e-PPI: Locator Service in Information Networks with Personalized Privacy Preservation

In emerging information networks, having a privacy preserving index (or PPI) is critically important for locating information of interest for data sharing across autonomous providers while preserving privacy. An understudied problem for PPI techniques is how to provide controllable privacy preservation, given the innate difference of privacy concerns regarding different data owners. In this paper we present a personalized privacy preserving index, coined ε-PPI, which guarantees quantitative privacy preservation differentiated by personal identities. We devise a new common-identity attack that breaks existing PPI's and propose an identity-mixing protocol against the attack in ε-PPI. The proposed ε-PPI construction protocol is the first without any trusted third party and/or trust relationships between providers. We have implemented our ε-PPI construction protocol by using generic MPC techniques (secure multi-party computation) and optimized the performance to a practical level by minimizing the expensive MPC part.

[1]  Elisa Bertino,et al.  A secure multiparty computation privacy preserving OLAP framework over distributed XML data , 2010, SAC '10.

[2]  Roberto J. Bayardo,et al.  Make it fresh, make it quick: searching a network of personal webservers , 2003, WWW '03.

[3]  Shicong Meng,et al.  Privacy preserving indexing for eHealth information networks , 2011, CIKM '11.

[4]  Elisa Bertino,et al.  Efficient privacy-aware record integration , 2013, EDBT '13.

[5]  Cong Wang,et al.  Privacy-Preserving Multi-Keyword Ranked Search over Encrypted Cloud Data , 2014 .

[6]  Jie Lu,et al.  Content-based retrieval in hybrid peer-to-peer networks , 2003, CIKM '03.

[7]  Thomas B. Newman,et al.  Implementation Brief: Use of Commercial Record Linkage Software and Vital Statistics to Identify Patient Deaths , 1997, J. Am. Medical Informatics Assoc..

[8]  Ahmad-Reza Sadeghi,et al.  TASTY: tool for automating secure two-party computations , 2010, CCS '10.

[9]  Ming Li,et al.  Authorized Private Keyword Search over Encrypted Data in Cloud Computing , 2011, 2011 31st International Conference on Distributed Computing Systems.

[10]  Cong Wang,et al.  Secure Ranked Keyword Search over Encrypted Cloud Data , 2010, 2010 IEEE 30th International Conference on Distributed Computing Systems.

[11]  Andreas Haeberlen,et al.  DJoin: differentially private join queries over distributed databases , 2012, OSDI 2012.

[12]  Scott L. DuVall,et al.  Evaluation of record linkage between a large healthcare provider and the Utah Population Database , 2012, J. Am. Medical Informatics Assoc..

[13]  Eli Upfal,et al.  Probability and Computing: Randomized Algorithms and Probabilistic Analysis , 2005 .

[14]  Dawn Xiaodong Song,et al.  Privacy-Preserving Set Operations , 2005, CRYPTO.

[15]  Jonathan Katz,et al.  Faster Secure Two-Party Computation Using Garbled Circuits , 2011, USENIX Security Symposium.

[16]  Ivan Damgård,et al.  Asynchronous Multiparty Computation: Theory and Implementation , 2008, IACR Cryptol. ePrint Arch..

[17]  Yihua Zhang,et al.  Secure Computation on Floating Point Numbers , 2013, NDSS.

[18]  Ling Liu,et al.  -PPI: Searching Information Networks with Quantitative Privacy Guarantee , 2014 .

[19]  Jaideep Vaidya,et al.  Privacy-preserving indexing of documents on the network , 2003, The VLDB Journal.

[20]  Marianne Winslett,et al.  Zerber: r-confidential indexing for distributed documents , 2008, EDBT '08.

[21]  Micah Adler,et al.  An Analysis of the Degradation of Anonymous Protocols , 2002, NDSS.

[22]  Dawn Xiaodong Song,et al.  Practical techniques for searches on encrypted data , 2000, Proceeding 2000 IEEE Symposium on Security and Privacy. S&P 2000.

[23]  David Hawking,et al.  Overview of the TREC-9 Web Track , 2000, TREC.

[24]  Benny Pinkas,et al.  FairplayMP: a system for secure multi-party computation , 2008, CCS.

[25]  Murat Kantarcioglu,et al.  A practical approach to achieve private medical record linkage in light of public resources , 2013, J. Am. Medical Informatics Assoc..

[26]  Mike Hibler,et al.  An integrated experimental environment for distributed systems and networks , 2002, OPSR.

[27]  Latanya Sweeney,et al.  k-Anonymity: A Model for Protecting Privacy , 2002, Int. J. Uncertain. Fuzziness Knowl. Based Syst..