公开(公告)号：US10769295B2

公开(公告)日：2020-09-08

申请号：US15874698

申请日：2018-01-18

Applicant: SAP SE

Inventor： Nicolas Loza ,  Florian Hahn ,  Florian Kerschbaum

IPC: G06F21/62 ,  H04L9/14 ,  G06F21/60 ,  G06F16/2455

Abstract: Embodiments allow join operations to be performed upon encrypted database tables stored on an unsecure server (e.g., as part of a DBaaS offering), with reduced information leakage. Such secure join operations may be implemented through the combination of two cryptographic techniques: non-deterministic (randomized) searchable encryption; and attribute based encryption. The searchable encryption (e.g., Symmetric Searchable Encryption: SSE) allows join values to be revealed only for rows fulfilling additional predicate attributes that the client has filtered for, thereby offering fine granular security. The attribute based encryption (e.g., Key-Policy Attribute-Based Encryption: KP-ABE) avoids the unmanageable consumption of memory that would otherwise result from the creation of intermediate constructions on the server. Embodiments offer a solution reducing information leakage of join values not contained in the result of the actual database query. This results in fine granular security because join values of data rows not involved in the join computation, remain semantically secure.

公开(公告)号：US10437821B2

公开(公告)日：2019-10-08

申请号：US15335330

申请日：2016-10-26

Applicant: SAP SE

Inventor： Benny Goerzig ,  Mathias Kohler ,  Florian Kerschbaum

IPC: G06F16/2453 ,  G06F21/60 ,  G06F21/62

Abstract: Methods and apparatus, including computer program products, are provided for split query optimization. In some example embodiments, a method may include: determining, for a query comprising a plurality of operations, a first workload distribution between a first data store and a second data store, the first workload distribution indicating that a first portion of the query is to be performed at the first data store and a second portion of the query is to be performed at the second data store; and determining, based at least on the first workload distribution, a second workload distribution, the determining of the second workload distribution includes pushing down, to the first portion of the query, a first operation from the second portion of the query such that the first operation is performed at the first data store instead of at the second data store.

公开(公告)号：US20190220619A1

公开(公告)日：2019-07-18

申请号：US15874698

申请日：2018-01-18

Applicant: SAP SE

Inventor： Nicolas Loza ,  Florian Hahn ,  Florian Kerschbaum

IPC: G06F21/62 ,  G06F21/60 ,  G06F17/30 ,  H04L9/14

Abstract: Embodiments allow join operations to be performed upon encrypted database tables stored on an unsecure server (e.g., as part of a DBaaS offering), with reduced information leakage. Such secure join operations may be implemented through the combination of two cryptographic techniques: non-deterministic (randomized) searchable encryption; and attribute based encryption. The searchable encryption (e.g., Symmetric Searchable Encryption: SSE) allows join values to be revealed only for rows fulfilling additional predicate attributes that the client has filtered for, thereby offering fine granular security. The attribute based encryption (e.g., Key-Policy Attribute-Based Encryption: KP-ABE) avoids the unmanageable consumption of memory that would otherwise result from the creation of intermediate constructions on the server. Embodiments offer a solution reducing information leakage of join values not contained in the result of the actual database query. This results in fine granular security because join values of data rows not involved in the join computation, remain semantically secure.

公开(公告)号：US20180173894A1

公开(公告)日：2018-06-21

申请号：US15387052

申请日：2016-12-21

Applicant: SAP SE

Inventor： Jonas Boehler ,  Daniel Bernau ,  Florian Kerschbaum

IPC: G06F21/62 ,  G06F17/30

CPC classification number: G06F21/6254 ,  G06F16/285 ,  H04L63/0421 ,  H04W4/38 ,  H04W12/02

Abstract: A system for differential privacy is provided. In some implementations, the system performs operations comprising receiving a plurality of indices for a plurality of perturbed data points, which are anonymized versions of a plurality of unperturbed data points, wherein the plurality of indices indicate that the plurality of unperturbed data points are identified as presumed outliers. The plurality of perturbed data points can lie around a first center point and the plurality of unperturbed data points can lie around a second center point. The operations can further comprise classifying a portion of the presumed outliers as true positives and another portion of the presumed outliers as false positives, based upon differences in distances to the respective first and second center points for the perturbed and corresponding (e.g., same index) unperturbed data points. Related systems, methods, and articles of manufacture are also described.

公开(公告)号：US20180113905A1

公开(公告)日：2018-04-26

申请号：US15335330

申请日：2016-10-26

Applicant: SAP SE

Inventor： Benny Goerzig ,  Mathias Kohler ,  Florian Kerschbaum

IPC: G06F17/30 ,  G06F9/50 ,  G06F21/60

CPC classification number: G06F16/24542 ,  G06F21/602 ,  G06F21/6218

Abstract: Methods and apparatus, including computer program products, are provided for split query optimization. In some example embodiments, a method may include: determining, for a query comprising a plurality of operations, a first workload distribution between a first data store and a second data store, the first workload distribution indicating that a first portion of the query is to be performed at the first data store and a second portion of the query is to be performed at the second data store; and determining, based at least on the first workload distribution, a second workload distribution, the determining of the second workload distribution includes pushing down, to the first portion of the query, a first operation from the second portion of the query such that the first operation is performed at the first data store instead of at the second data store.

