Jinfei Liu,Juncheng Yang,Li Xiong,Jian Pei

DOI: https://doi.org/10.1109/icde.2017.117

2017-01-01

Abstract:Outsourcing data and computation to cloud server provides a cost-e ective way to support large scale data storage and query processing. However, due to security and privacy concerns, sensitive data (e.g., medical records) need to be protected from the cloud server and other unauthorized users. One approach is to outsource encrypted data to the cloud server and have the cloud server perform query processing on the encrypted data only. It remains a challenging task to support various queries over encrypted data in a secure and e cient way such that the cloud server does not gain any knowledge about the data, query, and query result. In this paper, we study the problem of secure skyline queries over encrypted data. The skyline query is particularly important for multicriteria decision making but also presents significant challenges due to its complex computations. We propose a fully secure skyline query protocol on data encrypted using semanticallysecure encryption. As a key subroutine, we present a new secure dominance protocol, which can be also used as a building block for other queries. Finally, we provide both serial and parallelized implementations and empirically study the protocols in terms of e ciency and scalability under di erent parameter settings, verifying the feasibility of our proposed solutions.

Ke Cheng,Liangmin Wang,Yulong Shen,Hua Wang,Yongzhi Wang,Xiaohong Jiang,Hong Zhong

DOI: https://doi.org/10.1109/tbdata.2017.2707552

2017-01-01

IEEE Transactions on Big Data

Abstract:The k-nearest neighbors (k-NN) query is a fundamental primitive in spatial and multimedia databases. It has extensive applications in location-based services, classification & clustering and so on. With the promise of confidentiality and privacy, massive data are increasingly outsourced to cloud in the encrypted form for enjoying the advantages of cloud computing (e.g., reduce storage and query processing costs). Recently, many schemes have been proposed to support k-NN query on encrypted cloud data. However, prior works have all assumed that the query users (QUs) are fully-trusted and know the key of the data owner (DO), which is used to encrypt and decrypt outsourced data. The assumptions are unrealistic in many situations, since many users are neither trusted nor knowing the key. In this paper, we propose a novel scheme for secure k-NN query on encrypted cloud data with multiple keys, in which the DO and each QU all hold their own different keys, and do not share them with each other; meanwhile, the DO encrypts and decrypts outsourced data using the key of his own. Our scheme is constructed by a distributed two trapdoors public-key cryptosystem (DT-PKC) and a set of protocols of secure two-party computation, which not only preserves the data confidentiality and query privacy but also supports the offline data owner. Our extensive theoretical and experimental evaluations demonstrate the effectiveness of our scheme in terms of security and performance.

Shyam Murthy,Santosh Kumar Upadhyaya,Srinivas Vivek

2024-04-17

Abstract:The rise of cloud computing has spurred a trend of transferring data storage and computational tasks to the cloud. To protect confidential information such as customer data and business details, it is essential to encrypt this sensitive data before cloud storage. Implementing encryption can prevent unauthorized access, data breaches, and the resultant financial loss, reputation damage, and legal issues. Moreover, to facilitate the execution of data mining algorithms on the cloud-stored data, the encryption needs to be compatible with domain computation. The $k$-nearest neighbor ($k$-NN) computation for a specific query vector is widely used in fields like location-based services. Sanyashi et al. (ICISS 2023) proposed an encryption scheme to facilitate privacy-preserving $k$-NN computation on the cloud by utilizing Asymmetric Scalar-Product-Preserving Encryption (ASPE).

