Client-side Encryption for Privacy-sensitive Applications on the Cloud

Abstract There are important concerns when trusting sensitive information to the cloud. Health and financial records, for instance, suffer strict legal restrictions to data escrow. Organizations holding such information need to assure end-users and authorities that a third party will never access restricted data. Client-side encryption is a common solution in literature. Most works fail, however, to reason the impact of security solutions on performance and usability. Homomorphic and order preserving encryption systems can mitigate such negative impacts, as they allow the computation of regular searches over encrypted records on the cloud, while preserving information confidentiality and the privacy if end-users.

[1]  Florian Kerschbaum,et al.  Privacy-Preserving Computation - (Position Paper) , 2012, APF.

[2]  Dimitrios Pendarakis,et al.  Security audits of multi-tier virtual infrastructures in public infrastructure clouds , 2010, CCSW '10.

[3]  Nathan Chenette,et al.  Order-Preserving Symmetric Encryption , 2009, IACR Cryptol. ePrint Arch..

[4]  Pascal Lafourcade,et al.  Benaloh's Dense Probabilistic Encryption Revisited , 2011, AFRICACRYPT.

[5]  Timothy Grance,et al.  Guidelines on Security and Privacy in Public Cloud Computing | NIST , 2012 .

[6]  Hari Balakrishnan,et al.  CryptDB: protecting confidentiality with encrypted query processing , 2011, SOSP.

[7]  Michael Naehrig,et al.  Private Predictive Analysis on Encrypted Medical Data , 2014, IACR Cryptol. ePrint Arch..

[8]  Yun Mao,et al.  Inception: Towards a Nested Cloud Architecture , 2013, HotCloud.

[9]  Pascal Paillier,et al.  Public-Key Cryptosystems Based on Composite Degree Residuosity Classes , 1999, EUROCRYPT.

[10]  P. Mell,et al.  The NIST Definition of Cloud Computing , 2011 .

[11]  Vinod Vaikuntanathan,et al.  Can homomorphic encryption be practical? , 2011, CCSW '11.

[12]  Carl A. Gunter,et al.  Dynamic Searchable Encryption via Blind Storage , 2014, 2014 IEEE Symposium on Security and Privacy.

[13]  Michael Naehrig,et al.  Private Computation on Encrypted Genomic Data , 2014, LATINCRYPT.

[14]  Bryan D. Payne Reducing the Cost of Security in the Cloud , 2014, CCSW.

[15]  Melissa Chase,et al.  An Anonymous Health Care System , 2010, HealthSec.

[16]  Florian Kerschbaum Client-Controlled Cloud Encryption , 2014, CCS.

[17]  Nickolai Zeldovich,et al.  An Ideal-Security Protocol for Order-Preserving Encoding , 2013, 2013 IEEE Symposium on Security and Privacy.

[18]  Dan Boneh,et al.  Evaluating 2-DNF Formulas on Ciphertexts , 2005, TCC.

[19]  Hari Balakrishnan,et al.  Building Web Applications on Top of Encrypted Data Using Mylar , 2014, NSDI.

[20]  Stratis Ioannidis,et al.  Privacy-Preserving Ridge Regression on Hundreds of Millions of Records , 2013, 2013 IEEE Symposium on Security and Privacy.