公开(公告)号：US20170103227A1

公开(公告)日：2017-04-13

申请号：US14880095

申请日：2015-10-09

Applicant: SAP SE

Inventor： Florian Kerschbaum ,  Benny Fuhry ,  Wei Xu ,  Josef Köeble ,  Walter Tighzert

IPC: G06F21/62 ,  H04L29/06 ,  H04L9/08

CPC classification number: G06F21/6227 ,  H04L9/008 ,  H04L9/0819 ,  H04L63/0281 ,  H04L63/0478 ,  H04L2209/76

Abstract: Methods, systems, and computer-readable storage media for processing queries in analytical web applications over encrypted data. Implementations include actions of receiving, by a database driver executed on a server-side computing device and from a client-side proxy, a query and one or more encryption keys, the one or more encryption keys having been selected by the client-side proxy based on operations required to perform the query, performing at least one operation of the query to provide a query result including encrypted data, and transmitting, by the database driver, the encrypted data to the client-side proxy, the client-side proxy processing the encrypted data to provide plaintext data to an end user.

公开(公告)号：US20170099262A1

公开(公告)日：2017-04-06

申请号：US14872389

申请日：2015-10-01

Applicant: SAP SE

Inventor： Florian Kerschbaum

IPC: H04L29/06 ,  H04L29/08 ,  G06F17/30

CPC classification number: H04L63/0428 ,  G06F17/30345 ,  G06F17/30625 ,  G06F21/6227 ,  H04L9/00 ,  H04L67/1097

Abstract: Methods, systems, and computer-readable storage media for encrypting data to provide encrypted data for storage in a database. Implementations include actions of receiving, at client-side computing device, an input set including a plaintext value that is to be encrypted to provide an encrypted value, determining whether the plaintext value is stored in a search tree that is stored by the client-side computing device, if the plaintext value is not stored in the search tree, the encrypted value is provided using deterministic encryption of the plaintext value, and if the plaintext value is stored in the search tree, the encrypted value is provided using randomized encryption of the plaintext value, updating the search tree to include a node including the plaintext value and the encrypted value, and transmitting the encrypted value to a server-side computing device for storage of the encrypted value in the database.

公开(公告)号：US11218290B2

公开(公告)日：2022-01-04

申请号：US16289399

申请日：2019-02-28

Applicant: SAP SE

Inventor： Anselme Kemgne Tueno ,  Florian Kerschbaum

IPC: H04L29/06 ,  H04L9/00 ,  H04L9/30

Abstract: A server receives a corresponding data value encrypted using a common threshold public key from each of a plurality of clients. The server distributes the received data values to the clients for evaluating comparison of values. The server receives the encrypted comparison results from each of the clients in response to the distribution of the received encrypted data values. The comparison results are encrypted using the common key. The server homomorphically determines a ciphertext encrypting the rank of each client's data value using the comparison results. Further, the server can compute a ciphertext encrypting the median of the datasets. Thereafter, the server can initiate a threshold decryption to generate a final result.

公开(公告)号：US10833841B2

公开(公告)日：2020-11-10

申请号：US15209003

申请日：2016-07-13

Applicant: SAP SE

Inventor： Florian Kerschbaum

IPC: H04L29/06 ,  H04L9/00 ,  H04L9/06 ,  G06F21/62

Abstract: Embodiments implement leakage-free order-preserving encryption by assigning a distinct ciphertext for each plaintext, including repeated plaintext whose ciphertext is randomly inserted. In order to conceal insertion order, the randomized ciphertexts are compressed to minimal ciphertext space. A uniform distribution is achieved by rotating about a modulus on the ciphertexts rather than the plaintexts. The resulting ciphertext distribution has no leakage from the ciphertexts—even if an adversary has perfect background knowledge on the distribution of plaintexts. The encryption may be further secured even against passive query monitoring attacks by hiding the access pattern using ϵ, δ-differential privacy, such that the adversary observing a sequence of queries will not learn the frequency of plaintext. The leakage-free order-preserving encryption may be converted into an adjustable encryption scheme to allow querying (e.g., on a remote server).

公开(公告)号：US10445527B2

公开(公告)日：2019-10-15

申请号：US15387052

申请日：2016-12-21

Applicant: SAP SE

Inventor： Jonas Boehler ,  Daniel Bernau ,  Florian Kerschbaum

IPC: G06F21/62 ,  G06F16/28 ,  H04W4/38 ,  H04W12/02 ,  H04L29/06

Abstract: A system for differential privacy is provided. In some implementations, the system performs operations comprising receiving a plurality of indices for a plurality of perturbed data points, which are anonymized versions of a plurality of unperturbed data points, wherein the plurality of indices indicate that the plurality of unperturbed data points are identified as presumed outliers. The plurality of perturbed data points can lie around a first center point and the plurality of unperturbed data points can lie around a second center point. The operations can further comprise classifying a portion of the presumed outliers as true positives and another portion of the presumed outliers as false positives, based upon differences in distances to the respective first and second center points for the perturbed and corresponding (e.g., same index) unperturbed data points. Related systems, methods, and articles of manufacture are also described.