Cryptography and Security

Gunjan Mishra,Kalyani Pathak,Yash Mishra,Pragati Jadhav,Vaishali Keshervani

2024-07-06

Abstract:Data mining has various real-time applications in fields such as finance telecommunications, biology, and government. Classification is a primary task in data mining. With the rise of cloud computing, users can outsource and access their data from anywhere, offloading data and it is processing to the cloud. However, in public cloud environments while data is often encrypted, the cloud service provider typically controls the encryption keys, meaning they can potentially access the data at any time. This situation makes traditional privacy-preserving classification systems inadequate. The recommended protocol ensures data privacy, protects user queries, and conceals access patterns. Given that encrypted data on the cloud cannot be directly mined, we focus on a secure k nearest neighbor classification algorithm for encrypted, outsourced data. This approach maintains the privacy of user queries and data access patterns while allowing effective data mining operations to be conducted securely in the cloud. With cloud computing, particularly in public cloud environments, the encryption of data necessitates advanced methods like secure k nearest neighbor algorithms to ensure privacy and functionality in data mining. This innovation protects sensitive information and user privacy, addressing the challenges posed by traditional systems where cloud providers control encryption keys.

Cryptography and Security

Yousef Elmehdwi,Bharath K. Samanthula,Wei Jiang

DOI: https://doi.org/10.48550/arXiv.1307.4824

2013-07-18

Abstract:For the past decade, query processing on relational data has been studied extensively, and many theoretical and practical solutions to query processing have been proposed under various scenarios. With the recent popularity of cloud computing, users now have the opportunity to outsource their data as well as the data management tasks to the cloud. However, due to the rise of various privacy issues, sensitive data (e.g., medical records) need to be encrypted before outsourcing to the cloud. In addition, query processing tasks should be handled by the cloud; otherwise, there would be no point to outsource the data at the first place. To process queries over encrypted data without the cloud ever decrypting the data is a very challenging task. In this paper, we focus on solving the k-nearest neighbor (kNN) query problem over encrypted database outsourced to a cloud: a user issues an encrypted query record to the cloud, and the cloud returns the k closest records to the user. We first present a basic scheme and demonstrate that such a naive solution is not secure. To provide better security, we propose a secure kNN protocol that protects the confidentiality of the data, user's input query, and data access patterns. Also, we empirically analyze the efficiency of our protocols through various experiments. These results indicate that our secure protocol is very efficient on the user end, and this lightweight scheme allows a user to use any mobile device to perform the kNN query.

Cryptography and Security

B. Murugeshwari,D. Selvaraj,K. Sudharson,S. Radhika

DOI: https://doi.org/10.32604/iasc.2023.028548

2023-01-01

Intelligent Automation & Soft Computing

Abstract:Protecting the privacy of data in the multi-cloud is a crucial task. Data mining is a technique that protects the privacy of individual data while mining those data. The most significant task entails obtaining data from numerous remote databases. Mining algorithms can obtain sensitive information once the data is in the data warehouse. Many traditional algorithms/techniques promise to provide safe data transfer, storing, and retrieving over the cloud platform. These strategies are primarily concerned with protecting the privacy of user data. This study aims to present data mining with privacy protection (DMPP) using precise elliptic curve cryptography (PECC), which builds upon that algebraic elliptic curve in finite fields. This approach enables safe data exchange by utilizing a reliable data consolidation approach entirely reliant on rewritable data concealing techniques. Also, it outperforms data mining in terms of solid privacy procedures while maintaining the quality of the data. Average approximation error, computational cost, anonymizing time, and data loss are considered performance measures. The suggested approach is practical and applicable in real-world situations according to the experimental findings.

automation & control systems,computer science, artificial intelligence

Zhiqiang Yang,Sheng Zhong,Rebecca N. Wright

DOI: https://doi.org/10.1007/11863908_29

2006-01-01

Abstract:Data confidentiality is a major concern in database systems. Encryption is a useful tool for protecting the confidentiality of sensitive data. However, when data is encrypted, performing queries becomes more challenging. In this paper, we study efficient and provably secure methods for queries on encrypted data stored in an outsourced database that may be susceptible to compromise. Specifically, we show that, in our system, even if an intruder breaks into the database and observes some interactions between the database and its users, he only learns very little about the data stored in the database and the queries performed on the data.Our work consists of several components. First, we consider databases in which each attribute has a finite domain and give a basic solution for certain kinds of queries on such databases. Then, we present two enhanced solutions, one with a stronger security guarantee and the other with accelerated queries. In addition to providing proofs of our security guarantees, we provide empirical performance evaluations. Our experiments demonstrate that our solutions are fast on large-sized real data.

