面向多用户的多层嵌套数据库加密方案

围绕外包数据的安全性问题与用户隐私性问题，展开对加密数据库方案的研究，提出了一个面向多用户的多层嵌套数据库加密方案.该方案根据洋葱模型多层理论，采用多种不同类型的加密算法对用户的外包数据进行多层嵌套加密，实现了既保证数据机密性又满足多种不同SQL查询类型的数据库加密方案.针对用户递交包含敏感信息的查询语句在一定程度上泄露用户自身的隐私这一问题，设计了基于单服务器私有信息检索(private information retrieval，PIR)技术的用户隐私保护机制，实现了用户匿名查询.安全性分析表明，该方案满足数据机密性与用户隐私性.Sysbench基准测试实验分析表明，该方案具有良好的查询处理效率、读写吞吐量以及健壮性.

Multi-layer Nested Database Encryption Scheme for Multiple Users

Encrypted database scheme about outsourced data confidentiality and user privacy was researched， and a scheme of multi-layer nested database encryption for multiple users was proposed. A data encryption scheme was also proposed based on onion model to perform nested encryption on outsourced data by applying multi-layer theory with a variety of data encryption algorithms to guarantee data confidentiality and to work with SQL queries in different types. Meanwhile， user privacy protection scheme was proposed based on single server private information retrieval(PIR)to enable users to send SQL queries with sensitive data and protect the privacy of users when accessing the database， realizing user anonymous query. The security analysis results show that the scheme protects data confidentiality and user privacy. An evaluation result tested with a benchmark tool Sysbench demonstrates its well query processing efficiency， throughput and robustness.