Abstract: A system for differential privacy is provided. In some implementations, the system performs operations comprising receiving a plurality of indices for a plurality of perturbed data points, which are anonymized versions of a plurality of unperturbed data points, wherein the plurality of indices indicate that the plurality of unperturbed data points are identified as presumed outliers. The plurality of perturbed data points can lie around a first center point and the plurality of unperturbed data points can lie around a second center point. The operations can further comprise classifying a portion of the presumed outliers as true positives and another portion of the presumed outliers as false positives, based upon differences in distances to the respective first and second center points for the perturbed and corresponding (e.g., same index) unperturbed data points. Related systems, methods, and articles of manufacture are also described.

Abstract: Methods, systems, and articles of manufacture are provided for oblivious order preserving encryption. A method may include: traversing, by a cloud service provider, an order preserving encryption (OPE) tree based on a result of an oblivious comparison performed by a data owner and a data client, the OPE tree having nodes that each correspond to a ciphertext of data associated with the data owner, the ciphertext of the data being stored at the cloud service provider, and a relative position of the nodes within the OPE tree corresponding to an order that is present in the data associated with the data owner; and determining, based on the traversing of the OPE tree, an OPE encoding for an input value from the data client, the OPE encoding for the input value indicative of a position of a node corresponding to the input value within the OPE tree.

Abstract: Methods and apparatus, including computer program products, are provided for split query optimization. In some example embodiments, a method may include: determining, for a query comprising a plurality of operations, a first workload distribution between a first data store and a second data store, the first workload distribution indicating that a first portion of the query is to be performed at the first data store and a second portion of the query is to be performed at the second data store; and determining, based at least on the first workload distribution, a second workload distribution, the determining of the second workload distribution includes pushing down, to the first portion of the query, a first operation from the second portion of the query such that the first operation is performed at the first data store instead of at the second data store.

Abstract: Embodiments implement leakage-free order-preserving encryption by assigning a distinct ciphertext for each plaintext, including repeated plaintext whose ciphertext is randomly inserted. In order to conceal insertion order, the randomized ciphertexts are compressed to minimal ciphertext space. A uniform distribution is achieved by rotating about a modulus on the ciphertexts rather than the plaintexts. The resulting ciphertext distribution has no leakage from the ciphertexts—even if an adversary has perfect background knowledge on the distribution of plaintexts. The encryption may be further secured even against passive query monitoring attacks by hiding the access pattern using ?, ?-differential privacy, such that the adversary observing a sequence of queries will not learn the frequency of plaintext. The leakage-free order-preserving encryption may be converted into an adjustable encryption scheme to allow querying (e.g., on a remote server).

Abstract: Methods, systems, and computer-readable storage media for processing queries in analytical web applications over encrypted data. Implementations include actions of receiving, by a database driver executed on a server-side computing device and from a client-side proxy, a query and one or more encryption keys, the one or more encryption keys having been selected by the client-side proxy based on operations required to perform the query, performing at least one operation of the query to provide a query result including encrypted data, and transmitting, by the database driver, the encrypted data to the client-side proxy, the client-side proxy processing the encrypted data to provide plaintext data to an end user.

Abstract: Methods, systems, and computer-readable storage media for encrypting data to provide encrypted data for storage in a database. Implementations include actions of receiving, at client-side computing device, an input set including a plaintext value that is to be encrypted to provide an encrypted value, determining whether the plaintext value is stored in a search tree that is stored by the client-side computing device, if the plaintext value is not stored in the search tree, the encrypted value is provided using deterministic encryption of the plaintext value, and if the plaintext value is stored in the search tree, the encrypted value is provided using randomized encryption of the plaintext value, updating the search tree to include a node including the plaintext value and the encrypted value, and transmitting the encrypted value to a server-side computing device for storage of the encrypted value in the database.

Abstract: Methods, systems, and computer-readable storage media for selecting columns for using searchable encryption to query a database storing encrypted data. Implementations include actions of receiving a set of search indices, receiving a search token, and in response: searching at least one search index of the set of search indices based on the search token, and determining that the at least one search index is absent an entry corresponding to the search token, and in response, receiving one or more identifiers, each identifier being associated with a respective ciphertext that is determined to be responsive to the search token, and updating the at least one index to include an entry based on the search token and the one or more identifiers; and transmitting search results, the search results including the one or more ciphertexts that are determined to be responsive to the search token.

Abstract: Methods, systems, and computer-readable storage media for range queries over encrypted data include actions of receiving a range query token, determining one or more of whether a tree list of an encrypted search index is empty and a range of the token intersects with a range accounted of a tree in the tree list, the encrypted search index including the tree list and a point list, receiving encrypted query results based on one of a search tree, if the tree list is not empty and a range of the token is at least a sub-range of a range accounted for in the tree list, and the point list, if the tree list is empty or the range of the token is not at least a sub-range of a range accounted for in the tree list, and updating the encrypted search index based on the token.

Abstract: Methods, systems, and computer-readable storage media for processing queries in analytical web applications over encrypted data. Implementations include actions of receiving, by a database driver executed on a server-side computing device and from a client-side proxy, a query and one or more encryption keys, the one or more encryption keys having been selected by the client-side proxy based on operations required to perform the query, performing at least one operation of the query to provide a query result including encrypted data, and transmitting, by the database driver, the encrypted data to the client-side proxy, the client-side proxy processing the encrypted data to provide plaintext data to an end user.

