Lightweight Privacy-Preserving Peer-to-Peer Data Integration

Peer Data Management Systems (PDMS) are an attractive solution for managing distributed heterogeneous information. When a peer (client) requests data from another peer (server) with a different schema, translations of the query and its answer are done by a sequence of intermediate peers (translators). There are two privacy issues in this P2P data integration process: (i) answer privacy: no unauthorized parties (including the translators) should learn the query result; (ii) mapping privacy: the schema and the value mappings used by the translators to perform the translation should not be revealed to other peers. Elmeleegy and Ouzzani proposed the PPP protocol that is the first to support privacy-preserving querying in PDMS. However, PPP suffers from several shortcomings. First, PPP does not satisfy the requirement of answer privacy, because it is based on commutative encryption; we show that this issue can be fixed by adopting another cryptographic technique called oblivious transfer. Second, PPP adopts a weaker notion for mapping privacy, which allows the client peer to observe certain mappings done by translators. In this paper, we develop a lightweight protocol, which satisfies mapping privacy and extend it to a more complex one that facilitates parallel translation by peers. Furthermore, we consider a stronger adversary model where there may be collusions among peers and propose an efficient protocol that guards against collusions. We conduct an experimental study on the performance of the proposed protocols using both real and synthetic data. The results show that the proposed protocols not only achieve a better privacy guarantee than PPP, but they are also more efficient.

[1]  Raymond Chi-Wing Wong,et al.  Minimality Attack in Privacy Preserving Data Publishing , 2007, VLDB.

[2]  Michael O. Rabin,et al.  How To Exchange Secrets with Oblivious Transfer , 2005, IACR Cryptol. ePrint Arch..

[3]  Panos Kalnis,et al.  Private queries in location based services: anonymizers are not necessary , 2008, SIGMOD Conference.

[4]  Alon Y. Halevy,et al.  Efficient query reformulation in peer data management systems , 2004, SIGMOD '04.

[5]  Chris Clifton,et al.  Privacy-preserving distributed mining of association rules on horizontally partitioned data , 2004, IEEE Transactions on Knowledge and Data Engineering.

[6]  P ? ? ? ? ? ? ? % ? ? ? ? , 1991 .

[7]  S. Rajsbaum Foundations of Cryptography , 2014 .

[8]  Latanya Sweeney,et al.  k-Anonymity: A Model for Protecting Privacy , 2002, Int. J. Uncertain. Fuzziness Knowl. Based Syst..

[9]  N. Koblitz A Course in Number Theory and Cryptography , 1987 .

[10]  Yehuda Lindell,et al.  Privacy Preserving Data Mining , 2002, Journal of Cryptology.

[11]  Eyal Kushilevitz,et al.  Private information retrieval , 1998, JACM.

[12]  Ahmed K. Elmagarmid,et al.  Preserving privacy and fairness in peer-to-peer data integration , 2010, SIGMOD Conference.

[13]  ASHWIN MACHANAVAJJHALA,et al.  L-diversity: privacy beyond k-anonymity , 2006, 22nd International Conference on Data Engineering (ICDE'06).

[14]  Stephen A. Weis New foundations for efficient authentication, commutative cryptography, and private disjointness testing , 2006 .

[15]  Beng Chin Ooi,et al.  PeerDB: a P2P-based system for distributed data sharing , 2003, Proceedings 19th International Conference on Data Engineering (Cat. No.03CH37405).

[16]  Alfred Menezes,et al.  Handbook of Applied Cryptography , 2018 .

[17]  Stephen C. Pohlig,et al.  An Improved Algorithm for Computing Logarithms over GF(p) and Its Cryptographic Significance , 2022, IEEE Trans. Inf. Theory.

[18]  Herbert S. Lin,et al.  Computational Technology for Effective Health Care: Immediate Steps and Strategic Directions , 2009 .

[19]  John Mylopoulos,et al.  Data Sharing in the Hyperion Peer Database System , 2005, VLDB.

[20]  Stavros Papadopoulos,et al.  Nearest neighbor search with strong location privacy , 2010, Proc. VLDB Endow..

[21]  Gu Si-yang,et al.  Privacy preserving association rule mining in vertically partitioned data , 2006 .

[22]  Oded Goldreich Foundations of Cryptography: Volume 1 , 2006 .

[23]  Laks V. S. Lakshmanan,et al.  Schema mapping and query translation in heterogeneous P2P XML databases , 2010, The VLDB Journal.

[24]  Ninghui Li,et al.  t-Closeness: Privacy Beyond k-Anonymity and l-Diversity , 2007, 2007 IEEE 23rd International Conference on Data Engineering.

[25]  Gabriel M. Kuper,et al.  Queries and Updates in the coDB Peer to Peer Database System , 2004, VLDB.

[26]  Dan Suciu,et al.  The Piazza peer data management project , 2003, SGMD.

[27]  Martin E. Hellman,et al.  An improved algorithm for computing logarithms over GF(p) and its cryptographic significance (Corresp.) , 1978, IEEE Trans. Inf. Theory.

[28]  Yin Yang,et al.  Spatial Outsourcing for Location-based Services , 2008, 2008 IEEE 24th International Conference on Data Engineering.

[29]  Oded Goldreich,et al.  Foundations of Cryptography: Volume 2, Basic Applications , 2004 .

[30]  Chanathip Namprempre,et al.  The One-More-RSA-Inversion Problems and the Security of Chaum's Blind Signature Scheme , 2003, Journal of Cryptology.

[31]  Daniel Kifer,et al.  Attacks on privacy and deFinetti's theorem , 2009, SIGMOD Conference.

[32]  Abhi Shelat,et al.  Simulatable Adaptive Oblivious Transfer , 2007, EUROCRYPT.