Chenghong Wang,Lina Qiu,Johes Bater,Yukui Luo

2024-04-29

Abstract:Secure collaborative analytics (SCA) enable the processing of analytical SQL queries across multiple owners' data, even when direct data sharing is not feasible. Although essential for strong privacy, the large overhead from data-oblivious primitives in traditional SCA has hindered its practical adoption. Recent SCA variants that permit controlled leakages under differential privacy (DP) show a better balance between privacy and efficiency. However, they still face significant challenges, such as potentially unbounded privacy loss, suboptimal query planning, and lossy processing. To address these challenges, we introduce SPECIAL, the first SCA system that simultaneously ensures bounded privacy loss, advanced query planning, and lossless processing. SPECIAL employs a novel synopsis-assisted secure processing model, where a one-time privacy cost is spent to acquire private synopses (table statistics) from owner data. These synopses then allow SPECIAL to estimate (compaction) sizes for secure operations (e.g., filter, join) and index encrypted data without extra privacy loss. Crucially, these estimates and indexes can be prepared before runtime, thereby facilitating efficient query planning and accurate cost estimations. Moreover, by using one-sided noise mechanisms and private upper bound techniques, SPECIAL ensures strict lossless processing for complex queries (e.g., multi-join). Through a comprehensive benchmark, we show that SPECIAL significantly outperforms cutting-edge SCAs, with up to 80X faster query times and over 900X smaller memory for complex queries. Moreover, it also achieves up to an 89X reduction in privacy loss under continual processing.

Cryptography and Security,Databases

Jinfei Liu,Juncheng Yang,Li Xiong,Jian Pei

DOI: https://doi.org/10.1109/icde.2017.117

2017-01-01

Abstract:Outsourcing data and computation to cloud server provides a cost-e ective way to support large scale data storage and query processing. However, due to security and privacy concerns, sensitive data (e.g., medical records) need to be protected from the cloud server and other unauthorized users. One approach is to outsource encrypted data to the cloud server and have the cloud server perform query processing on the encrypted data only. It remains a challenging task to support various queries over encrypted data in a secure and e cient way such that the cloud server does not gain any knowledge about the data, query, and query result. In this paper, we study the problem of secure skyline queries over encrypted data. The skyline query is particularly important for multicriteria decision making but also presents significant challenges due to its complex computations. We propose a fully secure skyline query protocol on data encrypted using semanticallysecure encryption. As a key subroutine, we present a new secure dominance protocol, which can be also used as a building block for other queries. Finally, we provide both serial and parallelized implementations and empirically study the protocols in terms of e ciency and scalability under di erent parameter settings, verifying the feasibility of our proposed solutions.

Youwen Zhu,Liusheng Huang,Wei Yang,Fan Dong

DOI: https://doi.org/10.4304/jcp.5.11.1678-1685

2010-01-01

Abstract:In recent years, privacy protection has become an important topic when cooperative computation is performed in distributed environments. This paper puts forward efficient protocols for computing the multi-dimensional aggregates in distributed environments while keeping privacy preserving. We propose a novel model, which contains two crucial stages: local computation and cooperative computation based on secure multiparty computation protocols for privacy-preserving on-line analytical processing. According to the new model, we develop approaches to privacy-preserving count aggregate query over both horizontally partitioned data and vertically partitioned data. We, meanwhile, propose an efficient sub-protocol Two-Round Secure Sum Protocol. Theoretical analysis indicates that our solutions are secure and the answers are exactly accurate, that is, they can securely obtain the exact answer to aggregate query without revealing anything about their confidential data to each other. We also analyze detailedly the communication cost and computation complexity of our schemes in the paper and it shows that the new solutions have good linear complexity. No privacy loss and exact accuracy are two main significant advantages of our new schemes.

