Cryptographic Techniques for Securing Data in the Cloud

El paradigma de la computació al núvol proporciona accés remot a potents infraestructures a cost reduït. Tot i que l’adopció del núvol ofereix nombrosos beneficis, la migració de dades sol requerir un alt nivell de confiança en el proveïdor de serveis i introdueix problemes de privacitat. En aquesta tesi es dissenyen tècniques per a permetre a usuaris del núvol protegir un conjunt de dades externalitzades. Les solucions proposades emanen del projecte H2020 de la Comissió Europea “CLARUS: User-Centered Privacy and Security in the Cloud”. Els problemes explorats són la cerca sobre dades xifrades, la delegació de càlculs d’interpolació, els esquemes de compartició de secrets i la partició de dades. Primerament, s’estudia el problema de la cerca sobre dades xifrades mitjançant els esquemes de xifrat cercable simètric (SSE), i es desenvolupen tècniques que permeten consultes per rangs dos-dimensionals a SSE. També es tracta el mateix problema utilitzant esquemes de xifrat cercable de clau pública (PEKS), i es presenten esquemes PEKS que permeten consultes conjuntives i de subconjunt. En aquesta tesi també s’aborda la delegació privada de computacions Kriging. Kriging és un algoritme d’interpolació espaial dissenyat per a aplicacions geo-estadístiques. Es descriu un mètode per a delegar interpolacions Kriging de forma privada utilitzant xifrat homomòrfic. Els esquemes de compartició de secrets són una primitiva fonamental en criptografia, utilitzada a diverses solucions orientades al núvol. Una de les mesures d’eficiència relacionades més importants és la taxa d’informació òptima. Atès que calcular aquesta taxa és generalment difícil, s’obtenen propietats que faciliten la seva descripció. Finalment, es tracta el camp de la partició de dades per a la protecció de la privacitat. Aquesta tècnica protegeix la privacitat de les dades emmagatzemant diversos fragments a diferents ubicacions. Aquí s’analitza aquest problema des d’un punt de vista combinatori, fitant el nombre de fragments i proposant diversos algoritmes.El paradigma de la computación en la nube proporciona acceso remoto a potentes infraestructuras a coste reducido. Aunque la adopción de la nube ofrece numerosos beneficios, la migración de datos suele requerir un alto nivel de confianza en el proveedor de servicios e introduce problemas de privacidad. En esta tesis se diseñan técnicas para permitir a usuarios de la nube proteger un conjunto de datos externalizados. Las soluciones propuestas emanan del proyecto H2020 de la Comisión Europea “CLARUS: User-Centered Privacy and Security in the Cloud”. Los problemas explorados son la búsqueda sobre datos cifrados, la delegación de cálculos de interpolación, los esquemas de compartición de secretos y la partición de datos. Primeramente, se estudia el problema de la búsqueda sobre datos cifrados mediante los esquemas de cifrado simétrico buscable (SSE), y se desarrollan técnicas para permitir consultas por rangos dos-dimensionales en SSE. También se trata el mismo problema utilizando esquemas de cifrado buscable de llave pública (PEKS), y se presentan esquemas que permiten consultas conyuntivas y de subconjunto. Adicionalmente, se aborda la delegación privada de computaciones Kriging. Kriging es un algoritmo de interpolación espacial diseñado para aplicaciones geo-estadísticas. Se describe un método para delegar interpolaciones Kriging privadamente utilizando técnicas de cifrado homomórfico. Los esquemas de compartición de secretos son una primitiva fundamental en criptografía, utilizada en varias soluciones orientadas a la nube. Una de las medidas de eficiencia más importantes es la tasa de información óptima. Dado que calcular esta tasa es generalmente difícil, se obtienen propiedades que facilitan su descripción. Por último, se trata el campo de la partición de datos para la protección de la privacidad. Esta técnica protege la privacidad de los datos almacenando varios fragmentos en distintas ubicaciones. Analizamos este problema desde un punto de vista combinatorio, acotando el número de fragmentos y proponiendo varios algoritmos.The cloud computing paradigm provides users with remote access to scalable and powerful infrastructures at a very low cost. While the adoption of cloud computing yields a wide array of benefits, the act of migrating to the cloud usually requires a high level of trust in the cloud service provider and introduces several security and privacy concerns. This thesis aims at designing user-centered techniques to secure an outsourced data set in cloud computing. The proposed solutions stem from the European Commission H2020 project “CLARUS: User-Centered Privacy and Security in the Cloud”. The explored problems are searching over encrypted data, outsourcing Kriging interpolation computations, secret sharing and data splitting. Firstly, the problem of searching over encrypted data is studied using symmetric searchable encryption (SSE) schemes, and techniques are developed to enable efficient two-dimensional range queries in SSE. This problem is also studied through public key encryption with keyword search (PEKS) schemes, efficient PEKS schemes achieving conjunctive and subset queries are proposed. This thesis also aims at securely outsourcing Kriging computations. Kriging is a spatial interpolation algorithm designed for geo-statistical applications. A method to privately outsource Kriging interpolation is presented, based in homomorphic encryption. Secret sharing is a fundamental primitive in cryptography, used in many cloud-oriented techniques. One of the most important efficiency measures in secret sharing is the optimal information ratio. Since computing the optimal information ratio of an access structure is generally hard, properties are obtained to facilitate its description. Finally, this thesis tackles the privacy-preserving data splitting technique, which aims at protecting data privacy by storing different fragments of data at different locations. Here, the data splitting problem is analyzed from a combinatorial point of view, bounding the number of fragments and proposing various algorithms to split the data

