A multistage protocol for aggregated queries in distributed cloud databases with privacy protection

Abstract This article is devoted to the novel situation, where a large distributed cloud database is a union of several separate databases belonging to individual database owners who are not allowed to transfer their data for storage in locations different from their already chosen separate cloud service providers. For example, a very large number of medical records may be stored in a distributed cloud database, which is a union of several separate databases from different hospitals, or even from different countries. The owners of the databases may need to provide answers to certain common aggregated queries using all information available without sharing or transferring all data. It is necessary to minimize the communication costs, improve efficiency, and comply with the legal requirements protecting the privacy of confidential data. In this situation, it is impossible to aggregate the whole database in one location, but effective methods for answers to the aggregated queries with privacy protection are required. To solve this important problem, the present article proposes a Multistage Separate Query Processing (MSQP) protocol employing homomorphic encryption with split keys. We show that our protocol can answer a large class of natural queries of practical significance. The running time of the MSQP protocol is O ( d + m d ) , where d is the number of database owners and m is the total number of records in the whole database. In practice, d is small, m can be very large, and so the running time is O ( m ) . This means that the protocol is very efficient for large databases. It dramatically reduces the communication costs of computation and completely eliminates the need for exchange of confidential data. We define a new generalized additive homomorphic property and introduce a Multipart ElGamal Cryptosystem (MEC) with split keys, which enjoys this property. MEC is a novel modification of the ElGamal cryptosystem with split keys. This paper presents the results of extensive experiments evaluating the effectiveness of the MSQP protocol employing MEC and comparing it with MSQP employing the ElGamal cryptosystem, for a collection of publicly available medical datasets. The experiments evaluating our protocol on 11 real-life databases and a synthetic database demonstrate that the MSQP protocol employing MEC is more efficient than other options and can be recommended for practical implementations.

[1]  Patrizio Dazzi,et al.  QoS-aware genetic Cloud Brokering , 2017, Future Gener. Comput. Syst..

[2]  Jian Shen,et al.  A lightweight multi-layer authentication protocol for wireless body area networks , 2018, Future Gener. Comput. Syst..

[3]  Y. Sreenivasa Rao,et al.  A secure and efficient Ciphertext-Policy Attribute-Based Signcryption for Personal Health Records sharing in cloud computing , 2017, Future Gener. Comput. Syst..

[4]  Melissa Chase,et al.  Structured Encryption and Controlled Disclosure , 2010, IACR Cryptol. ePrint Arch..

[5]  Ibrahim Khalil,et al.  ViSiBiD: A learning model for early discovery and real-time prediction of severe clinical events using vital signs as big data , 2017, Comput. Networks.

[6]  Rajkumar Buyya,et al.  Attribute-based data access control in mobile cloud computing: Taxonomy and open issues , 2017, Future Gener. Comput. Syst..

[7]  Yuanyuan Yang,et al.  A quick-response framework for multi-user computation offloading in mobile cloud computing , 2018, Future Gener. Comput. Syst..

[8]  Jemal H. Abawajy,et al.  Universal and secure object ownership transfer protocol for the Internet of Things , 2018, Future Gener. Comput. Syst..

[9]  Xu An Wang,et al.  Cost-effective secure E-health cloud system using identity based cryptographic techniques , 2017, Future Gener. Comput. Syst..

[10]  Junbeom Hur,et al.  Privacy-preserving deduplication of encrypted data with dynamic ownership management in fog computing , 2018, Future Gener. Comput. Syst..

[11]  Athanasios V. Vasilakos,et al.  Cloud data integrity checking with an identity-based auditing mechanism from RSA , 2016, Future Gener. Comput. Syst..

[12]  Jemal H. Abawajy,et al.  Multistage approach for clustering and classification of ECG data , 2013, Comput. Methods Programs Biomed..

[13]  Indrajit Ray,et al.  On the design and analysis of protocols for Personal Health Record storage on Personal Data Server devices , 2018, Future Gener. Comput. Syst..

[14]  Rajkumar Buyya,et al.  Next generation cloud computing: New trends and research directions , 2017, Future Gener. Comput. Syst..

[15]  Lynn Batten,et al.  Aggregating privatized medical data for secure querying applications , 2017, Future Gener. Comput. Syst..

[16]  Rajkumar Buyya,et al.  ContainerCloudSim: An environment for modeling and simulation of containers in cloud data centers , 2017, Softw. Pract. Exp..

[17]  Marek Lubicz,et al.  Boosted SVM for extracting rules from imbalanced data in application to prediction of the post-operative life expectancy in the lung cancer patients , 2014, Appl. Soft Comput..

[18]  Joseph K. Liu,et al.  Privacy-preserving personal data operation on mobile cloud - Chances and challenges over advanced persistent threat , 2018, Future Gener. Comput. Syst..

[19]  Jie Ling,et al.  Secure and fine-grained access control on e-healthcare records in mobile cloud computing , 2018, Future Gener. Comput. Syst..