Huaijin Wang,Zhibo Liu,Yanbo Dai,Shuai Wang,Qiyi Tang,Sen Nie,Shi Wu

2024-12-02

Abstract:Software composition analysis (SCA) denotes the process of identifying open-source software components in an input software application. SCA has been extensively developed and adopted by academia and industry. However, we notice that the modern SCA techniques in industry scenarios still need to be improved due to privacy concerns. Overall, SCA requires the users to upload their applications' source code to a remote SCA server, which then inspects the applications and reports the component usage to users. This process is privacy-sensitive since the applications may contain sensitive information, such as proprietary source code, algorithms, trade secrets, and user data. Privacy concerns have prevented the SCA technology from being used in real-world scenarios. Therefore, academia and the industry demand privacy-preserving SCA solutions. For the first time, we analyze the privacy requirements of SCA and provide a landscape depicting possible technical solutions with varying privacy gains and overheads. In particular, given that de facto SCA frameworks are primarily driven by code similarity-based techniques, we explore combining several privacy-preserving protocols to encapsulate the similarity-based SCA framework. Among all viable solutions, we find that multi-party computation (MPC) offers the strongest privacy guarantee and plausible accuracy; it, however, incurs high overhead (184 times). We optimize the MPC-based SCA framework by reducing the amount of crypto protocol transactions using program analysis techniques. The evaluation results show that our proposed optimizations can reduce the MPC-based SCA overhead to only 8.5% without sacrificing SCA's privacy guarantee or accuracy.

Software Engineering,Cryptography and Security

Chen Luo,Fei He,Fei Peng,Dong Yan,Dan Zhang,Xin Zhou

DOI: https://doi.org/10.1109/tdsc.2019.2914209

2021-01-01

IEEE Transactions on Dependable and Secure Computing

Abstract:Business organizations regularly collect customer data to improve their services. Organizations may want to share data within themselves or even with third-parties to maximize data utility. Since business data contain lots of customer data, organizations must respect customers' privacy expounded by privacy laws. In this paper, we present PSpec-SQL, a distributed data analytics system that automatically enforces privacy compliance for SQL queries. Our system provides a high-level language PSpec for the data owner to specify her data usage policy. As usual, the data analyst queries data to perform data analysis, but our system checks each query to ensure only policy-compliant queries are executed. We have implemented a prototype of PSpec-SQL on top of Spark-SQL, and carried out a case study on the TPC benchmarks. The results show the practicability of our system with negligible overhead over query processing.

Haoyang Wang,Kai Fan,Chong Yu,Kuan Zhang,Fenghua Li,Hui Li,Yintang Yang,Haojin Zhu

DOI: https://doi.org/10.1109/tsc.2023.3333347

IF: 11.019

2023-01-01

IEEE Transactions on Services Computing

Abstract:Aerial computing is gradually playing an essential role in edge and fog computing paradigms by virtue of mobility, availability, scalability, flexibility, and simultaneity, where the Low-altitude Computing (LAC) platform, as the end close to the data sources, is mainly responsible for data collection and storage. However, because of the long physical distance of data transmission and the vulnerability of the transmission link to various attacks, how to efficiently share the stored data while ensuring data privacy is a critical issue for LAC at present. In this paper, we propose a lightweight and secure private data storage and sharing scheme to support range queries over encrypted multi-dimensional data. Specifically, we first propose two data conversion methods for transforming location features and collected log files with multi-dimensional attributes in Unmanned Aerial Vehicles (UAVs). Based on the ideas of asymmetric scalar-product-preserving encryption (ASPE) and inner product comparison (IPC), we design a privacy-preserving storage and sharing technique for the converted data. In addition, to achieve secure and efficient data querying and result verification, we design a secure data index and build a data authentication structure (DAS) with G-tree. Finally, we rigorously analyze the security of our proposed scheme and conduct extensive experiments on a real-world database to prove that our proposed scheme is secure and easy to use in practical application scenarios.

