nach oben

Erschienen in:

2017 | OriginalPaper | Buchkapitel

Privacy-Preserving Querying on Privately Encrypted Data in the Cloud

verfasst von : Feras Aljumah, Makan Pourzandi, Mourad Debbabi

Erschienen in: Transactions on Large-Scale Data- and Knowledge-Centered Systems XXXV

Verlag: Springer Berlin Heidelberg

Einloggen

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config

KI-gestützte Suche

Aus

Abstract

Cloud services provide clients with highly scalable network, storage, and computational resources. However, these service come with the challenge of guaranteeing the confidentiality of the data stored on the cloud. Rather than attempting to prevent adversaries from compromising the cloud server, we aim in this paper to propose a protocol for secure querying in the cloud, while preserving the privacy of the participants and assuming the existence of a passive adversary able to access all data stored in the cloud. In this paper, we address this problem by proposing a network protocol that would allow a third party, such as a health organization, to query privately encrypted data without relying on a trusted entity. The protocol we propose preserves the privacy of the data owners and the querying entity. The protocol relies on homomorphic cryptography, threshold cryptography, differential privacy, and randomization to allow for secure, distributed, and privacy-preserving queries. We evaluate the performance of our protocol and report on the results of the implementation.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Vorheriges Kapitel Bridging the Gap Between the Business and Social Worlds: A Data Artifact-Driven Approach

Nächstes Kapitel Comparison of Adaptive Neuro-Fuzzy Inference System (ANFIS) and Gaussian Process for Machine Learning (GPML) Algorithms for the Prediction of Norovirus Concentration in Drinking Water Supply

Microsoft health vault. http://www.healthvault.com. Accessed Oct 2017

Li, M., Yu, S., Ren, K., Lou, W.: Securing personal health records in cloud computing: patient-centric and fine-grained data access control in multi-owner settings. In: Jajodia, S., Zhou, J. (eds.) SecureComm 2010. LNICSSITE, vol. 50, pp. 89–106. Springer, Heidelberg (2010). https://doi.org/10.1007/978-3-642-16161-2_6 CrossRef

Akinyele, J.A., Pagano, M.W., Green, M.D., Lehmann, C.U., Peterson, Z.N.J., Rubin, A.D.: Securing electronic medical records using attribute-based encryption on mobile devices. In: Proceedings of the Workshop on Security and Privacy in Smartphones and Mobile Devices. SPSM 2011, pp. 75–86. ACM (2011)

Narayan, S., Gagné, M., Safavi-Naini, R.: Privacy preserving EHR system using attribute-based infrastructure. In: Proceedings of the Cloud Computing Security Workshop. CCSW 2010, pp. 47–52, New York. ACM (2010)

PwC: Putting data security on the top table: how healthcare organisations can manage information more safely, June 2013

Popa, R.A., Redfield, C.M.S., Zeldovich, N., Balakrishnan, H.: CryptDB: protecting confidentiality with encrypted query processing. In: Proceedings of the ACM Symposium on Operating Systems Principles, pp. 85–100 (2011)

Tu, S., Kaashoek, M.F., Madden, S., Zeldovich, N.: Processing analytical queries over encrypted data. In: Proceedings of the VLDB Endowment, vol. 6, pp. 289–300. VLDB Endowment (2013)

Aljumah, F., Pourzandi, M., Debbabi, M.: Privacy-preserving querying mechanism on privately encrypted personal health records. In: International Conference on Informatics, Health & Technology (ICIHT), pp. 1–8. IEEE (2017)

Paillier, P.: Public-key cryptosystems based on composite degree residuosity classes. In: Stern, J. (ed.) EUROCRYPT 1999. LNCS, vol. 1592, pp. 223–238. Springer, Heidelberg (1999). https://doi.org/10.1007/3-540-48910-X_16 CrossRef

10.

Goldwasser, S., Micali, S.: Probabilistic encryption & how to play mental poker keeping secret all partial information. In: Proceedings of the 14th Annual ACM Symposium on Theory of Computing (1982)

11.

Katz, J., Yung, M.: Threshold cryptosystems based on factoring. In: Zheng, Y. (ed.) ASIACRYPT 2002. LNCS, vol. 2501, pp. 192–205. Springer, Heidelberg (2002). https://doi.org/10.1007/3-540-36178-2_12 CrossRef

12.

Barnett, A., Smart, N.P.: Mental poker revisited. In: Paterson, K.G. (ed.) Cryptography and Coding 2003. LNCS, vol. 2898, pp. 370–383. Springer, Heidelberg (2003). https://doi.org/10.1007/978-3-540-40974-8_29 CrossRef

13.

Boneh, D., Franklin, M.: Efficient generation of shared RSA keys. J. ACM 48(4), 702–722 (2001)CrossRefMATHMathSciNet

14.