[20]  Qian Wang,et al.  Searchable Encryption over Feature-Rich Data , 2018, IEEE Transactions on Dependable and Secure Computing.

[21]  Robert H. Deng,et al.  Hybrid privacy-preserving clinical decision support system in fog-cloud computing , 2018, Future Gener. Comput. Syst..

[22]  Josep Domingo-Ferrer,et al.  Anonymous and secure aggregation scheme in fog-based public cloud computing , 2018, Future Gener. Comput. Syst..

[23]  Edvard Pedersen,et al.  Large-scale biological meta-database management , 2017, Future Gener. Comput. Syst..

[24]  Mahmood Ahmadi,et al.  Cost minimization for deadline-constrained bag-of-tasks applications in federated hybrid clouds , 2017, Future Gener. Comput. Syst..

[25]  Etienne Michon,et al.  Schlouder: A broker for IaaS clouds , 2017, Future Gener. Comput. Syst..

[26]  Richard O. Sinnott,et al.  Privacy-protected statistics publication over social media user trajectory streams , 2017, Future Gener. Comput. Syst..

[27]  Unil Yun,et al.  Single-pass based efficient erasable pattern mining using list data structure on dynamic incremental databases , 2018, Future Gener. Comput. Syst..

[28]  Flávio R. C. Sousa,et al.  Regression based performance modeling and provisioning for NoSQL cloud databases , 2018, Future Gener. Comput. Syst..

[29]  O. Mangasarian,et al.  Pattern Recognition Via Linear Programming: Theory and Application to Medical Diagnosis , 1989 .

[30]  Alptekin Küpçü,et al.  Research issues for privacy and security of electronic health services , 2017, Future Gener. Comput. Syst..

[31]  Md. Rafiqul Islam,et al.  A hybrid-multi filter-wrapper framework to identify run-time behaviour for fast malware detection , 2018, Future Gener. Comput. Syst..

[32]  Kemal Akkaya,et al.  Privacy-preserving protocols for secure and reliable data aggregation in IoT-enabled Smart Metering systems , 2018, Future Gener. Comput. Syst..

[33]  Md. Rafiqul Islam,et al.  A multi-tier phishing detection and filtering approach , 2013, J. Netw. Comput. Appl..

[34]  M. Elter,et al.  The prediction of breast cancer biopsy outcomes using two CAD approaches that both emphasize an intelligible decision process. , 2007, Medical physics.

[35]  Yu Zhang,et al.  Formal security proofs with minimal fuss: Implicit computational complexity at work , 2015, Inf. Comput..

[36]  T. Elgamal A public key cryptosystem and a signature scheme based on discrete logarithms , 1984, CRYPTO 1984.

[37]  Sheikh Iqbal Ahamed,et al.  A privacy preserving framework for RFID based healthcare systems , 2017, Future Gener. Comput. Syst..

[38]  Antonio Iera,et al.  MIFaaS: A Mobile-IoT-Federation-as-a-Service Model for dynamic cooperation of IoT Cloud Providers , 2017, Future Gener. Comput. Syst..

[39]  Rajkumar Buyya,et al.  CloudSim: a toolkit for modeling and simulation of cloud computing environments and evaluation of resource provisioning algorithms , 2011, Softw. Pract. Exp..

[40]  Rongxing Lu,et al.  PPDP: An efficient and privacy-preserving disease prediction scheme in cloud-based e-Healthcare system , 2018, Future Gener. Comput. Syst..

[41]  Jin Li,et al.  Verifiable searchable encryption with aggregate keys for data sharing system , 2018, Future Gener. Comput. Syst..

[42]  Zheng Xu,et al.  Image search scheme over encrypted database , 2018, Future Gener. Comput. Syst..

[43]  D. Ayres-de- Campos,et al.  SisPorto 2.0: a program for automated analysis of cardiotocograms. , 2000, The Journal of maternal-fetal medicine.

[44]  Josep Domingo-Ferrer,et al.  Cloud Cryptography: Theory, Practice and Future Research Directions , 2016, Future Gener. Comput. Syst..

[45]  Ruiyun Yu,et al.  Privacy-based recommendation mechanism in mobile participatory sensing systems using crowdsourced users' preferences , 2018, Future Gener. Comput. Syst..

[46]  Rajkumar Buyya,et al.  Workload-aware incremental repartitioning of shared-nothing distributed databases for scalable OLTP applications , 2016, Future Gener. Comput. Syst..

[47]  Liangmin Wang,et al.  SHAMC: A Secure and highly available database system in multi-cloud environment , 2017, Future Gener. Comput. Syst..

[48]  Eduardo Huedo,et al.  Scheduling multiple virtual environments in cloud federations for distributed calculations , 2017, Future Gener. Comput. Syst..