computer science, information systems, software engineering

Jiabo Wang,Elmo Xuyun Huang,Pu Duan,Huaxiong Wang,Kwok-Yan Lam

2024-10-07

Abstract:Enforcement of privacy regulation is essential for collaborative data analytics. In this work, we address a scenario in which two companies expect to securely join their datasets with respect to their common customers to maximize data insights. Apart from the necessary protection of raw data, it becomes more challenging to protect the identities and attributes of common customers, as it requires participants to align their records associated with common customers without knowing who they are. We proposed a solution, dubbed PSA, for this scenario, which is effectively applicable to real-world use cases, such as evaluating advertising conversion using data from both publishers and merchants. The contributions of this work are threefold: 1. We defined the notion of PSA with two levels of privacy protection and proposed novel PSA protocols based on the modified oblivious switching network, which leverages efficient symmetric key operations and offline precomputation to save online run time. 2. We implemented and benchmarked the proposed protocols in different network conditions by joining two datasets, each at the scale of one million records, in 35.5 sec on a single thread with a network bandwidth of 500 Mbps, resulting in an X100 improvement over the existing Homomorphic based protocols. 3. We give new proof for an algorithm of quasi-linear complexity that constructs an oblivious switching network to achieve a target permutation distinct from the existing one in the literature.

Cryptography and Security

Li Ye,Zoe L. Jiang,Wang Xuan,S. M. Yiu,Liao Qing

DOI: https://doi.org/10.1109/DSC.2017.80

2017-01-01

Abstract:Many companies want to share data for data-mining tasks. However, the privacy and security concerns become a bottleneck in the data sharing filed. The secure multiparty computation (SMC)-based privacy-preserving data mining has emerged as a solution to this problem. However, traditional SMC solutions are inefficient. We introduce the method of outsourcing to reduce the computation cost of user's side. In order to preserve the privacy of the sharing data, we propose an outsourced privacy-preserving C4.5 algorithm on arbitrarily partitioned databases based on the outsourced accountable computing for finding frequent itemsets (OACFFI) and the outsourced weighted average computing (OWAC) protocols. As a result, we show that our method can achieve similar result with the original C4.5 decision tree algorithm, but also preserve the privacy of the data. We prove that there is a sublinear relationship between the computational cost of user side and the number of participating parties.

Youwen Zhu,Liusheng Huang,Tsuyoshi Takagi,Mingwu Zhang

DOI: https://doi.org/10.1142/s0218126612500090

2012-01-01

Journal of Circuits Systems and Computers

Abstract:Recently, growing privacy concerns have received more and more attention and it becomes a significant topic on how to preserve private-sensitive information from being violated in distributed cooperative computation. In this paper, we first propose a novel-general privacy-preserving online analytical processing model based on secure multiparty computation. Then, based on the new model, two schemes to privacy-preserving count aggregate query over both horizontally partitioned data and vertically partitioned data are proposed. Additionally, we also propose several efficient subprotocols that serve as the basic secure buildings. Furthermore, we analyze correctness, security, communication cost, and computation complexity of our proposed protocols, and show that the new schemes are secure, having good linear complexity and that the query results are exactly accurate.

Hai Jin,Xiaofeng Ding,K. Choo,Zuan Wang,Pan Zhou

DOI: https://doi.org/10.1109/TIFS.2021.3109459

IF: 7.231

IEEE Transactions on Information Forensics and Security

Abstract:One existing challenge associated with large scale skyline queries on cloud services, particularly when dealing with private information such as biomedical data, is supporting multi-party queries with curious-but-honest parties on encrypted data. In addition, existing solutions designed for performing secure skyline queries incur significant communication and computation costs due to ciphertext calculation. Thus, in this paper, we demonstrate the potential of supporting privacy-preserving multi-party skyline queries on encrypted data using additive homomorphic and proxy re-encryption cryptosystems. However, the secure computation based on these cryptosystems will further slow down query efficiency. To improve the efficiency of comparison on encrypted data, we redesign two lightweight secure comparison protocols. Meanwhile, we present an efficient method named “blind-reading” to securely obtain the skyline point. We also propose a novel method, Privacy Matrix, designed to reduce the scale of the dataset so that the computational cost is significantly decreased without privacy leakage. Then, we construct our secure skyline query protocol by integrating lightweight secure comparison protocols, “blind-reading” and Privacy Matrix techniques. Finally, we evaluate the security of our protocol, where we show it is secure without leaking information. The performance evaluation also shows that our proposed approach significantly improves the efficiency (at least $\times 4.5$ faster) compared to the-state-of-art and has the scalability of query processing under large datasets.