System- and Data-Driven Methods and Algorithms

An increasing complexity of models used to predict real-world systems leads to the need for algorithms to replace complex models with far simpler ones, while preserving the accuracy of the predictions. This two-volume handbook covers methods as well as applications. This first volume focuses on real-time control theory, data assimilation, real-time visualization, high-dimensional state spaces and interaction of different reduction techniques

MODELING DAYTIME AND NIGHTTIME POPULATION DISTRIBUTIONS IN PORTUGAL USING GEOGRAPHIC INFORMATION SYSTEMS

Most official population censuses release a total count of residents by census area, despite the fact that the distribution of population varies widely in space and time. Increasingly, better spatial representation of population distributions are required for many applications, especially at the local scale. Combining available statistical and physiographic data sets, a dasymetric interpolation approach was developed and tested to produce 2001 spatio-temporal representations of population distributions for the municipalities of Cascais and Oeiras in Portugal. This model was implemented within a geographic information system using streets as a spatial basis to allocate population. For each municipality, digital raster maps of nighttime, daytime, daytime residential, daytime worker and student, total daytime, and ambient population densities were produced at high spatial resolution. Quality assessment procedures confirmed that the method suits the objectives. However, the accuracy of results is mostly dependent on the quality of input data sets

Machine learning to generate soil information

This thesis is concerned with the novel use of machine learning (ML) methods in soil science research. ML adoption in soil science has increased considerably, especially in pedometrics (the use of quantitative methods to study the variation of soils). In parallel, the size of the soil datasets has also increased thanks to projects of global impact that aim to rescue legacy data or new large extent surveys to collect new information. While we have big datasets and global projects, currently, modelling is mostly based on "traditional" ML approaches which do not take full advantage of these large data compilations. This compilation of these global datasets is severely limited by privacy concerns and, currently, no solution has been implemented to facilitate the process. If we consider the performance differences derived from the generality of global models versus the specificity of local models, there is still a debate on which approach is better. Either in global or local DSM, most applications are static. Even with the large soil datasets available to date, there is not enough soil data to perform a fully-empirical, space-time modelling. Considering these knowledge gaps, this thesis aims to introduce advanced ML algorithms and training techniques, specifically deep neural networks, for modelling large datasets at a global scale and provide new soil information. The research presented here has been successful at applying the latest advances in ML to improve upon some of the current approaches for soil modelling with large datasets. It has also created opportunities to utilise information, such as descriptive data, that has been generally disregarded. ML methods have been embraced by the soil community and their adoption is increasing. In the particular case of neural networks, their flexibility in terms of structure and training makes them a good candidate to improve on current soil modelling approaches

Learning from aggregated data

Data aggregation is ubiquitous in modern life. Due to various reasons like privacy, scalability, robustness, etc., ground truth data is often subjected to aggregation before being released to the public, or utilised by researchers and analysts. Learning from aggregated data is a challenging problem that requires significant algorithmic innovation, since naive application of standard techniques to aggregated data is vulnerable to the ecological fallacy. In this work, we explore three different versions of this setting. First, we tackle the problem of using generalised linear models when features/covariates are fully observed but the targets are only available as histograms- a common scenario in the healthcare domain where many datasets contain both non-sensitive attributes like age, sex, zip-code, etc., as well as privacy sensitive attributes like healthcare records. We introduce an efficient algorithm that uses alternating data imputation and GLM estimation steps to learn predictive models in this setting. Next, we look at the problem of learning sparse linear models when both features and targets are in aggregated form, specified as empirical estimates of group-wise means computed over different sub-groups of the population. We show that if the true sub-populations are heterogeneous enough, the optimal sparse parameter can be recovered within an arbitrarily small tolerance even in the presence of noise, provided the empirical estimates are obtained from a sufficiently large number of observations. Third, we tackle the scenario of predictive modelling with data that is subjected to spatio-temporal aggregation. We show that by formulating the problem in the frequency domain, we can bypass the mathematical and representational challenges that arise due to non-uniform aggregation, misaligned sampling periods and aliasing. We introduce a novel algorithm that uses restricted Fourier transforms to estimate a linear model which, when applied to spatio-temporally aggregated data, has a generalisation error that is provably close to the optimal performance by the best possible linear model that can be learned from the non-aggregated data set. We then focus our attention on the complementary problem that involves designing aggregation strategies that can allow learning, as well as developing algorithmic techniques that can use only the aggregates to train a model that works on individual samples. We motivate our methods by using the example of Gaussian regression, and subsequently extend our techniques to subsume binary classifiers and generalised linear models. We deonstrate the effectiveness of our techniques with empirical evaluation on data from healthcare and telecommunication. Finally, we present a concrete example of our methods applied to a real life practical problem. Specifically, we consider an application in the domain of online advertising where the complexity of bidding strategies require accurate estimates of most probable cost-per-click or CPC incurred by advertisers, but the data used for training these CPC prediction models are only available as aggregated invoices supplied by an ad publisher on a daily or hourly basis. We introduce a novel learning framework that can use aggregates computed at varying levels of granularity for building individual-level predictive models. We generalise our modelling and algorithmic framework to handle data from diverse domains, and extend our techniques to cover arbitrary aggregation paradigms like sliding windows and overlapping/non-uniform aggregation. We show empirical evidence for the efficacy of our techniques with experiments on both synthetic data and real data from the online advertising domain as well as healthcare to demonstrate the wider applicability of our framework.Electrical and Computer Engineerin

Update and Compensation of Radio Map Based on Statistical Inference

電気通信大学202