Encrypted Set Intersection Protocol for Outsourced Datasets

Secure and efficient data storage and computation for an outsourced database is a primary concern for users, especially with the push for cloud computing that affords both compute and resource scalability. Among the diverse secure building blocks for secure analytical computations on outsourced databases, the encrypted set intersection operation extracts common sensitive information from datasets belonging to different users. In existing methods, each user holds their sensitive data and all users follow a secure protocol to perform set intersection. This approach is not applicable to the cloud platform, where data resides in the cloud platform in encrypted form and not at each user site. To address this limitation, in this paper, we design the Encrypted Set Intersection Protocol (ESIP) that allows server and users to perform collaborative operations to obtain the correct set intersection result without violating privacy of data contributed by each user at the server.

[1]  Yang Tang,et al.  Secure Overlay Cloud Storage with Access Control and Assured Deletion , 2012, IEEE Transactions on Dependable and Secure Computing.

[2]  Emiliano De Cristofaro,et al.  Practical Private Set Intersection Protocols with Linear Complexity , 2010, Financial Cryptography.

[3]  Dawn Xiaodong Song,et al.  Privacy-Preserving Set Operations , 2005, CRYPTO.

[4]  Nikos Mamoulis,et al.  Secure kNN computation on encrypted databases , 2009, SIGMOD Conference.

[5]  Surajit Chaudhuri,et al.  Privacy preservation of aggregates in hidden databases: why and how? , 2009, SIGMOD Conference.

[6]  David M. Eyers,et al.  Big Ideas Paper : Enforcing End-to-end Application Security in the Cloud , 2010 .

[7]  Jayant R. Haritsa,et al.  A Framework for High-Accuracy Privacy-Preserving Mining , 2005, ICDE.

[8]  Hari Balakrishnan,et al.  CryptDB: protecting confidentiality with encrypted query processing , 2011, SOSP.

[9]  Balachander Krishnamurthy,et al.  Privacy in dynamic social networks , 2010, WWW '10.

[10]  Carmit Hazay,et al.  Efficient Set Operations in the Presence of Malicious Adversaries , 2010, Journal of Cryptology.

[11]  Saikat Guha,et al.  NOYB: privacy in online social networks , 2008, WOSN '08.

[12]  Jian Pei,et al.  Privacy Preserving Publishing on Multiple Quasi-identifiers , 2009, 2009 IEEE 25th International Conference on Data Engineering.

[13]  Beng Chin Ooi,et al.  Privacy and ownership preserving of outsourced medical data , 2005, 21st International Conference on Data Engineering (ICDE'05).

[14]  Divyakant Agrawal,et al.  Privacy Preserving Query Processing Using Third Parties , 2006, 22nd International Conference on Data Engineering (ICDE'06).

[15]  Yin Yang,et al.  Differential privacy in data publication and analysis , 2012, SIGMOD Conference.

[16]  Jin H. Im,et al.  Privacy , 2002, Encyclopedia of Information Systems.

[17]  Ravi Kumar,et al.  "I know what you did last summer": query logs and user privacy , 2007, CIKM '07.

[18]  Li Wan,et al.  Privacy-Preserving Gradient-Descent Methods , 2010, IEEE Transactions on Knowledge and Data Engineering.

[19]  Benny Pinkas,et al.  Efficient Private Matching and Set Intersection , 2004, EUROCRYPT.

[20]  Jian Pei,et al.  Preserving Privacy in Social Networks Against Neighborhood Attacks , 2008, 2008 IEEE 24th International Conference on Data Engineering.

[21]  Jayant R. Haritsa,et al.  Maintaining Data Privacy in Association Rule Mining , 2002, VLDB.

[22]  Bobby Bhattacharjee,et al.  Persona: an online social network with user-defined privacy , 2009, SIGCOMM '09.

[23]  Barbara Carminati,et al.  Privacy in Social Networks: How Risky is Your Social Graph? , 2012, 2012 IEEE 28th International Conference on Data Engineering.

[24]  Elisa Bertino,et al.  Secure knowledge management: confidentiality, trust, and privacy , 2006, IEEE Transactions on Systems, Man, and Cybernetics - Part A: Systems and Humans.

[25]  Patrick Valduriez,et al.  Proceedings of the 2004 ACM SIGMOD international conference on Management of data , 2004, SIGMOD 2004.

[26]  Ramakrishnan Srikant,et al.  Privacy-preserving data mining , 2000, SIGMOD '00.

[27]  Bart Goethals,et al.  On Private Scalar Product Computation for Privacy-Preserving Data Mining , 2004, ICISC.

[28]  Anirban Mondal,et al.  Privacy, Security and Trust in P2P environments: A Perspective , 2006, 17th International Workshop on Database and Expert Systems Applications (DEXA'06).

[29]  Graham Cormode,et al.  Personal privacy vs population privacy: learning to attack anonymization , 2011, KDD.