Abstract: Methods, systems, and computer-readable storage media for encrypting data to provide encrypted data for storage in a database. Implementations include actions of receiving, at client-side computing device, an input set including a plaintext value that is to be encrypted to provide an encrypted value, determining whether the plaintext value is stored in a search tree that is stored by the client-side computing device, if the plaintext value is not stored in the search tree, the encrypted value is provided using deterministic encryption of the plaintext value, and if the plaintext value is stored in the search tree, the encrypted value is provided using randomized encryption of the plaintext value, updating the search tree to include a node including the plaintext value and the encrypted value, and transmitting the encrypted value to a server-side computing device for storage of the encrypted value in the database.

Abstract: Methods, systems, and computer-readable storage media for selecting columns for re-encryption in join operations. In some implementations, actions include determining a first column and a second column to be joined, receiving a first key corresponding to the first column and a second key corresponding to the second column, receiving a first rank associated with the first key and a second rank associated with the second key, selecting the second column for re-encryption based on the first rank and the second rank, and providing the first column, the second column, and the first key for performing a join operation, the second column being re-encrypted based on the first key.

Abstract: Methods, systems, and computer-readable storage media for enforcing access control in encrypted query processing. Implementations include actions of obtaining a set of user groups based on the user credential and a user group mapping, obtaining a set of relations based on the query, obtaining a set of virtual relations based on the set of user groups and the set of relations, receiving a first rewritten query based on the set of virtual relations and a query rewriting operation, encrypting the first rewritten query to provide an encrypted query, and transmitting the encrypted query to at least one server computing device over a network for execution of the encrypted query over access controlled, encrypted data.

Abstract: Methods, systems, and computer-readable storage media for proxy re-encryption of encrypted data stored in a first database of a first server and a second database of a second server. Implementations include actions of receiving a first token at the first server from a client-side computing device, providing a first intermediate re-encrypted value based on a first encrypted value and the first token, transmitting the first intermediate re-encrypted value to the second server, receiving a second intermediate re-encrypted value from the second server, the second intermediate re-encrypted value having been provided by encrypting the first encrypted value at the second server based on a second token, providing the first encrypted value as a first re-encrypted value based on the first intermediate re-encrypted value and the second intermediate re-encrypted value, and storing the first re-encrypted value in the first database.

Abstract: Methods, systems, and computer-readable storage media for enforcing access control in encrypted query processing. Implementations include actions of obtaining a set of user groups based on the user credential and a user group mapping, obtaining a set of relations based on the query, obtaining a set of virtual relations based on the set of user groups and the set of relations, receiving a first rewritten query based on the set of virtual relations and a query rewriting operation, encrypting the first rewritten query to provide an encrypted query, and transmitting the encrypted query to at least one server computing device over a network for execution of the encrypted query over access controlled, encrypted data.

Abstract: A method for performing data analytics on outsourced data may include receiving, at a data analyst, cipher text representing data from a data owner such that the data remains hidden from the data analyst, generating a query token using a constant provided by the data analyst such that the constant remains hidden from the data owner, and analyzing the cipher text using the query token.

Abstract: Methods, systems, and computer-readable storage media for proxy re-encryption of encrypted data stored in a first database of a first server and a second database of a second server. Implementations include actions of receiving a first token at the first server from a client-side computing device, providing a first intermediate re-encrypted value based on a first encrypted value and the first token, transmitting the first intermediate re-encrypted value to the second server, receiving a second intermediate re-encrypted value from the second server, the second intermediate re-encrypted value having been provided by encrypting the first encrypted value at the second server based on a second token, providing the first encrypted value as a first re-encrypted value based on the first intermediate re-encrypted value and the second intermediate re-encrypted value, and storing the first re-encrypted value in the first database.

Abstract: Methods, systems, and computer-readable storage media for selecting columns for selecting encryption to perform an operator during execution of a database query. Implementations include actions of determining a current encryption type of a column that is to be acted on during execution of the database query, the column storing encrypted data, determining a minimum encryption type for performance of the operator on the column, selecting a selected encryption type based on the current encryption type, the minimum encryption type, and a budget associated with the column, and performing the operator based on the selected encryption type.

Abstract: Methods, systems, and computer-readable storage media for selecting columns for selecting encryption to perform an operator during execution of a database query. Implementations include actions of determining a current encryption type of a column that is to be acted on during execution of the database query, the column storing encrypted data, determining a minimum encryption type for performance of the operator on the column, selecting a selected encryption type based on the current encryption type, the minimum encryption type, and a budget associated with the column, and performing the operator based on the selected encryption type.

Abstract: Methods, systems, and computer-readable storage media for selecting columns for using searchable encryption to query a database storing encrypted data. Implementations include actions of receiving a set of search indices, receiving a search token, and in response: searching at least one search index of the set of search indices based on the search token, and determining that the at least one search index is absent an entry corresponding to the search token, and in response, receiving one or more identifiers, each identifier being associated with a respective ciphertext that is determined to be responsive to the search token, and updating the at least one index to include an entry based on the search token and the one or more identifiers; and transmitting search results, the search results including the one or more ciphertexts that are determined to be responsive to the search token.

Abstract: Embodiments relate to processing encrypted data, and in particular to identifying an appropriate layer of encryption useful for processing a query. Such identification (also known as the onion selection problem) is achieved utilizing an adjustable onion encryption procedure. Based upon defined requirements of policy configuration, alternative resolution, and conflict resolution, the adjustable onion encryption procedure entails translating a query comprising an expression in a database language (e.g. SQL) into an equivalent query on encrypted data. The onion may be configured in almost arbitrary ways directing the onion selection. An execution function introduces an execution split to allow local (e.g. client-side) query fulfillment that may otherwise not be possible in a secure manner on the server-side. A searchable encryption function may also be employed, and embodiments accommodate aggregation via homomorphic encryption. Embodiments may be implemented as an in-memory column store database system.