Secure and efficient processing of outsourced data structures using trusted execution environments

In recent years, more and more companies make use of cloud computing; in other words, they outsource data storage and data processing to a third party, the cloud provider. From cloud computing, the companies expect, for example, cost reductions, fast deployment time, and improved security. However, security also presents a significant challenge as demonstrated by many cloud computing–related data breaches. Whether it is due to failing security measures, government interventions, or internal attackers, data leakages can have severe consequences, e.g., revenue loss, damage to brand reputation, and loss of intellectual property. A valid strategy to mitigate these consequences is data encryption during storage, transport, and processing. Nevertheless, the outsourced data processing should combine the following three properties: strong security, high efficiency, and arbitrary processing capabilities. Many approaches for outsourced data processing based purely on cryptography are available. For instance, encrypted storage of outsourced data, property-preserving encryption, fully homomorphic encryption, searchable encryption, and functional encryption. However, all of these approaches fail in at least one of the three mentioned properties. Besides approaches purely based on cryptography, some approaches use a trusted execution environment (TEE) to process data at a cloud provider. TEEs provide an isolated processing environment for user-defined code and data, i.e., the confidentiality and integrity of code and data processed in this environment are protected against other software and physical accesses. Additionally, TEEs promise efficient data processing. Various research papers use TEEs to protect objects at different levels of granularity. On the one end of the range, TEEs can protect entire (legacy) applications. This approach facilitates the development effort for protected applications as it requires only minor changes. However, the downsides of this approach are that the attack surface is large, it is difficult to capture the exact leakage, and it might not even be possible as the isolated environment of commercially available TEEs is limited. On the other end of the range, TEEs can protect individual, stateless operations, which are called from otherwise unchanged applications. This approach does not suffer from the problems stated before, but it leaks the (encrypted) result of each operation and the detailed control flow through the application. It is difficult to capture the leakage of this approach, because it depends on the processed operation and the operation’s location in the code. In this dissertation, we propose a trade-off between both approaches: the TEE-based processing of data structures. In this approach, otherwise unchanged applications call a TEE for self-contained data structure operations and receive encrypted results. We examine three data structures: TEE-protected B+-trees, TEE-protected database dictionaries, and TEE-protected file systems. Using these data structures, we design three secure and efficient systems: an outsourced system for index searches; an outsourced, dictionary-encoding–based, column-oriented, in-memory database supporting analytic queries on large datasets; and an outsourced system for group file sharing supporting large and dynamic groups. Due to our approach, the systems have a small attack surface, a low likelihood of security-relevant bugs, and a data owner can easily perform a (formal) code verification of the sensitive code. At the same time, we prevent low-level leakage of individual operation results. For all systems, we present a thorough security evaluation showing lower bounds of security. Additionally, we use prototype implementations to present upper bounds on performance. For our implementations, we use a widely available TEE that has a limited isolated environment—Intel Software Guard Extensions. By comparing our systems to related work, we show that they provide a favorable trade-off regarding security and efficiency

Enabling Access Control for Encrypted Multi-Dimensional Data in Cloud Computing through Range Search

With the growing popularity of cloud computing, data owners are increasingly opting to outsource their data to cloud servers due to the numerous benefits it offers. However, this outsourcing raises concerns about data privacy since the data stored on remote cloud servers is not directly controlled by the owners. Encryption of the data is an effective approach to mitigate these privacy concerns. However, encrypted data lacks distinguishability, leading to limitations in supporting common operations such as range search and access control. In this research paper, we propose a method called RSAC (Range Search Supporting Access Control) for encrypted multi-dimensional data in cloud computing. Our method leverages policy design, bucket embedding, algorithm design, and Ciphertext Policy-Attribute Based Encryption (CPABE) to achieve its objectives. We present extensive experimental results that demonstrate the efficiency of our method and conduct a thorough security analysis to ensure its robustness. Our proposed RSAC method addresses the challenges of range search and access control over encrypted multi-dimensional data, thus contributing to enhancing privacy and security in cloud computing environments

HardIDX: Practical and Secure Index with SGX

Software-based approaches for search over encrypted data are still either challenged by lack of proper, low-leakage encryption or slow performance. Existing hardware-based approaches do not scale well due to hardware limitations and software designs that are not specifically tailored to the hardware architecture, and are rarely well analyzed for their security (e.g., the impact of side channels). Additionally, existing hardware-based solutions often have a large code footprint in the trusted environment susceptible to software compromises. In this paper we present HardIDX: a hardware-based approach, leveraging Intel's SGX, for search over encrypted data. It implements only the security critical core, i.e., the search functionality, in the trusted environment and resorts to untrusted software for the remainder. HardIDX is deployable as a highly performant encrypted database index: it is logarithmic in the size of the index and searches are performed within a few milliseconds rather than seconds. We formally model and prove the security of our scheme showing that its leakage is equivalent to the best known searchable encryption schemes. Our implementation has a very small code and memory footprint yet still scales to virtually unlimited search index sizes, i.e., size is limited only by the general - non-secure - hardware resources

