SecDM\documentclass[12pt]{minimal} \usepackage{amsmath} \usepackage{wasysym} \usepackage{amsfonts} \usepackage{amssymb} \usepackage{amsbsy} \usepackage{mathrsfs} \usepackage{upgreek} \setlength{\oddsidemargin}{-69pt} \begin{document}$${\textsf {SecDM}}$$\end{document}: privacy-preserving data outsou

Data-as-a-service (DaaS) is a cloud computing service that emerged as a viable option to businesses and individuals for outsourcing and sharing their collected data with other parties. Although the cloud computing paradigm provides great flexibility to consumers with respect to computation and storage capabilities, it imposes serious concerns about the confidentiality of the outsourced data as well as the privacy of the individuals referenced in the data. In this paper we formulate and address the problem of querying encrypted data in a cloud environment such that query processing is confidential and the result is differentially private. We propose a framework where the data provider uploads an encrypted index of her anonymized data to a DaaS service provider that is responsible for answering range count queries from authorized data miners for the purpose of data mining. To satisfy the confidentiality requirement, we leverage attribute-based encryption to construct a secure kd-tree index over the differentially private data for fast access. We also utilize the exponential variant of the ElGamal cryptosystem to efficiently perform homomorphic operations on encrypted data. Experiments on real-life data demonstrate that our proposed framework preserves data utility, can efficiently answer range queries, and is scalable with increasing data size.

[1]  Raymond Chi-Wing Wong,et al.  (α, k)-anonymity: an enhanced k-anonymity model for privacy preserving data publishing , 2006, KDD '06.

[2]  Tharam S. Dillon,et al.  Cloud Computing: Issues and Challenges , 2010, 2010 24th IEEE International Conference on Advanced Information Networking and Applications.

[3]  Sushil Jajodia,et al.  Balancing confidentiality and efficiency in untrusted relational DBMSs , 2003, CCS '03.

[4]  Brent Waters,et al.  Conjunctive, Subset, and Range Queries on Encrypted Data , 2007, TCC.

[5]  Naranker Dulay,et al.  Shared and Searchable Encrypted Data for Untrusted Servers , 2008, DBSec.

[6]  Lior Rokach,et al.  A Survey of Data Leakage Detection and Prevention Solutions , 2012, SpringerBriefs in Computer Science.

[7]  Cynthia Dwork,et al.  Differential Privacy , 2006, ICALP.

[8]  Jianliang Xu,et al.  Processing private queries over untrusted data cloud through privacy homomorphism , 2011, 2011 IEEE 27th International Conference on Data Engineering.

[9]  Mark de Berg,et al.  Computational geometry: algorithms and applications, 3rd Edition , 1997 .

[10]  Matthew K. Franklin,et al.  Identity-Based Encryption from the Weil Pairing , 2001, CRYPTO.

[11]  Philip S. Yu,et al.  Differentially private data release for data mining , 2011, KDD.

[12]  Vipin Kumar,et al.  Privacy Preserving Nearest Neighbor Search , 2006, Sixth IEEE International Conference on Data Mining - Workshops (ICDMW'06).

[13]  Assaf Schuster,et al.  Data mining with differential privacy , 2010, KDD.

[14]  Yu Zhang,et al.  Differentially Private High-Dimensional Data Publication via Sampling-Based Inference , 2015, KDD.

[15]  Divyakant Agrawal,et al.  A Comprehensive Framework for Secure Query Processing on Relational Data in the Cloud , 2011, Secure Data Management.

[16]  Cong Wang,et al.  Secure Ranked Keyword Search over Encrypted Cloud Data , 2010, 2010 IEEE 30th International Conference on Distributed Computing Systems.

[17]  Wei Wang,et al.  Storage and Query over Encrypted Character and Numerical Data in Database , 2005, The Fifth International Conference on Computer and Information Technology (CIT'05).

[18]  Yongge Wang,et al.  Privacy-Preserving Data Storage in Cloud Using Array BP-XOR Codes , 2015, IEEE Transactions on Cloud Computing.

[19]  Philip S. Yu,et al.  Privacy-preserving data publishing: A survey of recent developments , 2010, CSUR.

[20]  Steven L. Salzberg,et al.  Book Review: C4.5: Programs for Machine Learning by J. Ross Quinlan. Morgan Kaufmann Publishers, Inc., 1993 , 1994, Machine Learning.

[21]  Mariana Raykova,et al.  Outsourcing Multi-Party Computation , 2011, IACR Cryptol. ePrint Arch..

[22]  Craig Gentry,et al.  Fully homomorphic encryption using ideal lattices , 2009, STOC '09.

[23]  Wei Wang,et al.  Fast Query Over Encrypted Character Data in Database , 2004, CIS.

[24]  Hakan Hacigümüs,et al.  Efficient Execution of Aggregation Queries over Encrypted Relational Databases , 2004, DASFAA.

[25]  Praneeth Babu Marella,et al.  Ancile: Privacy-Preserving Framework for Access Control and Interoperability of Electronic Health Records Using Blockchain Technology , 2018 .

[26]  Vitaly Shmatikov,et al.  Robust De-anonymization of Large Sparse Datasets , 2008, 2008 IEEE Symposium on Security and Privacy (sp 2008).

[27]  Brent Waters,et al.  Ciphertext-Policy Attribute-Based Encryption , 2007, 2007 IEEE Symposium on Security and Privacy (SP '07).

[28]  Antonin Guttman,et al.  R-trees: a dynamic index structure for spatial searching , 1984, SIGMOD '84.