Hyeong-Il Kim,Hyeong-Jin Kim,Jae-Woo Chang

DOI: https://doi.org/10.1016/j.datak.2017.07.005

2019-09-01

Abstract:With the adoption of cloud computing, database outsourcing has emerged as a new platform. Due to the serious privacy concerns associated with cloud computing, databases must be encrypted before being outsourced to the cloud. Therefore, various k-nearest neighbor (kNN) query processing techniques have been proposed for encrypted databases. However, existing schemes are either insecure or inefficient. In this paper, we propose a new secure kNN query processing algorithm. Our algorithm guarantees the confidentiality of both encrypted data and users’ query records. To achieve a high level of query processing efficiency, we also devise an encrypted index search scheme that performs data filtering without revealing data access patterns. A performance analysis shows that the proposed scheme outperforms the existing scheme in terms of query processing costs while preserving data privacy.

computer science, information systems, artificial intelligence

Youwen Zhu,Zhikuan Wang,Yue Zhang

DOI: https://doi.org/10.1007/978-3-319-31750-2_32

2016-01-01

Abstract:Recently, many schemes have been proposed to support k-nearest neighbors (k-NN) query on encrypted cloud data. However, existing approaches either assume query users are fully-trusted, or require data owner to be online all the time. Query users in fully-trusted assumption can access the key to encrypt/decrypt outsourced data, thus, untrusted cloud server can completely break the data upon obtaining the key from any untrustworthy query user. The online requirement introduces much cost to data owner. This paper presents a new scheme to support k-NN query on encrypted cloud database while preserving the privacy of database and query points. Our proposed approach only discloses limited information about the key to query users, and does not require an online data owner. Theoretical analysis and extensive experiments confirm the security and efficiency of our scheme.

Omar Chowdhury,Deepak Garg,Limin Jia,Anupam Datta

DOI: https://doi.org/10.48550/arXiv.1508.02448

2015-08-11

Abstract:Motivated by the problem of simultaneously preserving confidentiality and usability of data outsourced to third-party clouds, we present two different database encryption schemes that largely hide data but reveal enough information to support a wide-range of relational queries. We provide a security definition for database encryption that captures confidentiality based on a notion of equivalence of databases from the adversary's perspective. As a specific application, we adapt an existing algorithm for finding violations of privacy policies to run on logs encrypted under our schemes and observe low to moderate overheads.

Cryptography and Security

James Powers,Keke Chen

DOI: https://doi.org/10.1109/cloud.2013.122

2013-06-01

Abstract:With the development of sensor network, mobile computing, and web applications, data are now collected from many distributed sources to form big datasets. Such datasets can be hosted in the cloud to achieve economical processing and sharing. However, these data might be highly sensitive requiring secure storage and processing. We envision a cloud-based data storage and processing framework that enables users to economically and securely share and handle big datasets. Under this framework, we study the matrix-based data mining algorithms with a focus on the secure top-k eigenvector algorithm. Our approach uses an iterative processing model in which the authorized user interacts with the cloud to achieve the result. In this process, both the source matrix and the intermediate results keep confidential and the client-side incurs low costs. The security of this approach is guaranteed by using Paillier Encryption and a random perturbation technique. We carefully analyze its security under a cloud-specific threat model. Our experimental results show that the proposed method is scalable to big matrices while requiring low client-side costs.