Yao, A.C.: Protocols for secure computations. In: Proceedings of the 23rd Annual Symposium on Foundations of Computer Science. SFCS 1982, pp. 160–164. IEEE Computer Society (1982)

15.

Fischlin, M.: A cost-effective pay-per-multiplication comparison method for millionaires. In: Naccache, D. (ed.) CT-RSA 2001. LNCS, vol. 2020, pp. 457–471. Springer, Heidelberg (2001). https://doi.org/10.1007/3-540-45353-9_33 CrossRef

16.

Shamir, A.: How to share a secret. Commun. ACM 22(11), 612–613 (1979)CrossRefMATHMathSciNet

17.

Dwork, C., McSherry, F., Nissim, K., Smith, A.: Calibrating noise to sensitivity in private data analysis. In: Halevi, S., Rabin, T. (eds.) TCC 2006. LNCS, vol. 3876, pp. 265–284. Springer, Heidelberg (2006). https://doi.org/10.1007/11681878_14 CrossRef

18.

Dwork, C.: A firm foundation for private data analysis. Commun. ACM 54(1), 86–95 (2011)CrossRef

19.

Barouti, S., Aljumah, F., Alhadidi, D., Debbabi, M.: Secure and privacy-preserving querying of personal health records in the cloud. In: Atluri, V., Pernul, G. (eds.) DBSec 2014. LNCS, vol. 8566, pp. 82–97. Springer, Heidelberg (2014). https://doi.org/10.1007/978-3-662-43936-4_6

20.

Amazon Web Services: Amazon elastic compute cloud (EC2) documentation. http://aws.amazon.com/documentation/ec2/. Accessed Oct 2017

21.

Apache Software Foundation: Apache spark. http://spark.apache.org/. Accessed Oct 2017

22.

Sion, R.: Secure data outsourcing. In: Proceedings of the Conference on Very Large Data Bases. VLDB 2007, pp. 1431–1432 (2007)

23.

Iyer, B., Mehrotra, S., Mykletun, E., Tsudik, G., Wu, Y.: A framework for efficient storage security in RDBMS. In: Bertino, E., Christodoulakis, S., Plexousakis, D., Christophides, V., Koubarakis, M., Böhm, K., Ferrari, E. (eds.) EDBT 2004. LNCS, vol. 2992, pp. 147–164. Springer, Heidelberg (2004). https://doi.org/10.1007/978-3-540-24741-8_10 CrossRef

24.

Song, D., Wagner, D., Perrig, A.: Practical techniques for searches on encrypted data. In: IEEE Symposium on Security and Privacy (2000)

25.

Hacigümüş, H., Iyer, B., Li, C., Mehrotra, S.: Executing SQL over encrypted data in the database-service-provider model. In: Proceedings of the 2002 ACM SIGMOD International Conference on Management of Data (2002)

26.

Hacıgümüş, H., Iyer, B., Mehrotra, S.: Efficient execution of aggregation queries over encrypted relational databases. In: Lee, Y.J., Li, J., Whang, K.-Y., Lee, D. (eds.) DASFAA 2004. LNCS, vol. 2973, pp. 125–136. Springer, Heidelberg (2004). https://doi.org/10.1007/978-3-540-24571-1_10 CrossRef

27.

Damiani, E., Vimercati, S., Jajodia, S., Paraboschi, S., Samarati, P.: Balancing confidentiality and efficiency in untrusted relational DBMSs. In: Proceedings of the 10th ACM Conference on Computer and Communications Security (2003)

28.

Agrawal, R., Kiernan, J., Srikant, R., Xu, Y.: Order preserving encryption for numeric data. In: ACM SIGMOD International Conference on Management of Data (2004)

29.

Boneh, D., Waters, B.: Conjunctive, subset, and range queries on encrypted data. In: Vadhan, S.P. (ed.) TCC 2007. LNCS, vol. 4392, pp. 535–554. Springer, Heidelberg (2007). https://doi.org/10.1007/978-3-540-70936-7_29 CrossRef

30.

Hore, B., Mehrotra, S., Tsudik, G.: A privacy-preserving index for range queries. In: Proceedings of the International Conference on Very Large Data Bases. VLDB 2004, vol. 30, pp. 720–731. VLDB Endowment (2004)

Titel: Privacy-Preserving Querying on Privately Encrypted Data in the Cloud
verfasst von: Feras Aljumah
Makan Pourzandi
Mourad Debbabi
Verlag: Springer Berlin Heidelberg
Buch: Transactions on Large-Scale Data- and Knowledge-Centered Systems XXXV
Print ISBN: 978-3-662-56120-1

Electronic ISBN: 978-3-662-56121-8

Copyright-Jahr: 2017
DOI: https://doi.org/10.1007/978-3-662-56121-8_3

Springer Professional

Abstract

Bitte loggen Sie sich ein, um Zugang zu Ihrer Lizenz zu erhalten.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Springer Professional "Technik"

Springer Professional "Wirtschaft"