Medicine,Computer Science

Hong Liu,Huansheng Ning,Qingxu Xiong,Laurence T. Yang

DOI: https://doi.org/10.1109/tpds.2014.2308218

IF: 5.3

2015-01-01

IEEE Transactions on Parallel and Distributed Systems

Abstract:Cloud computing is an emerging data interactive paradigm to realize users' data remotely stored in an online cloud server. Cloud services provide great conveniences for the users to enjoy the on-demand cloud applications without considering the local infrastructure limitations. During the data accessing, different users may be in a collaborative relationship, and thus data sharing becomes significant to achieve productive benefits. The existing security solutions mainly focus on the authentication to realize that a user's privative data cannot be illegally accessed, but neglect a subtle privacy issue during a user challenging the cloud server to request other users for data sharing. The challenged access request itself may reveal the user's privacy no matter whether or not it can obtain the data access permissions. In this paper, we propose a shared authority based privacy-preserving authentication protocol (SAPA) to address above privacy issue for cloud storage. In the SAPA, 1) shared access authority is achieved by anonymous access request matching mechanism with security and privacy considerations (e.g., authentication, data anonymity, user privacy, and forward security); 2) attribute based access control is adopted to realize that the user can only access its own data fields; 3) proxy re-encryption is applied to provide data sharing among the multiple users. Meanwhile, universal composability (UC) model is established to prove that the SAPA theoretically has the design correctness. It indicates that the proposed protocol is attractive for multi-user collaborative cloud applications.

computer science, theory & methods,engineering, electrical & electronic

Taeho Jung,Junze Han,Xiang-Yang Li

DOI: https://doi.org/10.1109/tdsc.2016.2577034

2018-01-01

IEEE Transactions on Dependable and Secure Computing

Abstract:Third-party analysis on private records is becoming increasingly important due to the widespread data collection for various analysis purposes. However, the data in its original form often contains sensitive information about individuals, and its publication will severely breach their privacy. In this paper, we present a novel Privacy-preserving Data Analytics framework PDA, which allows a third-party aggregator to obliviously conduct many different types of polynomial-based analysis on private data records provided by a dynamic sub-group of users. Notably, every user needs to keep only $O(n)$ keys to join data analysis among $O(2^n)$ different groups of users, and any data analysis that is represented by polynomials is supported by our framework. Besides, a real implementation shows the performance of our framework is comparable to the peer works who present ad-hoc solutions for specific data analysis applications. Despite such nice properties of PDA, it is provably secure against a very powerful attacker (chosen-plaintext attack) even in the Dolev-Yao network model where all communication channels are insecure.

Shuo Shen,Xinyan Zhu,Yanlei Ma,XIe Xiang,Sun Lilin,Xie Hongjun,An Rui

DOI: https://doi.org/10.48550/arXiv.2207.13069

2022-07-22

Cryptography and Security

Abstract:Spatial data sharing plays a significant role in opening data research and promoting government agency transparency. However, valuable spatial data, like high-precision geographic information and personal traffic records, cannot be made public because they may incur leakage risks such as intrusion, theft, and the unauthorised sale of proprietary information. When participants with confidential data distrust each other but want to use the other datasets for calculations, the most common solution is to provide their original data to a trusted third party. However, the trusted third party frequently risks being attacked and having the data leaked. To maintain data controllability, most companies and organisations refuse to share their data. In this study, we introduce secure multi-party computation to spatial data sharing to address the sharing problem. Additionally, we describe the design and implementation of the protocols of two exploratory spatial data analyses: global Moran's I and local Moran's I. Furthermore, we build a system to demonstrate process realisation and results visualisation. Comparing our system with existing data-sharing schemes, our system Identifies the correct result without incurring leaking risks during spatial data sharing.

