Due to their flexible data model, column family databases (aka wide column stores) like Apache Cassandra and Apache HBase are offered as Database-as-a-Service – for example by cloud storage providers like Google Cloud Platform, Microsoft Azure, Amazon Web Services, or Rackspace.
In a project funded by the German Research Council (DFG), my research group investigates modern (so-called property-preserving) encryption schemes for this type of databases.
Our recent results in  focus on searchable encryption schemes for Cassandra.
Customers can encrypt their data before sending them to the cloud to prevent access to their data by internal and external attackers:
“[…] outsourcing sensitive data to third party storage providers has always been a security risk, in the private sector (e.g. sharing of photos or health information, messaging) as well as in the business sector (e.g. classified documents or confidential mailing). Not only adversaries with physical access to data servers are potentially dangerous, (honest but) curious or malicious database administrators of hosting providers also may snoop on sensitive data and thereby
pose a thread.” 
Traditional strong encryption schemes however limit the functionality of the databases. In particular, the database can no longer search for records matching a keyword provided by the cloud customer.
With a searchable encryption scheme the cloud customer first of all encrypts data and sends it to the cloud database; later on, the customer sends an encrypted keyword to the cloud database so that the database can search for records matching the encrypted keyword; these matches are returned to the customer and then decrypted for further processing.
We implemented three approaches in a unified reference framework and hence provided an authoritative comparison of the different schemes.
The following schemes were chosen:
The sequential scan approach (called SWP ) encrypts every word in a record separately (a fixed word length has to be selected); while searching every encrypted word is sequentially compared to the provided encrypted keyword.
The index-per-keyword approach (called CGK ) creates an encrypted index for each word in all records (linking the keyword to matching record identifiers).
The index-per-record approach (called HK ) creates a forward index that maps each document to the encrypted keywords it contains. A second backward index stores a history of search results to speed up repeated searches for the same keyword; it maps encrypted keywords to records.
We tested the three implementation on a “distributed Cassandra Cluster consisting of two nodes, each equipped with a Intel Core i7 3770 CPU (@ 3.4GHz) and 16 GB RAM, running Ubuntu 14.04 LTS and Apache Cassandra 2.1.4.” 
“We employ the popular scenario of using searchable encryption for data in a mailbox. We use a subset of the TREC 2005 Spam Track Public Corpus . We assume average mailbox sizes of 1,000 mails up to 10,000 mails.”
The first test runs measured performance of the encryption processes:
The “time needed for encryption grows linearly in all schemes. The HK scheme is the fastest with the SWP scheme being not significantly slower. Both schemes beat the CGK scheme roughly by a factor of 4.5.” 
The second test runs measured performance of the search processes:
“The high encryption effort of the CGK scheme pays off in sublinear search time (0.13 seconds when searching 10.000 mails). Due to its index […] only the HK scheme can be faster (constant search time), but only if searching for the same word again […]. It performs orders of magnitude worse when searching a word for the first time […]. Then it is almost as slow as the SWP scheme. Note that the SWP scheme as slowest one in our test still manages to search over half a million words per second.” 
 Tim Waage, Ramaninder Singh Jhajj, Lena Wiese. Searchable Encryption in Apache Cassandra. In: Foundations and Practice of Security – 8th International Symposium, Lecture Notes in Computer Science. Springer, 2015.
 Song, D.X., Wagner, D., Perrig, A.: Practical techniques for searches on encrypted data. In: Security and Privacy, 2000. S&P 2000. Proceedings. 2000 IEEE Symposium on, IEEE (2000) 44–55
 Curtmola, R., Garay, J., Kamara, S., Ostrovsky, R.: Searchable symmetric encryption: improved definitions and efficient constructions. In: Proceedings of the 13th ACM conference on Computer and communications security, ACM (2006) 79–88
 Hahn, F., Kerschbaum, F.: Searchable encryption with secure and efficient updates. In: Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security, ACM (2014) 310–320
 Available at http://plg.uwaterloo.ca/~gvcormac/trecspamtrack05