Private Cell Retrieval from Data Warehouses

© 2015 IEEE. Publicly accessible data warehouses are an indispensable resource for data analysis. However, they also pose a significant risk to the privacy of the clients, since a data warehouse operator may follow the client's queries and infer what the client is interested in. Private information retrieval (PIR) techniques allow the client to retrieve a cell from a data warehouse without revealing to the operator which cell is retrieved and, therefore, protects the privacy of the client's queries. However, PIR cannot be used to hide online analytical processing (OLAP) operations performed by the client, which may disclose the client's interest. This paper presents a solution for private cell retrieval from a data warehouse on the basis of the Paillier cryptosystem. By our solution, the client can privately perform OLAP operations on the data warehouse and retrieve one (or more) cell without revealing any information about which cell is selected. In addition, we propose a solution for private block download on the basis of the Paillier cryptosystem. Our private block download allows the client to download an encrypted block from a data warehouse without revealing which block in a cloaking region is downloaded and improves the feasibility of our private cell retrieval. Our solutions ensure both the server's privacy and the client's privacy. Our experiments have shown that our solutions are practical

fVSS: A New Secure and Cost-Efficient Scheme for Cloud Data Warehouses

Cloud business intelligence is an increasingly popular choice to deliver decision support capabilities via elastic, pay-per-use resources. However, data security issues are one of the top concerns when dealing with sensitive data. In this pa-per, we propose a novel approach for securing cloud data warehouses by flexible verifiable secret sharing, fVSS. Secret sharing encrypts and distributes data over several cloud ser-vice providers, thus enforcing data privacy and availability. fVSS addresses four shortcomings in existing secret sharing-based approaches. First, it allows refreshing the data ware-house when some service providers fail. Second, it allows on-line analysis processing. Third, it enforces data integrity with the help of both inner and outer signatures. Fourth, it helps users control the cost of cloud warehousing by balanc-ing the load among service providers with respect to their pricing policies. To illustrate fVSS' efficiency, we thoroughly compare it with existing secret sharing-based approaches with respect to security features, querying power and data storage and computing costs

Privacy-Preserving OLAP-based monitoring of data streams: The PP-OMDS approach

In this paper, we propose PP-OMDS (Privacy-Preserving OLAP-based Monitoring of Data Streams), an innovative framework for supporting the OLAP-based monitoring of data streams, which is relevant for a plethora of application scenarios (e.g., security, emergency management, and so forth), in a privacy-preserving manner. The paper describes motivations, principles and achievements of the PP-OMDS framework, along with technological advancements and innovations. We also incorporate a detailed comparative analysis with competitive frameworks, along with a trade-off analysis

A Framework to Utilise Urban Bus Data for Advanced Data Analysis

Most urban bus operators collect detailed data on their respective transportation networks using electronic fare collection systems. However, contrary to the opinion of other service industries that this data is a valuable resource, many bus operators have tended not to fully utilise these resources. International experience suggests using innovative technologies and methodologies such as data warehousing, Online Analytical Processing (OLAP), and data mining, to derive the maximum benefit from this data. Still bus operators tend not to keep the full range of data in a form, which is easy to access or utilise, and therefore, are not able to apply these technologies. The aim of the research project on which this paper reports is to describe the initial data structure of an electronic fare collection system (installed by a public transport operator in Ireland), the storage and enrichment of that data in a relational database, and finally, the representation of the public transport data in a data warehouse. This data warehouse forms the basis of all future data analysis. A 4-phase framework describes the import process leading to a relational database storing the transactional data. The paper concludes with the development of a data warehouse using the star schema

Security Architecture for Tanzania Higher Learning Institutions’ Data Warehouse

In this paper we developed security architecture for the higher learning institutions in Tanzania which considers security measures to be taken at different level of the higher learning institutions’ data warehouse architecture. The primary objectives of the study was to identify security requirements of the higher learning institutions data warehouses and then study the existing security systems in and finally develop and architecture based on the requirements extracted from the study. The study was carried at three different universities in Tanzania by carrying out interviews, study of the existing systems in respective institutions and a literature review of the existing data warehouses systems and architectures. The result was the security requirements identified which lead to the development of the security architecture comprising security in source systems, data, and services to be offered by the DW, applications which use DW, networks and other physical infrastructure focusing on security controls like authentication, role-based access control, role separation of privileged users, storage of data, secure transfer of data, protective monitoring/ intrusion detection, penetration testing, trusted/secure endpoints and physical protection. Keywords: Data warehouse, security architecture, higher learning institution

Auto-ID enabled tracking and tracing data sharing over dynamic B2B and B2G relationships

RFID 2011 collocated with the 2011 IEEE MTT-S International Microwave Workshop Series on Millimeter Wave Integration Technologies (IMWS 2011)Growing complexity and uncertainty are still the key challenges enterprises are facing in managing and re-engineering their existing supply chains. To tackle these challenges, they are continuing innovating management practices and piloting emerging technologies for achieving supply chain visibility, agility, adaptability and security. Nowadays, subcontracting has already become a common practice in modern logistics industry through partnership establishment between the involved stakeholders for delivering consignments from a consignor to a consignee. Companies involved in international supply chain are piloting various supply chain security and integrity initiatives promoted by customs to establish trusted business-to-customs partnership for facilitating global trade and cutting out avoidable supply chain costs and delays due to governmental regulations compliance and unnecessary customs inspection. While existing Auto-ID enabled tracking and tracing solutions are promising for implementing these practices, they provide few efficient privacy protection mechanisms for stakeholders involved in the international supply chain to communicate logistics data over dynamic business-to-business and business-government relationships. A unified privacy protection mechanism is proposed in this work to fill in this gap. © 2011 IEEE.published_or_final_versio

Benchmarking Apache Arrow Flight -- A wire-speed protocol for data transfer, querying and microservices

Moving structured data between different big data frameworks and/or data warehouses/storage systems often cause significant overhead. Most of the time more than 80\% of the total time spent in accessing data is elapsed in serialization/de-serialization step. Columnar data formats are gaining popularity in both analytics and transactional databases. Apache Arrow, a unified columnar in-memory data format promises to provide efficient data storage, access, manipulation and transport. In addition, with the introduction of the Arrow Flight communication capabilities, which is built on top of gRPC, Arrow enables high performance data transfer over TCP networks. Arrow Flight allows parallel Arrow RecordBatch transfer over networks in a platform and language-independent way, and offers high performance, parallelism and security based on open-source standards. In this paper, we bring together some recently implemented use cases of Arrow Flight with their benchmarking results. These use cases include bulk Arrow data transfer, querying subsystems and Flight as a microservice integration into different frameworks to show the throughput and scalability results of this protocol. We show that Flight is able to achieve up to 6000 MB/s and 4800 MB/s throughput for DoGet() and DoPut() operations respectively. On Mellanox ConnectX-3 or Connect-IB interconnect nodes Flight can utilize upto 95\% of the total available bandwidth. Flight is scalable and can use upto half of the available system cores efficiently for a bidirectional communication. For query systems like Dremio, Flight is order of magnitude faster than ODBC and turbodbc protocols. Arrow Flight based implementation on Dremio performs 20x and 30x better as compared to turbodbc and ODBC connections respectively