KSDB: Improving cloud database security by using searchable encrypted data

Davud Mohammadpur ¹ ( Computer Département, University of Zanjan Zanjan, Iran )
² ( Computer Département, University of Zanjan Zanjan, Iran )

Submited date : 2025-07-19 Accepted date : 2026-05-13

Keywords: Secure database, Searchable encryption, Cloud storage, Secure SQL query,

Abstract :

Data encryption is a highly effective means of ensuring data security. It transforms readable data into a ciphertext format using cryptographic algorithms and keys. However, the challenge arises when performing query operations on encrypted data due to the alteration of the data structure. This article introduces an improved method that facilitates encryption and query operations on encrypted cloud data without requiring decryption. By leveraging reverse indexing, information mapping, and secret sharing across multiple servers, the proposed method KSDB guarantees data security and prevents data disclosure during both the encryption and query execution processes. The KSDB is an application-level encryption technique that the encrypted data is stored in the cloud storage. While existing methods primarily concentrate on numerical data, this study places emphasis on maintaining the confidentiality of string data, enabling search operations on partial strings without decryption. The results and evaluations demonstrate a significant reduction in memory consumption achieved by the proposed method. In KSDB all implementations have been migrated to a dedicated private server. This secure and reliable entity is responsible for managing critical data, including encryption keys. This strategic decision effectively resolves security issues present in pervious methods and facilitates encryption and decryption processes. Furthermore, it not only addresses concerns regarding information leakage but also enhances data confidentiality.

References:

[1] H. Tabrizchi, and M. Kuchaki Rafsanjani, “A survey on security challenges in cloud computing: issues, threats, and solutions”, The journal of supercomputing, 2020, Vol. 76, No. 12, pp. 9493-9532.
[2] N. Mohammadi, A. Rezakhani, and Haj H. Seyyed Javadi, “FLHB-AC: federated learning history-based access control using deep neural networks in healthcare system”, Journal of Information Systems and Telecommunication (JIST), 2024, Vol.2, No. 46, pp. 90.
[3] C. Choudhary, V. Narayan, and U. Kumar Lilhore, “Cloud Security: Challenges and Strategies for Ensuring Data Protection”, in Proc. of 2023 3rd International Conference on Technological Advancements in Computational Sciences (ICTACS), Nov. 2023, pp. 669-673.
[4] L. Rikhtechi, V. Rafe, and A. Rezakhani, “Secured access control in security information and event management systems”, Journal of Information Systems and Telecommunication, 2021, Vol. 9, No. 33, pp. 67-78.
[5] U. Butt, R. Amin, M. Mehmood, H. Aldabbas, M. Alharbi, and N. Albaqami, “Cloud security threats and solutions: A survey”, Wireless Personal Communications, 2023, Vol. 128, No. 1, pp. 387-413.
[6] C. Wang, K. Ren, W. Lou, and J. Li, “Toward publicly auditable secure cloud data storage services”, IEEE Network, 2010, Vol. 24, No. 4, pp. 19-24.
[7] S. Azizi, and D. Mohammadpur, “Searchable Encrypted String for Query Support on Different Encrypted Data Types”, KSII Transactions on Internet & Information Systems, 2020, Vol. 14, No. 10, pp. 4198-4213.
[8] E. Khalaf, and M. Kadi, “A survey of access control and data encryption for database security”, Journal of King Abdulaziz University, 2017, Vol. 28, No. 1, pp. 19-30.
[9] S. K. Kermanshahi, J. K. Liu, R. Steinfeld, S. Nepal, S. Lai, R. Loh, and C. Zuo, “Multi-client cloud-based symmetric searchable encryption”, IEEE Transactions on Dependable and Secure Computing, 2019, Vol. 18, No. 5, pp. 2419-2437.
[10]Z. He, W. K. Wong, B. Kao, D. W. L. Cheung, R. Li, S. M. Yiu, and E. Lo, “SDB: A secure query processing system with data interoperability”, in Proc. of the VLDB Endowment, 2015, Vol. 8, No. 12, pp. 1876-1879.
[11] W. K. Wong, B. Kao, D. W. L. Cheung, R. Li, and S. M. Yiu, “Secure query processing with data interoperability in a cloud database environment”, in Proc. of the 2014 ACM SIGMOD international conference on Management of data, 2014, pp. 1395-1406.
[12]E. Bertino, and R. Sandhu, “Database security-concepts, approaches, and challenges”, IEEE Transactions on Dependable and secure computing, 2005, Vol. 2, No.1, pp. 2-19.
[13]Z. Liu, J. Li, J. Li, C. Jia, J. Yang, and K. Yuan, “SQL-based fuzzy query mechanism over the encrypted database”, International Journal of Data Warehousing and Mining (IJDWM), 2014, Vol. 10, No. 4, pp. 71-87.