Kun Yang,Chengliang Tian,Hequn Xian,Weizhong Tian,Yan Zhang

DOI: https://doi.org/10.1007/s11280-022-01093-4

2022-10-21

World Wide Web

Abstract:In the current cloud computing and big data era, outsourcing the storage and associated query operations of large-scale databases to cloud service providers has become an increasingly popular computing paradigm. However, due to the potential mutual distrust among the data owner (DO), cloud server (CS) and query user (QU), the risk of privacy disclosure constrains the wide deployment of this attractive computing paradigm. To handle this dilemma, various encryption approaches are designed to assure privacy during query processing over outsourced databases. Recently, Wu et al. (World Wide Web 22 (1), 101–123 2019) presented a 'secure' k -nearest neighbor ( k NN) classification scheme over encrypted cloud database which aimed to concurrently keep the privacy of the database, the DO's key, the QU's query, and the data access patterns. In this paper, we first revisit their scheme and present an efficient known-plaintext attack on the privacy of database with linearization technique. Then, we propose an improved scheme that outperforms the prior scheme in both security and efficiency. Precisely, on the security side, we realize the above four security intentions with rigorous theoretical arguments. On the efficiency side, our new design greatly reduces the computational overhead of the DO and the QU, and makes full use of the resources of two cloud servers by better balancing their computational loads. Finally, we measure the practical performance of our scheme from an experimental perspective, and the result corroborates our theoretical analysis.

Rui Li,Alex X. Liu,Huanle Xu,Ying Liu,Huaqiang Yuan

DOI: https://doi.org/10.1109/tdsc.2020.2998039

2022-01-01

IEEE Transactions on Dependable and Secure Computing

Abstract:Nearest neighbor query processing is a fundamental problem that arises in many fields such as spatial databases and machine learning. This article aims to address the Secure Nearest Neighbor (SNN) problem in cloud computing. Prior SNN schemes are both insecure and inefficient. In this article, we formally prove and experimentally demonstrate that the SNN scheme ASPE is actually insecure against even ciphertext only attacks. Although prior work proved that it is impossible to construct an SNN scheme even in much relaxed standard security models, we point out the flaws of the hardness proof. We propose an SNN scheme and prove that it is secure against adaptive chosen keyword attacks. Our scheme is efficient as its query processing complexity is logarithmic. To evaluate the efficiency of our SNN scheme, we implemented our scheme in C++ and compared its performance with a plain text scheme, binary scheme, and a PIR scheme on a large set of over 10 million real-world data points. Experimental results show that our scheme is fast (0.124 millisecond per query when data set size is 10 million) and scalable in terms of the number of data points.

computer science, information systems, software engineering, hardware & architecture

Riad Ladjel,Nicolas Anciaux,Aurélien Bellet,Guillaume Scerri

DOI: https://doi.org/10.48550/arXiv.2112.12411

2021-12-23

Abstract:Imagine a group of citizens willing to collectively contribute their personal data for the common good to produce socially useful information, resulting from data analytics or machine learning computations. Sharing raw personal data with a centralized server performing the computation could raise concerns about privacy and a perceived risk of mass surveillance. Instead, citizens may trust each other and their own devices to engage into a decentralized computation to collaboratively produce an aggregate data release to be shared. In the context of secure computing nodes exchanging messages over secure channels at runtime, a key security issue is to protect against external attackers observing the traffic, whose dependence on data may reveal personal information. Existing solutions are designed for the cloud setting, with the goal of hiding all properties of the underlying dataset, and do not address the specific privacy and efficiency challenges that arise in the above context. In this paper, we define a general execution model to control the data-dependence of communications in user-side decentralized computations, in which differential privacy guarantees for communication patterns in global execution plans can be analyzed by combining guarantees obtained on local clusters of nodes. We propose a set of algorithms which allow to trade-off between privacy, utility and efficiency. Our formal privacy guarantees leverage and extend recent results on privacy amplification by shuffling. We illustrate the usefulness of our proposal on two representative examples of decentralized execution plans with data-dependent communications.