Jianfeng Huang,Dongjing Miao,Xin Liu

2023-09-21

Abstract:Modern data-driven applications require that databases support fast cross-model analytical queries. Achieving fast analytical queries in a database system is challenging since they are usually scan-intensive (i.e., they need to intensively scan over a large number of records) which results in huge I/O and memory costs. And it becomes tougher when the analytical queries are cross-model. It is hard to accelerate cross-model analytical queries in existing databases due to the lack of appropriate storage layout and efficient query processing techniques. In this paper, we present QUEST (QUery Evaluation Scheme Towards scan-intensive cross-model analysis) to push scan-intensive queries down to unified columnar storage layout and seamlessly deliver payloads across different data models. QUEST employs a columnar data layout to unify the representation of multi-model data. Then, a novel index structure named Skip-Tree is developed for QUEST to enable the query evaluation more efficient. With the help of two pairwise bitset-based operations coupled with Skip-Tree, the scan of most irrelevant instances can be pruned so as to avoid the giant intermediate result, thus reducing query response latency and saving the computational resources significantly when evaluating scan-intensive cross-model analysis. The proposed methods are implemented on an open-source platform. Through comprehensive theoretical analysis and extensive experiments, we demonstrate that QUEST improves the performance by 3.7x - 178.2x compared to state-of-the-art multi-model databases when evaluating scan-intensive cross-model analytical queries.

Databases

Royce J Wilson,Celia Yuxin Zhang,William Lam,Damien Desfontaines,Daniel Simmons-Marengo,Bryant Gipson

DOI: https://doi.org/10.2478/popets-2020-0025

2020-04-01

Proceedings on Privacy Enhancing Technologies

Abstract:Abstract Differential privacy (DP) provides formal guarantees that the output of a database query does not reveal too much information about any individual present in the database. While many differentially private algorithms have been proposed in the scientific literature, there are only a few end-to-end implementations of differentially private query engines. Crucially, existing systems assume that each individual is associated with at most one database record, which is unrealistic in practice. We propose a generic and scalable method to perform differentially private aggregations on databases, even when individuals can each be associated with arbitrarily many rows. We express this method as an operator in relational algebra, and implement it in an SQL engine. To validate this system, we test the utility of typical queries on industry benchmarks, and verify its correctness with a stochastic test framework we developed. We highlight the promises and pitfalls learned when deploying such a system in practice, and we publish its core components as open-source software.

English Else

Haibo Hu,Jianliang Xu,Xizhong Xu,Kexin Pei,Byron Choi,Shuigeng Zhou

DOI: https://doi.org/10.1109/icde.2014.6816687

2014-01-01

Abstract:Query processing that preserves both the query privacy at the client and the data privacy at the server is a new research problem. It has many practical applications, especially when the queries are about the sensitive attributes of records. However, most existing studies, including those originating from data outsourcing, address the data privacy and query privacy separately. Although secure multiparty computation (SMC) is a suitable computing paradigm for this problem, it has significant computation and communication overheads, thus unable to scale up to large datasets. Fortunately, recent advances in cryptography bring us two relevant tools - conditional oblivious transfer and homomorphic encryption. In this paper, we integrate database indexing techniques with these tools in the context of private search on key-value stores. We first present an oblivious index traversal framework, in which the server cannot trace the index traversal path of a query during evaluation. The framework is generic and can support a wide range of query types with a suitable homomorphic encryption algorithm in place. Based on this framework, we devise secure protocols for classic key search queries on B+-tree and R-tree indexes. Our approach is verified by both security analysis and performance study.

Xiuxia Tian,Chaofeng Sha,Xiaoling Wang,Aoying Zhou

DOI: https://doi.org/10.1007/978-3-642-20149-3_10

2011-01-01

Abstract:Database as a Service(DaaS) is a paradigm for data management in which the Database Service Provider(DSP), usually a professional third party for data management, can host the database as a service. Many security and query problems are brought about because of the possible untrusted or malicious DSP in this context. Most of the proposed papers are concentrated on using symmetric encryption to guarantee the confidentiality of the delegated data, and using partition based index to help execute the privacy preserving range query. However. encryption and decryption operations on large volume of data are time consuming, and query results always consist of many irrelevant data tuples. Different from encryption based scheme, in this paper, we present a secret share based scheme to guarantee the confidentiality of delegated data. And what is more important. we construct a privacy preserving index to accelerate query and to help return the exactly required data tuples. Finally we analyze the security properties and demonstrate the efficiency and query response time of our approach through empirical data.

