3,107 research outputs found
An Effective Private Data storage and Retrieval System using Secret sharing scheme based on Secure Multi-party Computation
Privacy of the outsourced data is one of the major challenge.Insecurity of
the network environment and untrustworthiness of the service providers are
obstacles of making the database as a service.Collection and storage of
personally identifiable information is a major privacy concern.On-line public
databases and resources pose a significant risk to user privacy, since a
malicious database owner may monitor user queries and infer useful information
about the customer.The challenge in data privacy is to share data with
third-party and at the same time securing the valuable information from
unauthorized access and use by third party.A Private Information Retrieval(PIR)
scheme allows a user to query database while hiding the identity of the data
retrieved.The naive solution for confidentiality is to encrypt data before
outsourcing.Query execution,key management and statistical inference are major
challenges in this case.The proposed system suggests a mechanism for secure
storage and retrieval of private data using the secret sharing technique.The
idea is to develop a mechanism to store private information with a highly
available storage provider which could be accessed from anywhere using queries
while hiding the actual data values from the storage provider.The private
information retrieval system is implemented using Secure Multi-party
Computation(SMC) technique which is based on secret sharing. Multi-party
Computation enable parties to compute some joint function over their private
inputs.The query results are obtained by performing a secure computation on the
shares owned by the different servers.Comment: Data Science & Engineering (ICDSE), 2014 International Conference,
CUSA
A Practical Framework for Storing and Searching Encrypted Data on Cloud Storage
Security has become a significant concern with the increased popularity of
cloud storage services. It comes with the vulnerability of being accessed by
third parties. Security is one of the major hurdles in the cloud server for the
user when the user data that reside in local storage is outsourced to the
cloud. It has given rise to security concerns involved in data confidentiality
even after the deletion of data from cloud storage. Though, it raises a serious
problem when the encrypted data needs to be shared with more people than the
data owner initially designated. However, searching on encrypted data is a
fundamental issue in cloud storage. The method of searching over encrypted data
represents a significant challenge in the cloud.
Searchable encryption allows a cloud server to conduct a search over
encrypted data on behalf of the data users without learning the underlying
plaintexts. While many academic SE schemes show provable security, they usually
expose some query information, making them less practical, weak in usability,
and challenging to deploy. Also, sharing encrypted data with other authorized
users must provide each document's secret key. However, this way has many
limitations due to the difficulty of key management and distribution.
We have designed the system using the existing cryptographic approaches,
ensuring the search on encrypted data over the cloud. The primary focus of our
proposed model is to ensure user privacy and security through a less
computationally intensive, user-friendly system with a trusted third party
entity. To demonstrate our proposed model, we have implemented a web
application called CryptoSearch as an overlay system on top of a well-known
cloud storage domain. It exhibits secure search on encrypted data with no
compromise to the user-friendliness and the scheme's functional performance in
real-world applications.Comment: 146 Pages, Master's Thesis, 6 Chapters, 96 Figures, 11 Table
Security Enhancement in Cloud Environment using Secure Secret Key Sharing
Securing the data in distributed cloud system is considered one of the major concern for the cloud customers who faces security risks. The data leakage or data tampering are widely used by attackers to extract the private information of other users who shares the confidential data through virtualization. This paper presents Secure Secret Sharing (SSS) technique which is being recognized as one of the leading method to secure the sensitive data. It shares encrypted data over cloud and generated secret key is split into different parts distributed to qualified participants (Qn) only which is analyzed by malicious checkers. It verifies the clients based on their previous performances, whether these users proved to be authorized participant or not. The key computation is evaluated by the Key handler (KH) called trusted party which manages authorized control list, encryption/decryption and reconstruction of key shares. The Lagrange’s interpolation method is used to reconstruct the secret from shares. The experimental results shows that the proposed secure data sharing algorithm not only provides excellent security and performance, but also achieves better key management and data confidentiality than previous countermeasures. It improves the security by using secure VM placement and evaluated based on time consumption and probability computation to prove the efficacy of our algorithm. Experiments are performed on cloudsim based on following parameters i.e. time computation of key generation; response time and encryption/decryption. The experimental results demonstrate that this method can effectively reduce the risks and improves the security and time consumption up to 27.81% and 43.61% over existing algorithms
Confidential Boosting with Random Linear Classifiers for Outsourced User-generated Data
User-generated data is crucial to predictive modeling in many applications.
With a web/mobile/wearable interface, a data owner can continuously record data
generated by distributed users and build various predictive models from the
data to improve their operations, services, and revenue. Due to the large size
and evolving nature of users data, data owners may rely on public cloud service
providers (Cloud) for storage and computation scalability. Exposing sensitive
user-generated data and advanced analytic models to Cloud raises privacy
concerns. We present a confidential learning framework, SecureBoost, for data
owners that want to learn predictive models from aggregated user-generated data
but offload the storage and computational burden to Cloud without having to
worry about protecting the sensitive data. SecureBoost allows users to submit
encrypted or randomly masked data to designated Cloud directly. Our framework
utilizes random linear classifiers (RLCs) as the base classifiers in the
boosting framework to dramatically simplify the design of the proposed
confidential boosting protocols, yet still preserve the model quality. A
Cryptographic Service Provider (CSP) is used to assist the Cloud's processing,
reducing the complexity of the protocol constructions. We present two
constructions of SecureBoost: HE+GC and SecSh+GC, using combinations of
homomorphic encryption, garbled circuits, and random masking to achieve both
security and efficiency. For a boosted model, Cloud learns only the RLCs and
the CSP learns only the weights of the RLCs. Finally, the data owner collects
the two parts to get the complete model. We conduct extensive experiments to
understand the quality of the RLC-based boosting and the cost distribution of
the constructions. Our results show that SecureBoost can efficiently learn
high-quality boosting models from protected user-generated data
- …