Cryptography and Security,Databases,Distributed, Parallel, and Cluster Computing,Machine Learning

Yandong Zheng,Rongxing Lu,Songnian Zhang,Jun Shao,Hui Zhu

DOI: https://doi.org/10.1109/tdsc.2024.3376084

2024-01-01

IEEE Transactions on Dependable and Secure Computing

Abstract:As one of the most popular queries in big data era, the $k$ nearest neighbors ($k$NN) query plays a significant role in various applications, such as medical diagnosis, signal processing, and recommendation systems. Meanwhile, driven by the advancement of the cloud service, an emerging trend among applications is to outsource the dataset and the corresponding $k$NN query services to the cloud. However, as the cloud is not fully trusted, those applications will face vital privacy concerns, and thus they usually encrypt data before outsourcing them to the cloud. Because encrypted data are outsourced to cloud, the $k$NN query over encrypted data has become increasingly attractive, and many solutions have been put forth in recent years. However, existing solutions cannot fully satisfy the objects of returning exact query results, protecting database privacy and query privacy, achieving high query efficiency, and imposing low computational costs at the user side. To address these issues, in this paper, we propose a new practical and privacy-preserving $k$NN query scheme. Specifically, we first refine the general security requirements for the matrix encryption by systematically analyzing existing algorithms. Then, we design a novel asymmetric matrix encryption (AME) to securely achieve Euclidean distance computation and two distances comparison in a single-party and non-interactive way. Then, based on the AME scheme, we propose a privacy-preserving $k$NN query scheme, in which a max-heap of size $k$ is used to accelerate query efficiency. Detailed security analysis shows that our proposed scheme is really privacy-preserving. In addition, extensive performance evaluations are conducted, and the results demonstrate that our proposed scheme is also highly efficient.

computer science, information systems, software engineering, hardware & architecture

Kui Ren

DOI: https://doi.org/10.1145/3433210.3434067

2021-01-01

Abstract:In recent years, we have witnessed an upsurge in cyber-attacks and data breach incidents that put tremendous data at risk, affect millions of users, and cause severe economic losses. As an in-depth defence to counter the persistent and pervasive security threats, maintaining data in always encrypted form is becoming a trend and even a regulatory requirement. Satisfying the demand is particularly challenging in the context of databases, which, as a pillar in modern computing infrastructure, provide indispensable means to organize, store and retrieve data at different scales. The difficulty lies in how to perform the database query processing over encrypted data while meeting the requirements of security, performance, and complex query functions. This field has grown tremendously over the past two decades, though there is no dominant solution that is universally applicable. Solutions based on cryptographic techniques, e.g., searchable encryption or property-preserving encryption, can efficiently provide certain primitive operations for database queries. But studies have shown that their allowed leakage profiles can be (sometimes highly) exploitable. The recent advent of secure hardware enclaves opens up new opportunities. Yet, the first few enclave-based proposals mostly explore extreme design points that rest on strong assumptions (e.g., huge enclave) or result in weak security (e.g., leaking relations of ciphertexts). In this talk, we will overview these latest advancements and the potential challenges, respectively, and discuss the possible roadmap ahead towards practically more secure, efficient and functional encrypted databases.

Lin Liu,Jinshu Su,Ximeng Liu,Rongmao Chen,Kai Huang,Robert H. Deng,Xiaofeng Wang

DOI: https://doi.org/10.1109/jiot.2019.2932444

IF: 10.6

2019-01-01

IEEE Internet of Things Journal

Abstract:Nowadays, outsourcing data and machine learning tasks, e.g., k-nearest neighbor (KNN) classification, to clouds has become a scalable and cost-effective way for large scale data storage, management, and processing. However, data security and privacy issue have been a serious concern in outsourcing data to clouds. In this article, we propose a privacy-preserving KNN classification scheme on cloud data in a twin-cloud model based on an additively homomorphic cryptosystem and secret sharing. Compared with existing works, we redesign a set of lightweight building blocks, such as secure square Euclidean distance, secure comparison, secure sorting, secure minimum, and maximum number finding, and secure frequency calculating, which achieve the same security level but with higher efficiency. In our scheme, data owners stay offline, which is different from secure-multiparty computation-based solutions which require data owners' stay online during computation. In addition, query users do not interact with the cloud except sending query data and receiving the query results. Our security analysis shows that the scheme protects outsourced data security and query privacy, and hides access patterns. The experiments on real-world dataset indicate that our scheme is significantly more efficient than existing schemes.

