Title: Privacy-preserving SQL queries on cross-organisation databases

Authors: Ye Han; Xiaojie Guo; Tong Li; Xiaotao Liu

Addresses: College of Cyber Science and College of Computer Science, Key Laboratory of Data and Intelligent System Security, Ministry of Education, Nankai University, Tianjin, China ' College of Cyber Science and College of Computer Science, Key Laboratory of Data and Intelligent System Security, Ministry of Education, Nankai University, Tianjin, China ' College of Cyber Science and College of Computer Science, Key Laboratory of Data and Intelligent System Security, Ministry of Education, Nankai University, Tianjin, China ' Beijing DBSEC Technology Co., Ltd, Beijing, China

Abstract: In recent years, much industrial interest has been paid to SQL queries on a joint database contributed by several mutually distributed companies or organisations. However, privacy regulations and commercial interest prevent these entities to trivially share their local databases with each other. To enable such SQL queries, some privacy-preserving technologies should be applied. In this work, we outline a provably secure MPC framework of privacy-preserving SQL queries for industrial applications, such as medical research in hospitals, financial oversight, business cooperation, etc. In particular, this framework is secure against any semi-honest adversary, which is a popular threat model in real-life systems. This framework also models a common efficiency optimisation of SQL query plans at the cost of mild leakage.

Keywords: SQL queries; secure multi-party computation; privacy.

DOI: 10.1504/IJCSE.2025.144803

International Journal of Computational Science and Engineering, 2025 Vol.28 No.2, pp.166 - 171

Received: 14 Dec 2023
Accepted: 16 Feb 2024
Published online: 03 Mar 2025 *

Full-text access for editors Full-text access for subscribers Purchase this article Comment on this article