关键词: 外包数据库服务, 数据隐私, 访问控制, 加密

Abstract: Privacy requirements have an increasing impact on the real-world applications. Technical considerations and many significant commercial and legal regulations demand that privacy guarantees be provided whenever sensitive information is stored, processed, or communicated to external parties. In this paper, we propose a solution to enforce data confidentiality, data privacy, user privacy and access control over outsourced database services. The approach starts from a flexible definition of privacy constraints on a relational schema, applies encryption on information in a parsimonious way and mostly relies on attribute partition to protect sensitive information. Based on the approximation algorithm for the minimal encryption attribute partition with quasi-identifier detection, the approach allow storing the outsourced data on a single database server and minimizing the amount of data represented in encrypted format. Meanwhile，by applying cryptographic technology on the auxiliary random server protocol, the approach can solve the problem of private information retrieval to protect user privacy and access control. The theoretical analysis shows that our new model can provide efficient data privacy protection and query processing, efficient in computational complexity and dose not increase the cost of communication complexity of user privacy protection and access control.

Key words: outsourced database service, data privacy, access control, encryption