Privacy preserving query processing on outsourced data via secure multiparty computation
Do, Hoang Giang
Date of Issue2018
School of Computer Science and Engineering
Recent advances in technology have given rise to the popularity and success of many data- related services. This new paradigm allows the client to reduce the cost of operations by providing cost-efficient architectures that support the storage and intensive computation of data, and hence increases the throughput of businesses. However, these promising data services incur multiple and challenging design issues, considerably due to the leakage of confidential data. Losing control over the hardware typically means giving the rights of data access to a third party; as a result, the client faces new threats coming from the server-side. Typical data-management service providers should not be fully trusted, thus storing encrypted data needs to be considered for high-level security assurance. Another potential threat is employees who do not follow the company’s privacy policies and may, intention- ally or unintentionally, reveal sensitive client information. Even when the provider claims to enforce strict policies pertaining to privacy, there is still a chance that the database systems are vulnerable to malicious external attacks. This thesis aims at investigating privacy–preserving solutions for various important data query classes in different ubiquitous scenarios. The security issues of existing secure data processing protocols are also discussed. We focus on the provision of a rigorous security guarantee when processing data and answering queries. Cryptographic techniques from multi-party secure computation are leveraged to enhance security. Specifically, our proposed research objectives are as follows: • The security problem will be analyzed under the semi-honest secure multi-party computation model. The semi-honest model assumes all the participating parties correctly follow the protocol specifications but actively collect information from the data storage and data processing protocols to discover confidential data. • Security requirements for various secure data processing models are proposed to ensure strong confidentiality protection. In this thesis, by considering access pattern and query privacy requirements, we aim to address the security limitations of the existing solutions. • Security requirements for various secure data processing models are proposed to ensure strong confidentiality protection. In this thesis, by considering access pattern and query privacy requirements, we aim to address the security limitations of the existing solutions. • We investigate various secure query processing algorithms in different ubiquitous scenarios: (i) Secure Conjunctive Matching - A solution supports conjunctive queries over an encrypted numerical dataset. An extension to support range queries is also proposed. (ii) Boolean Keyword Search - A scheme allows the client to securely evaluate a boolean expression on a keyword set for an encrypted outsourced corpus of documents. (iii) Multi-dimensional Range Query - a set of protocols support multi-dimensional range queries over a set of points of high dimensional space. The high dimen- sional space represents the multidimensional datasets of numerical domains. (iv) Secure Confidential Information verification. - a framework for verifying per- sonal or confidential information against a set of criteria. The proposed frame- work addresses a number of shortcomings of the current state of the process of physical document verification. These protocols are proposed, analyzed, and evaluated under the semi-honest model and with the proposed security requirements.
DRNTU::Engineering::Computer science and engineering