D Ramesh,B Rama,Ramesh D,Rama B

DOI: https://doi.org/10.11591/ijece.v8i6.pp5443-5448

2018-12-01

International Journal of Electrical and Computer Engineering (IJECE)

Abstract:The main role of key assortment crypto techniques will helpful to provide the security to the sensitive data and play the key role for business developments. Some of the problems are rising when the scheme will sustain the possession control to present the latest set of technical and business concerns. Some of the complex challenges are waiting for the optimistic solutions. The challenges are: In the planned storage confidentiality implicated outline, the stipulation of encryption framework for the data which is conserve the self tunning to execute major key constratints by concerining their files which is imposed plaintext belonging, the owners of the privacy-data preserve the seclusion power over their own information to formulate assured wide-ranging service operations and the owners of data are facing the complexity to organize their possess data which is accessible-mode in cloud servers, concerned inner services: topology architecture type of implicated data with their operations, associated secrecy-privacy-secrecy dynamic replicas for make use of the databased security within their range of format and secretarial services with their encrypted data execution control. To overcome theses in convinces this paper is proposing the technical ideals through the algorithmic methodology along the graphical flow based architecture. This paper is proposing the key assortment crypto techniques implicated algorithm for clients and end-users to reduce the above mention complex difficulties; it describes the primary encryption implicated techniques and various levels of cryptographic algorithms with their implications along with extensions of cloud implicated data security and digital forensics implicated appliances which is implicated with enhanced various hash functions.

English Else

Tirthak Patel,Daniel Silver,Aditya Ranjan,Harshitta Gandhi,William Cutler,Devesh Tiwari

2023-08-01

Abstract:Quantum computing is an emerging paradigm that has shown great promise in accelerating large-scale scientific, optimization, and machine-learning workloads. With most quantum computing solutions being offered over the cloud, it has become imperative to protect confidential and proprietary quantum code from being accessed by untrusted and/or adversarial agents. In response to this challenge, we propose SPYCE, which is the first known solution to obfuscate quantum code and output to prevent the leaking of any confidential information over the cloud. SPYCE implements a lightweight, scalable, and effective solution based on the unique principles of quantum computing to achieve this task.

Quantum Physics,Hardware Architecture,Distributed, Parallel, and Cluster Computing,Emerging Technologies

Haibo Hu,Jianliang Xu,Xizhong Xu,Kexin Pei,Byron Choi,Shuigeng Zhou

DOI: https://doi.org/10.1109/icde.2014.6816687

2014-01-01

Abstract:Query processing that preserves both the query privacy at the client and the data privacy at the server is a new research problem. It has many practical applications, especially when the queries are about the sensitive attributes of records. However, most existing studies, including those originating from data outsourcing, address the data privacy and query privacy separately. Although secure multiparty computation (SMC) is a suitable computing paradigm for this problem, it has significant computation and communication overheads, thus unable to scale up to large datasets. Fortunately, recent advances in cryptography bring us two relevant tools - conditional oblivious transfer and homomorphic encryption. In this paper, we integrate database indexing techniques with these tools in the context of private search on key-value stores. We first present an oblivious index traversal framework, in which the server cannot trace the index traversal path of a query during evaluation. The framework is generic and can support a wide range of query types with a suitable homomorphic encryption algorithm in place. Based on this framework, we devise secure protocols for classic key search queries on B+-tree and R-tree indexes. Our approach is verified by both security analysis and performance study.