[29]  Dawn Xiaodong Song,et al.  Practical techniques for searches on encrypted data , 2000, Proceeding 2000 IEEE Symposium on Security and Privacy. S&P 2000.

[30]  Antoine Joux,et al.  A One Round Protocol for Tripartite Diffie–Hellman , 2000, Journal of Cryptology.

[31]  Mark de Berg,et al.  Computational geometry: algorithms and applications , 1997 .

[32]  Hovav Shacham,et al.  Short Group Signatures , 2004, CRYPTO.

[33]  Lior Rokach,et al.  Limiting disclosure of sensitive data in sequential releases of databases , 2012, Inf. Sci..

[34]  Stanley B. Zdonik,et al.  Answering Aggregation Queries in a Secure System Model , 2007, VLDB.

[35]  Bing-Rong Lin,et al.  Towards an axiomatization of statistical privacy and utility , 2010, PODS.

[36]  Laks V. S. Lakshmanan,et al.  Efficient secure query evaluation over encrypted XML databases , 2006, VLDB.

[37]  Gene Tsudik,et al.  A Privacy-Preserving Index for Range Queries , 2004, VLDB.

[38]  Andreas Peter,et al.  A Survey of Provably Secure Searchable Encryption , 2014, ACM Comput. Surv..

[39]  S. Rajsbaum Foundations of Cryptography , 2014 .

[40]  Brent Waters,et al.  Functional Encryption: Definitions and Challenges , 2011, TCC.

[41]  Steven Salzberg,et al.  Programs for Machine Learning , 2004 .

[42]  Xue Liu,et al.  NEST: Locality-aware approximate query service for cloud computing , 2013, 2013 Proceedings IEEE INFOCOM.

[43]  Hari Balakrishnan,et al.  CryptDB: protecting confidentiality with encrypted query processing , 2011, SOSP.

[44]  Elisa Bertino,et al.  Private Cell Retrieval From Data Warehouses , 2016, IEEE Transactions on Information Forensics and Security.

[45]  Frank McSherry,et al.  Privacy integrated queries: an extensible platform for privacy-preserving data analysis , 2009, SIGMOD Conference.

[46]  Douglas Comer,et al.  Ubiquitous B-Tree , 1979, CSUR.

[47]  Hovav Shacham,et al.  Short Signatures from the Weil Pairing , 2001, J. Cryptol..

[48]  Hugo Krawczyk,et al.  Outsourced symmetric private information retrieval , 2013, IACR Cryptol. ePrint Arch..

[49]  Ronald Cramer,et al.  A Secure and Optimally Efficient Multi-Authority Election Scheme ( 1 ) , 2000 .

[50]  Nikos Mamoulis,et al.  Secure kNN computation on encrypted databases , 2009, SIGMOD Conference.

[51]  Hakan Hacigümüs,et al.  Executing SQL over encrypted data in the database-service-provider model , 2002, SIGMOD '02.

[52]  Pieter H. Hartel,et al.  Selective Document Retrieval from Encrypted Database , 2012, ISC.

[53]  Robert H. Deng,et al.  Fully Secure Cipertext-Policy Hiding CP-ABE , 2011, ISPEC.

[54]  Divesh Srivastava,et al.  Differentially Private Spatial Decompositions , 2011, 2012 IEEE 28th International Conference on Data Engineering.

[55]  Stanley B. Zdonik,et al.  Fast, Secure Encryption for Indexing in a Column-Oriented DBMS , 2007, 2007 IEEE 23rd International Conference on Data Engineering.

[56]  Piotr K. Tysowski,et al.  Hybrid Attribute- and Re-Encryption-Based Key Management for Secure and Scalable Mobile Applications in Clouds , 2013, IEEE Transactions on Cloud Computing.

[57]  Oded Goldreich Foundations of Cryptography: Index , 2001 .

[58]  Jon Louis Bentley,et al.  Multidimensional binary search trees used for associative searching , 1975, CACM.

[59]  Ramakrishnan Srikant,et al.  Order preserving encryption for numeric data , 2004, SIGMOD '04.

[60]  Peter Williams,et al.  Building castles out of mud: practical access pattern privacy and correctness on untrusted storage , 2008, CCS.

[61]  Laks V. S. Lakshmanan,et al.  Privacy-Preserving Mining of Association Rules From Outsourced Transaction Databases , 2013, IEEE Systems Journal.

[62]  Mourad Debbabi,et al.  Secure and Privacy-Preserving Querying of Personal Health Records in the Cloud , 2014, DBSec.

[63]  Chun Yuan,et al.  Differentially Private Data Release through Multidimensional Partitioning , 2010, Secure Data Management.

[64]  Cynthia Dwork,et al.  Practical privacy: the SuLQ framework , 2005, PODS.

[65]  R. Bayer,et al.  Organization and maintenance of large ordered indices , 1970, SIGFIDET '70.

[66]  Peng Wang,et al.  Secure and efficient range queries on outsourced databases using Rp-trees , 2013, 2013 IEEE 29th International Conference on Data Engineering (ICDE).

[67]  Divyakant Agrawal,et al.  Privacy Preserving Query Processing Using Third Parties , 2006, 22nd International Conference on Data Engineering (ICDE'06).

[68]  Philip S. Yu,et al.  Anonymizing Classification Data for Privacy Preservation , 2007, IEEE Transactions on Knowledge and Data Engineering.

[69]  Massimo Barbaro,et al.  A Face Is Exposed for AOL Searcher No , 2006 .