Security and Privacy for Big Data: A Systematic Literature Review

Big data is currently a hot research topic, with four million hits on Google scholar in October 2016. One reason for the popularity of big data research is the knowledge that can be extracted from analyzing these large data sets. However, data can contain sensitive information, and data must therefore be sufficiently protected as it is stored and processed. Furthermore, it might also be required to provide meaningful, proven, privacy guarantees if the data can be linked to individuals. To the best of our knowledge, there exists no systematic overview of the overlap between big data and the area of security and privacy. Consequently, this review aims to explore security and privacy research within big data, by outlining and providing structure to what research currently exists. Moreover, we investigate which papers connect security and privacy with big data, and which categories these papers cover. Ultimately, is security and privacy research for big data different from the rest of the research within the security and privacy domain? To answer these questions, we perform a systematic literature review (SLR), where we collect recent papers from top conferences, and categorize them in order to provide an overview of the security and privacy topics present within the context of big data. Within each category we also present a qualitative analysis of papers representative for that specific area. Furthermore, we explore and visualize the relationship between the categories. Thus, the objective of this review is to provide a snapshot of the current state of security and privacy research for big data, and to discover where further research is required

Rich Queries on Encrypted Data: Beyond Exact Matches

We extend the searchable symmetric encryption (SSE) protocol of [Cash et al., Crypto\u2713] adding support for range, substring, wildcard, and phrase queries, in addition to the Boolean queries supported in the original protocol. Our techniques apply to the basic single-client scenario underlying the common SSE setting as well as to the more complex Multi-Client and Outsourced Symmetric PIR extensions of [Jarecki et al., CCS\u2713]. We provide performance information based on our prototype implementation, showing the practicality and scalability of our techniques to very large databases, thus extending the performance results of [Cash et al., NDSS\u2714] to these rich and comprehensive query types

Data Service Outsourcing and Privacy Protection in Mobile Internet

Mobile Internet data have the characteristics of large scale, variety of patterns, and complex association. On the one hand, it needs efficient data processing model to provide support for data services, and on the other hand, it needs certain computing resources to provide data security services. Due to the limited resources of mobile terminals, it is impossible to complete large-scale data computation and storage. However, outsourcing to third parties may cause some risks in user privacy protection. This monography focuses on key technologies of data service outsourcing and privacy protection, including the existing methods of data analysis and processing, the fine-grained data access control through effective user privacy protection mechanism, and the data sharing in the mobile Internet

