Privacy preserving query processing on outsourced data via secure multiparty computation
Recent advances in technology have given rise to the popularity and success of many data- related services. This new paradigm allows the client to reduce the cost of operations by providing cost-efficient architectures that support the storage and intensive computation of data, and hence increases t...
Saved in:
Main Author: | |
---|---|
Other Authors: | |
Format: | Theses and Dissertations |
Language: | English |
Published: |
2018
|
Subjects: | |
Online Access: | http://hdl.handle.net/10356/73577 |
Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
Institution: | Nanyang Technological University |
Language: | English |
id |
sg-ntu-dr.10356-73577 |
---|---|
record_format |
dspace |
institution |
Nanyang Technological University |
building |
NTU Library |
continent |
Asia |
country |
Singapore Singapore |
content_provider |
NTU Library |
collection |
DR-NTU |
language |
English |
topic |
DRNTU::Engineering::Computer science and engineering |
spellingShingle |
DRNTU::Engineering::Computer science and engineering Do, Hoang Giang Privacy preserving query processing on outsourced data via secure multiparty computation |
description |
Recent advances in technology have given rise to the popularity and success of many data- related services. This new paradigm allows the client to reduce the cost of operations by providing cost-efficient architectures that support the storage and intensive computation of data, and hence increases the throughput of businesses. However, these promising data services incur multiple and challenging design issues, considerably due to the leakage of confidential data. Losing control over the hardware typically means giving the rights of data access to a third party; as a result, the client faces new threats coming from the server-side. Typical data-management service providers should not be fully trusted, thus storing encrypted data needs to be considered for high-level security assurance. Another potential threat is employees who do not follow the company’s privacy policies and may, intention- ally or unintentionally, reveal sensitive client information. Even when the provider claims to enforce strict policies pertaining to privacy, there is still a chance that the database systems are vulnerable to malicious external attacks. This thesis aims at investigating privacy–preserving solutions for various important data query classes in different ubiquitous scenarios. The security issues of existing secure data processing protocols are also discussed. We focus on the provision of a rigorous security guarantee when processing data and answering queries. Cryptographic techniques from multi-party secure computation are leveraged to enhance security. Specifically, our proposed research objectives are as follows: • The security problem will be analyzed under the semi-honest secure multi-party computation model. The semi-honest model assumes all the participating parties correctly follow the protocol specifications but actively collect information from the data storage and data processing protocols to discover confidential data. • Security requirements for various secure data processing models are proposed to ensure strong confidentiality protection. In this thesis, by considering access pattern and query privacy requirements, we aim to address the security limitations of the existing solutions. • Security requirements for various secure data processing models are proposed to ensure strong confidentiality protection. In this thesis, by considering access pattern and query privacy requirements, we aim to address the security limitations of the existing solutions. • We investigate various secure query processing algorithms in different ubiquitous scenarios: (i) Secure Conjunctive Matching - A solution supports conjunctive queries over an encrypted numerical dataset. An extension to support range queries is also proposed. (ii) Boolean Keyword Search - A scheme allows the client to securely evaluate a boolean expression on a keyword set for an encrypted outsourced corpus of documents. (iii) Multi-dimensional Range Query - a set of protocols support multi-dimensional range queries over a set of points of high dimensional space. The high dimen- sional space represents the multidimensional datasets of numerical domains. (iv) Secure Confidential Information verification. - a framework for verifying per- sonal or confidential information against a set of criteria. The proposed frame- work addresses a number of shortcomings of the current state of the process of physical document verification. These protocols are proposed, analyzed, and evaluated under the semi-honest model and with the proposed security requirements. |
author2 |
Ng Wee Keong |
author_facet |
Ng Wee Keong Do, Hoang Giang |
format |
Theses and Dissertations |
author |
Do, Hoang Giang |
author_sort |
Do, Hoang Giang |
title |
Privacy preserving query processing on outsourced data via secure multiparty computation |
title_short |
Privacy preserving query processing on outsourced data via secure multiparty computation |
title_full |
Privacy preserving query processing on outsourced data via secure multiparty computation |
title_fullStr |
Privacy preserving query processing on outsourced data via secure multiparty computation |
title_full_unstemmed |
Privacy preserving query processing on outsourced data via secure multiparty computation |
title_sort |
privacy preserving query processing on outsourced data via secure multiparty computation |
publishDate |
2018 |
url |
http://hdl.handle.net/10356/73577 |
_version_ |
1759855120567238656 |
spelling |
sg-ntu-dr.10356-735772023-03-04T00:52:28Z Privacy preserving query processing on outsourced data via secure multiparty computation Do, Hoang Giang Ng Wee Keong School of Computer Science and Engineering DRNTU::Engineering::Computer science and engineering Recent advances in technology have given rise to the popularity and success of many data- related services. This new paradigm allows the client to reduce the cost of operations by providing cost-efficient architectures that support the storage and intensive computation of data, and hence increases the throughput of businesses. However, these promising data services incur multiple and challenging design issues, considerably due to the leakage of confidential data. Losing control over the hardware typically means giving the rights of data access to a third party; as a result, the client faces new threats coming from the server-side. Typical data-management service providers should not be fully trusted, thus storing encrypted data needs to be considered for high-level security assurance. Another potential threat is employees who do not follow the company’s privacy policies and may, intention- ally or unintentionally, reveal sensitive client information. Even when the provider claims to enforce strict policies pertaining to privacy, there is still a chance that the database systems are vulnerable to malicious external attacks. This thesis aims at investigating privacy–preserving solutions for various important data query classes in different ubiquitous scenarios. The security issues of existing secure data processing protocols are also discussed. We focus on the provision of a rigorous security guarantee when processing data and answering queries. Cryptographic techniques from multi-party secure computation are leveraged to enhance security. Specifically, our proposed research objectives are as follows: • The security problem will be analyzed under the semi-honest secure multi-party computation model. The semi-honest model assumes all the participating parties correctly follow the protocol specifications but actively collect information from the data storage and data processing protocols to discover confidential data. • Security requirements for various secure data processing models are proposed to ensure strong confidentiality protection. In this thesis, by considering access pattern and query privacy requirements, we aim to address the security limitations of the existing solutions. • Security requirements for various secure data processing models are proposed to ensure strong confidentiality protection. In this thesis, by considering access pattern and query privacy requirements, we aim to address the security limitations of the existing solutions. • We investigate various secure query processing algorithms in different ubiquitous scenarios: (i) Secure Conjunctive Matching - A solution supports conjunctive queries over an encrypted numerical dataset. An extension to support range queries is also proposed. (ii) Boolean Keyword Search - A scheme allows the client to securely evaluate a boolean expression on a keyword set for an encrypted outsourced corpus of documents. (iii) Multi-dimensional Range Query - a set of protocols support multi-dimensional range queries over a set of points of high dimensional space. The high dimen- sional space represents the multidimensional datasets of numerical domains. (iv) Secure Confidential Information verification. - a framework for verifying per- sonal or confidential information against a set of criteria. The proposed frame- work addresses a number of shortcomings of the current state of the process of physical document verification. These protocols are proposed, analyzed, and evaluated under the semi-honest model and with the proposed security requirements. Doctor of Philosophy (SCE) 2018-03-29T07:20:54Z 2018-03-29T07:20:54Z 2018 Thesis Do, H. G. (2018). Privacy preserving query processing on outsourced data via secure multiparty computation. Doctoral thesis, Nanyang Technological University, Singapore. http://hdl.handle.net/10356/73577 10.32657/10356/73577 en 149 p. application/pdf |