[49]  Yixian Yang,et al.  Secure and efficient data collaboration with hierarchical attribute-based encryption in cloud computing , 2017, Future Gener. Comput. Syst..

[50]  Hamida Seba,et al.  Querying massive graph data: A compress and search approach , 2017, Future Gener. Comput. Syst..

[51]  Md. Rafiqul Islam,et al.  Hybrids of support vector machine wrapper and filter based framework for malware detection , 2016, Future Gener. Comput. Syst..

[52]  Masahiro Jibiki,et al.  An efficient load-balancing mechanism for heterogeneous range-queriable cloud storage , 2018, Future Gener. Comput. Syst..

[53]  Shalini Batra,et al.  Ensemble based spam detection in social IoT using probabilistic data structures , 2018, Future Gener. Comput. Syst..

[54]  Rafail Ostrovsky,et al.  Searchable symmetric encryption: Improved definitions and efficient constructions , 2011, J. Comput. Secur..

[55]  Jennifer Seberry,et al.  Fundamentals of Computer Security , 2003, Springer Berlin Heidelberg.

[56]  David Nowak,et al.  A Framework for Game-Based Security Proofs , 2007, ICICS.

[57]  Muhammad Younas,et al.  Testing of transactional services in NoSQL key-value databases , 2018, Future Gener. Comput. Syst..

[58]  Jan Willemson,et al.  Privacy Protection for Wireless Medical Sensor Data , 2016, IEEE Transactions on Dependable and Secure Computing.

[59]  Ibrahim Khalil,et al.  Design and implementation of a secure cloud-based billing model for smart meters as an Internet of things using homomorphic cryptography , 2017, Future Gener. Comput. Syst..

[60]  Kim-Kwang Raymond Choo,et al.  Achieving high performance and privacy-preserving query over encrypted multidimensional big metering data , 2018, Future Gener. Comput. Syst..

[61]  Shervin Shirmohammadi,et al.  An intelligent cloud-based data processing broker for mobile e-health multimedia applications , 2017, Future Gener. Comput. Syst..

[62]  Richard S. Johannes,et al.  Using the ADAP Learning Algorithm to Forecast the Onset of Diabetes Mellitus , 1988 .

[63]  Xiao Qin,et al.  EDOM: Improving energy efficiency of database operations on multicore servers , 2020, Future Gener. Comput. Syst..

[64]  Jaime S. Cardoso,et al.  Transfer Learning with Partial Observability Applied to Cervical Cancer Screening , 2017, IbPRIA.

[65]  Paulo F. Pires,et al.  System modelling and performance evaluation of a three-tier Cloud of Things , 2017, Future Gener. Comput. Syst..

[66]  James McDermott,et al.  Diagnosing a disorder in a classification benchmark , 2016, Pattern Recognit. Lett..

[67]  Fuchun Guo,et al.  Ciphertext-policy attribute-based encryption against key-delegation abuse in fog computing , 2018, Future Gener. Comput. Syst..

[68]  O. Mangasarian,et al.  Multisurface method of pattern separation for medical diagnosis applied to breast cytology. , 1990, Proceedings of the National Academy of Sciences of the United States of America.

[69]  Victor I. Chang,et al.  Secure searching on cloud storage enhanced by homomorphic indexing , 2016, Future Gener. Comput. Syst..

[70]  Bálint Antal,et al.  An ensemble-based system for automatic screening of diabetic retinopathy , 2014, Knowl. Based Syst..

[71]  Jian Shen,et al.  Towards achieving flexible and verifiable search for outsourced database in cloud computing , 2017, Future Gener. Comput. Syst..

[72]  Feng Bao,et al.  Evolving privacy: From sensors to the Internet of Things , 2017, Future Gener. Comput. Syst..

[73]  Weihua Sheng,et al.  Delivering home healthcare through a Cloud-based Smart Home Environment (CoSHE) , 2018, Future Gener. Comput. Syst..

[74]  Marco Danelutto,et al.  Elastic-PPQ: A two-level autonomic system for spatial preference query processing over dynamic data streams , 2018, Future Gener. Comput. Syst..

[75]  Laurence T. Yang,et al.  Trust, Security and Privacy in Emerging Distributed Systems , 2016, Future Gener. Comput. Syst..

[76]  Yiannis Tsiounis,et al.  On the Security of ElGamal Based Encryption , 1998, Public Key Cryptography.

[77]  Xiaofen Wang One-round secure fair meeting location determination based on homomorphic encryption , 2016, Inf. Sci..

[78]  Monica Palmirani,et al.  Research challenges in legal-rule and QoS-aware cloud service brokerage , 2018, Future Gener. Comput. Syst..

[79]  Muttukrishnan Rajarajan,et al.  A parallelized disjunctive query based searchable encryption scheme for big data , 2020, Future Gener. Comput. Syst..

[80]  Elisa Bertino,et al.  Homomorphic Encryption and Applications , 2014, SpringerBriefs in Computer Science.