Privacy preserving query processing on outsourced data via secure multiparty computation

Recent advances in technology have given rise to the popularity and success of many data- related services. This new paradigm allows the client to reduce the cost of operations by providing cost-efficient architectures that support the storage and intensive computation of data, and hence increases t...

Full description

Saved in:
Bibliographic Details
Main Author: Do, Hoang Giang
Other Authors: Ng Wee Keong
Format: Theses and Dissertations
Language:English
Published: 2018
Subjects:
Online Access:http://hdl.handle.net/10356/73577
Tags: Add Tag
No Tags, Be the first to tag this record!
Institution: Nanyang Technological University
Language: English
id sg-ntu-dr.10356-73577
record_format dspace
institution Nanyang Technological University
building NTU Library
continent Asia
country Singapore
Singapore
content_provider NTU Library
collection DR-NTU
language English
topic DRNTU::Engineering::Computer science and engineering
spellingShingle DRNTU::Engineering::Computer science and engineering
Do, Hoang Giang
Privacy preserving query processing on outsourced data via secure multiparty computation
description Recent advances in technology have given rise to the popularity and success of many data- related services. This new paradigm allows the client to reduce the cost of operations by providing cost-efficient architectures that support the storage and intensive computation of data, and hence increases the throughput of businesses. However, these promising data services incur multiple and challenging design issues, considerably due to the leakage of confidential data. Losing control over the hardware typically means giving the rights of data access to a third party; as a result, the client faces new threats coming from the server-side. Typical data-management service providers should not be fully trusted, thus storing encrypted data needs to be considered for high-level security assurance. Another potential threat is employees who do not follow the company’s privacy policies and may, intention- ally or unintentionally, reveal sensitive client information. Even when the provider claims to enforce strict policies pertaining to privacy, there is still a chance that the database systems are vulnerable to malicious external attacks. This thesis aims at investigating privacy–preserving solutions for various important data query classes in different ubiquitous scenarios. The security issues of existing secure data processing protocols are also discussed. We focus on the provision of a rigorous security guarantee when processing data and answering queries. Cryptographic techniques from multi-party secure computation are leveraged to enhance security. Specifically, our proposed research objectives are as follows: • The security problem will be analyzed under the semi-honest secure multi-party computation model. The semi-honest model assumes all the participating parties correctly follow the protocol specifications but actively collect information from the data storage and data processing protocols to discover confidential data. • Security requirements for various secure data processing models are proposed to ensure strong confidentiality protection. In this thesis, by considering access pattern and query privacy requirements, we aim to address the security limitations of the existing solutions. • Security requirements for various secure data processing models are proposed to ensure strong confidentiality protection. In this thesis, by considering access pattern and query privacy requirements, we aim to address the security limitations of the existing solutions. • We investigate various secure query processing algorithms in different ubiquitous scenarios: (i) Secure Conjunctive Matching - A solution supports conjunctive queries over an encrypted numerical dataset. An extension to support range queries is also proposed. (ii) Boolean Keyword Search - A scheme allows the client to securely evaluate a boolean expression on a keyword set for an encrypted outsourced corpus of documents. (iii) Multi-dimensional Range Query - a set of protocols support multi-dimensional range queries over a set of points of high dimensional space. The high dimen- sional space represents the multidimensional datasets of numerical domains. (iv) Secure Confidential Information verification. - a framework for verifying per- sonal or confidential information against a set of criteria. The proposed frame- work addresses a number of shortcomings of the current state of the process of physical document verification. These protocols are proposed, analyzed, and evaluated under the semi-honest model and with the proposed security requirements.
author2 Ng Wee Keong
author_facet Ng Wee Keong
Do, Hoang Giang
format Theses and Dissertations
author Do, Hoang Giang
author_sort Do, Hoang Giang
title Privacy preserving query processing on outsourced data via secure multiparty computation
title_short Privacy preserving query processing on outsourced data via secure multiparty computation
title_full Privacy preserving query processing on outsourced data via secure multiparty computation
title_fullStr Privacy preserving query processing on outsourced data via secure multiparty computation
title_full_unstemmed Privacy preserving query processing on outsourced data via secure multiparty computation
title_sort privacy preserving query processing on outsourced data via secure multiparty computation
publishDate 2018
url http://hdl.handle.net/10356/73577
_version_ 1759855120567238656
spelling sg-ntu-dr.10356-735772023-03-04T00:52:28Z Privacy preserving query processing on outsourced data via secure multiparty computation Do, Hoang Giang Ng Wee Keong School of Computer Science and Engineering DRNTU::Engineering::Computer science and engineering Recent advances in technology have given rise to the popularity and success of many data- related services. This new paradigm allows the client to reduce the cost of operations by providing cost-efficient architectures that support the storage and intensive computation of data, and hence increases the throughput of businesses. However, these promising data services incur multiple and challenging design issues, considerably due to the leakage of confidential data. Losing control over the hardware typically means giving the rights of data access to a third party; as a result, the client faces new threats coming from the server-side. Typical data-management service providers should not be fully trusted, thus storing encrypted data needs to be considered for high-level security assurance. Another potential threat is employees who do not follow the company’s privacy policies and may, intention- ally or unintentionally, reveal sensitive client information. Even when the provider claims to enforce strict policies pertaining to privacy, there is still a chance that the database systems are vulnerable to malicious external attacks. This thesis aims at investigating privacy–preserving solutions for various important data query classes in different ubiquitous scenarios. The security issues of existing secure data processing protocols are also discussed. We focus on the provision of a rigorous security guarantee when processing data and answering queries. Cryptographic techniques from multi-party secure computation are leveraged to enhance security. Specifically, our proposed research objectives are as follows: • The security problem will be analyzed under the semi-honest secure multi-party computation model. The semi-honest model assumes all the participating parties correctly follow the protocol specifications but actively collect information from the data storage and data processing protocols to discover confidential data. • Security requirements for various secure data processing models are proposed to ensure strong confidentiality protection. In this thesis, by considering access pattern and query privacy requirements, we aim to address the security limitations of the existing solutions. • Security requirements for various secure data processing models are proposed to ensure strong confidentiality protection. In this thesis, by considering access pattern and query privacy requirements, we aim to address the security limitations of the existing solutions. • We investigate various secure query processing algorithms in different ubiquitous scenarios: (i) Secure Conjunctive Matching - A solution supports conjunctive queries over an encrypted numerical dataset. An extension to support range queries is also proposed. (ii) Boolean Keyword Search - A scheme allows the client to securely evaluate a boolean expression on a keyword set for an encrypted outsourced corpus of documents. (iii) Multi-dimensional Range Query - a set of protocols support multi-dimensional range queries over a set of points of high dimensional space. The high dimen- sional space represents the multidimensional datasets of numerical domains. (iv) Secure Confidential Information verification. - a framework for verifying per- sonal or confidential information against a set of criteria. The proposed frame- work addresses a number of shortcomings of the current state of the process of physical document verification. These protocols are proposed, analyzed, and evaluated under the semi-honest model and with the proposed security requirements. Doctor of Philosophy (SCE) 2018-03-29T07:20:54Z 2018-03-29T07:20:54Z 2018 Thesis Do, H. G. (2018). Privacy preserving query processing on outsourced data via secure multiparty computation. Doctoral thesis, Nanyang Technological University, Singapore. http://hdl.handle.net/10356/73577 10.32657/10356/73577 en 149 p. application/pdf