SecureNoSQL: An approach for secure search of encrypted NoSQL databases in the public cloud

While many schemes have been proposed to search encrypted relational databases, less attention has been paid to NoSQL databases. In this paper we report on the design and the implementation of a security scheme called “SecureNoSQL” for searching encrypted cloud NoSQL databases. Our solution is one of the first efforts covering not only data confidentiality, but also the integrity of the datasets residing on a cloud server. In our system a secure proxy carries out the required transformations and the cloud server is not modified. The construction is applicable to all NoSQL data models and, in our experiments, we present its application to a Document-store data model. The contributions of this paper include: (1) a descriptive language based on a subset of JSON notations; (2) a tool to create and parse a security plan consisting of cryptographic modules, data elements, and mappings of cryptographic modules to the data fields; and (3) a query and data validation mechanism based on the security plan.