13,072 research outputs found
Secure kNN Query Processing in Untrusted Cloud Environments: an Overview
ABSTRACT: Nowadays, data are stored to a third party in cloud environments and query processing is also done by the third party to reduce the expense to maintain the system. Although there are lots of advantages in using independent third parties in query processing, security problems become more crucial since we cannot completely trust the third parties which can be easily corrupted or malfunctioning. The security problems with untrusted third parties are multifaceted in several areas such as privacy, authentication, and recovery. For privacy, the third party should not be able to know what the user's query is since the query itself describes the user's interest. For authentication, the user should be able to verify that the information from the third party is not tampered since the correctness of the query results depends upon the correctness of the information from the third party. For recovery, when the result is found to be forged by an adversary, we should be able to find the adversary and get a correct result by removing the adversary. To address these challenges, we propose several schemes. First, with respect to secure kNN query processing and secure proximity detection, we give novel schemes based on Mutable Order Preserving Encryption (MOPE) and Secure Point Evaluation Method (SPEM). Second, for authenticated top-k aggregation, we suggest novel schemes using Three Phase Uniform Threshold Algorithm, Merkle Hash Tree, and Condensed-RSA. Third, for detecting malicious nodes, we propose novel algorithms based on Additively Homomorphic Encryption and Multipath Transmission. Our experimental evaluation and security analyses demonstrate that robust mechanisms can be deployed with a minimal amount of computational and communicational expense
Conclave: secure multi-party computation on big data (extended TR)
Secure Multi-Party Computation (MPC) allows mutually distrusting parties to
run joint computations without revealing private data. Current MPC algorithms
scale poorly with data size, which makes MPC on "big data" prohibitively slow
and inhibits its practical use.
Many relational analytics queries can maintain MPC's end-to-end security
guarantee without using cryptographic MPC techniques for all operations.
Conclave is a query compiler that accelerates such queries by transforming them
into a combination of data-parallel, local cleartext processing and small MPC
steps. When parties trust others with specific subsets of the data, Conclave
applies new hybrid MPC-cleartext protocols to run additional steps outside of
MPC and improve scalability further.
Our Conclave prototype generates code for cleartext processing in Python and
Spark, and for secure MPC using the Sharemind and Obliv-C frameworks. Conclave
scales to data sets between three and six orders of magnitude larger than
state-of-the-art MPC frameworks support on their own. Thanks to its hybrid
protocols, Conclave also substantially outperforms SMCQL, the most similar
existing system.Comment: Extended technical report for EuroSys 2019 pape
An Effective Private Data storage and Retrieval System using Secret sharing scheme based on Secure Multi-party Computation
Privacy of the outsourced data is one of the major challenge.Insecurity of
the network environment and untrustworthiness of the service providers are
obstacles of making the database as a service.Collection and storage of
personally identifiable information is a major privacy concern.On-line public
databases and resources pose a significant risk to user privacy, since a
malicious database owner may monitor user queries and infer useful information
about the customer.The challenge in data privacy is to share data with
third-party and at the same time securing the valuable information from
unauthorized access and use by third party.A Private Information Retrieval(PIR)
scheme allows a user to query database while hiding the identity of the data
retrieved.The naive solution for confidentiality is to encrypt data before
outsourcing.Query execution,key management and statistical inference are major
challenges in this case.The proposed system suggests a mechanism for secure
storage and retrieval of private data using the secret sharing technique.The
idea is to develop a mechanism to store private information with a highly
available storage provider which could be accessed from anywhere using queries
while hiding the actual data values from the storage provider.The private
information retrieval system is implemented using Secure Multi-party
Computation(SMC) technique which is based on secret sharing. Multi-party
Computation enable parties to compute some joint function over their private
inputs.The query results are obtained by performing a secure computation on the
shares owned by the different servers.Comment: Data Science & Engineering (ICDSE), 2014 International Conference,
CUSA
Systematizing Genome Privacy Research: A Privacy-Enhancing Technologies Perspective
Rapid advances in human genomics are enabling researchers to gain a better
understanding of the role of the genome in our health and well-being,
stimulating hope for more effective and cost efficient healthcare. However,
this also prompts a number of security and privacy concerns stemming from the
distinctive characteristics of genomic data. To address them, a new research
community has emerged and produced a large number of publications and
initiatives.
In this paper, we rely on a structured methodology to contextualize and
provide a critical analysis of the current knowledge on privacy-enhancing
technologies used for testing, storing, and sharing genomic data, using a
representative sample of the work published in the past decade. We identify and
discuss limitations, technical challenges, and issues faced by the community,
focusing in particular on those that are inherently tied to the nature of the
problem and are harder for the community alone to address. Finally, we report
on the importance and difficulty of the identified challenges based on an
online survey of genome data privacy expertsComment: To appear in the Proceedings on Privacy Enhancing Technologies
(PoPETs), Vol. 2019, Issue
k-Nearest Neighbor Classification over Semantically Secure Encrypted Relational Data
Data Mining has wide applications in many areas such as banking, medicine,
scientific research and among government agencies. Classification is one of the
commonly used tasks in data mining applications. For the past decade, due to
the rise of various privacy issues, many theoretical and practical solutions to
the classification problem have been proposed under different security models.
However, with the recent popularity of cloud computing, users now have the
opportunity to outsource their data, in encrypted form, as well as the data
mining tasks to the cloud. Since the data on the cloud is in encrypted form,
existing privacy preserving classification techniques are not applicable. In
this paper, we focus on solving the classification problem over encrypted data.
In particular, we propose a secure k-NN classifier over encrypted data in the
cloud. The proposed k-NN protocol protects the confidentiality of the data,
user's input query, and data access patterns. To the best of our knowledge, our
work is the first to develop a secure k-NN classifier over encrypted data under
the semi-honest model. Also, we empirically analyze the efficiency of our
solution through various experiments.Comment: 29 pages, 2 figures, 3 tables arXiv admin note: substantial text
overlap with arXiv:1307.482
- …