Wei Yang,Liusheng Huang,Xiaorong Lu,Yao Shen

DOI: https://doi.org/10.1109/sahcn.2016.7732973

2016-01-01

Abstract:In a number of networking applications, preserving the privacy of user-related data in data aggregation schemes is a fundamental issue. As a fact, many privacy-preserving protocols can be guaranteed with security against individual attacks, but they may be threatened by collusion between participants. Therefore, security analysis, especially for collusion attack analysis, plays an essential role in privacy-preserving data aggregation protocols. There do exist a few collusion attack schemes on data aggregation protocols, but none study the internal security mechanism of these protocols. In this paper, to our best knowledge, we are the first to propose a new kind of collusion attack analysis tool, which is named CAE (Collusion Attack Emulator). We employ it to check and judge the security of several existing privacy-preserving data aggregation schemes. We first show that for an aggregation scheme which has been known to be vulnerable under collusion attack, we can use CAE to explain why it is insecure. Then we demonstrate the blind detection function of CAE, i.e., we do not know whether an aggregation protocol is secure beforehand, and employ CAE to check its security and (if the protocol cannot pass the CAE test and thus to be insecure) to find its loophole.

Songlei Wang,Yifeng Zheng,Xiaohua Jia,Cong Wang

DOI: https://doi.org/10.1109/tifs.2024.3409089

IF: 7.231

2024-06-14

IEEE Transactions on Information Forensics and Security

Abstract:It is increasingly common for enterprises/ organizations to outsource graph analytics services to the cloud. For example, enterprises may leverage the cloud to store and query large attributed graphs. Among others, subgraph matching over a large attributed graph is a common and fundamental query functionality for graph analytics. It aims to retrieve all isomorphic subgraphs for a small query graph and greatly benefits various application domains like cheminformatics, social network analysis, and anti-money laundering. Deploying subgraph matching service in the cloud, however, poses a threat to the privacy of the information-rich graph data as the cloud gains access to the attributed graph, query graph, and query result. Given this, several works have been proposed for supporting privacy-aware subgraph matching. However, prior works only consider a weak semi-honest threat model and cannot provide integrity guarantees for the subgraph matching results in case of malicious adversary. In light of this, we design, implement, and evaluate eGrass, a new system enabling maliciously secure attributed subgraph matching service outsourced to the cloud. In addition to offer protection for graph data confidentiality, eGrass is also designed to hide search access patterns as well as defend against malicious cloud server attempting to compromise the result integrity. We conduct extensive experiments on a real-world dataset. The results demonstrate that compared to the state-of-the-art previous protocol with semi-honest security, eGrass is only slower in query latency, uses more communication, and does not require extra cloud-side storage.

computer science, theory & methods,engineering, electrical & electronic

Ye Li,Zoe L. Jiang,Lin Yao,Xuan Wang,S. M. Yiu,Zhengan Huang

DOI: https://doi.org/10.1007/s10586-017-1019-9

2017-01-01

Cluster Computing

Abstract:Many companies want to share data for data-mining tasks. However, privacy and security concerns have become a bottleneck in the data-sharing field. The secure multiparty computation (SMC)-based privacy-preserving data mining has emerged as a solution to this problem. However, there is heavy computation cost at user side in traditional SMC solutions. This study introduces an outsourcing method to reduce the computation cost of the user side. We also preserve the privacy of the shared databy proposing an outsourced privacy-preserving C4.5 algorithm over horizontally and vertically partitioned data for multiple parties based on the outsourced privacy preserving weighted average protocol (OPPWAP) and outsourced secure set intersection protocol (OSSIP). Consequently, we have found that our method can achieve a result same the original C4.5 decision tree algorithm while preserving data privacy. Furthermore, we also implement the proposed protocols and the algorithms. It shows that a sublinear relationship exists between the computational cost of the user side and the number of participating parties.