Cryptographic Techniques for Securing Data in the Cloud

El paradigma de la computació al núvol proporciona accés remot a potents infraestructures a cost reduït. Tot i que l’adopció del núvol ofereix nombrosos beneficis, la migració de dades sol requerir un alt nivell de confiança en el proveïdor de serveis i introdueix problemes de privacitat. En aquesta tesi es dissenyen tècniques per a permetre a usuaris del núvol protegir un conjunt de dades externalitzades. Les solucions proposades emanen del projecte H2020 de la Comissió Europea “CLARUS: User-Centered Privacy and Security in the Cloud”. Els problemes explorats són la cerca sobre dades xifrades, la delegació de càlculs d’interpolació, els esquemes de compartició de secrets i la partició de dades. Primerament, s’estudia el problema de la cerca sobre dades xifrades mitjançant els esquemes de xifrat cercable simètric (SSE), i es desenvolupen tècniques que permeten consultes per rangs dos-dimensionals a SSE. També es tracta el mateix problema utilitzant esquemes de xifrat cercable de clau pública (PEKS), i es presenten esquemes PEKS que permeten consultes conjuntives i de subconjunt. En aquesta tesi també s’aborda la delegació privada de computacions Kriging. Kriging és un algoritme d’interpolació espaial dissenyat per a aplicacions geo-estadístiques. Es descriu un mètode per a delegar interpolacions Kriging de forma privada utilitzant xifrat homomòrfic. Els esquemes de compartició de secrets són una primitiva fonamental en criptografia, utilitzada a diverses solucions orientades al núvol. Una de les mesures d’eficiència relacionades més importants és la taxa d’informació òptima. Atès que calcular aquesta taxa és generalment difícil, s’obtenen propietats que faciliten la seva descripció. Finalment, es tracta el camp de la partició de dades per a la protecció de la privacitat. Aquesta tècnica protegeix la privacitat de les dades emmagatzemant diversos fragments a diferents ubicacions. Aquí s’analitza aquest problema des d’un punt de vista combinatori, fitant el nombre de fragments i proposant diversos algoritmes.El paradigma de la computación en la nube proporciona acceso remoto a potentes infraestructuras a coste reducido. Aunque la adopción de la nube ofrece numerosos beneficios, la migración de datos suele requerir un alto nivel de confianza en el proveedor de servicios e introduce problemas de privacidad. En esta tesis se diseñan técnicas para permitir a usuarios de la nube proteger un conjunto de datos externalizados. Las soluciones propuestas emanan del proyecto H2020 de la Comisión Europea “CLARUS: User-Centered Privacy and Security in the Cloud”. Los problemas explorados son la búsqueda sobre datos cifrados, la delegación de cálculos de interpolación, los esquemas de compartición de secretos y la partición de datos. Primeramente, se estudia el problema de la búsqueda sobre datos cifrados mediante los esquemas de cifrado simétrico buscable (SSE), y se desarrollan técnicas para permitir consultas por rangos dos-dimensionales en SSE. También se trata el mismo problema utilizando esquemas de cifrado buscable de llave pública (PEKS), y se presentan esquemas que permiten consultas conyuntivas y de subconjunto. Adicionalmente, se aborda la delegación privada de computaciones Kriging. Kriging es un algoritmo de interpolación espacial diseñado para aplicaciones geo-estadísticas. Se describe un método para delegar interpolaciones Kriging privadamente utilizando técnicas de cifrado homomórfico. Los esquemas de compartición de secretos son una primitiva fundamental en criptografía, utilizada en varias soluciones orientadas a la nube. Una de las medidas de eficiencia más importantes es la tasa de información óptima. Dado que calcular esta tasa es generalmente difícil, se obtienen propiedades que facilitan su descripción. Por último, se trata el campo de la partición de datos para la protección de la privacidad. Esta técnica protege la privacidad de los datos almacenando varios fragmentos en distintas ubicaciones. Analizamos este problema desde un punto de vista combinatorio, acotando el número de fragmentos y proponiendo varios algoritmos.The cloud computing paradigm provides users with remote access to scalable and powerful infrastructures at a very low cost. While the adoption of cloud computing yields a wide array of benefits, the act of migrating to the cloud usually requires a high level of trust in the cloud service provider and introduces several security and privacy concerns. This thesis aims at designing user-centered techniques to secure an outsourced data set in cloud computing. The proposed solutions stem from the European Commission H2020 project “CLARUS: User-Centered Privacy and Security in the Cloud”. The explored problems are searching over encrypted data, outsourcing Kriging interpolation computations, secret sharing and data splitting. Firstly, the problem of searching over encrypted data is studied using symmetric searchable encryption (SSE) schemes, and techniques are developed to enable efficient two-dimensional range queries in SSE. This problem is also studied through public key encryption with keyword search (PEKS) schemes, efficient PEKS schemes achieving conjunctive and subset queries are proposed. This thesis also aims at securely outsourcing Kriging computations. Kriging is a spatial interpolation algorithm designed for geo-statistical applications. A method to privately outsource Kriging interpolation is presented, based in homomorphic encryption. Secret sharing is a fundamental primitive in cryptography, used in many cloud-oriented techniques. One of the most important efficiency measures in secret sharing is the optimal information ratio. Since computing the optimal information ratio of an access structure is generally hard, properties are obtained to facilitate its description. Finally, this thesis tackles the privacy-preserving data splitting technique, which aims at protecting data privacy by storing different fragments of data at different locations. Here, the data splitting problem is analyzed from a combinatorial point of view, bounding the number of fragments and proposing various algorithms to split the data

Security and Privacy for Big Data: A Systematic Literature Review

Abstract-Big data is currently a hot research topic, with four million hits on Google scholar in October 2016. One reason for the popularity of big data research is the knowledge that can be extracted from analyzing these large data sets. However, data can contain sensitive information, and data must therefore be sufficiently protected as it is stored and processed. Furthermore, it might also be required to provide meaningful, proven, privacy guarantees if the data can be linked to individuals. To the best of our knowledge, there exists no systematic overview of the overlap between big data and the area of security and privacy. Consequently, this review aims to explore security and privacy research within big data, by outlining and providing structure to what research currently exists. Moreover, we investigate which papers connect security and privacy with big data, and which categories these papers cover. Ultimately, is security and privacy research for big data different from the rest of the research within the security and privacy domain? To answer these questions, we perform a systematic literature review (SLR), where we collect recent papers from top conferences, and categorize them in order to provide an overview of the security and privacy topics present within the context of big data. Within each category we also present a qualitative analysis of papers representative for that specific area. Furthermore, we explore and visualize the relationship between the categories. Thus, the objective of this review is to provide a snapshot of the current state of security and privacy research for big data, and to discover where further research is required