.The malicious administrator can arbitrarily steal user data,and this endangers the user's interests.Meanwhile,the database queries submitted by users with sensitive information also leaks their privacy to a certain extent.In order to address the above problems,this paper proposes a data encryption scheme based on onion model to perform nested encryption on outsourced data by applying multi-layer theory with a variety of data encryption algorithms to guarantee confidentiality,integrity and.availability of user data.The solution is to provide the aggregation query,fuzzy query,equivalent query,multi-table join query,range query and other operations based on the homomorphic encryption,searchable encryption,deterministic symmetric encryption,connectable encryption,order-preserving encryption,etc.,in order to work with SQL queries in different types without endangering the confidentiality of user data.In this paper,a private information retrieval(PIR)scheme based on single server is proposed to enable the users to send the SQL queries with sensitive data and protect the privacy of the users when accessing the database.Based on the above scheme,this paper designed and implemented a Database Encryption System based on Onion Model,and this system is tested with a benchmark tool,Sysbench,to verify the correctness and availability of the system and the feasibility of the scheme.The theoretical analysis and the system test indicated that the system has a high availability by supporting database query processing on a daily basis,but also guarantees the confidentiality of the user's outsourced data by adopting the database encryption scheme.With PIR integrated into the system,we enable users to manage to get the results of their queries in a"privacy-protected" way without exposing the content of specific queries to the server.Therefore,this system has great values for research and practical applications.