Presentation is loading. Please wait.

Presentation is loading. Please wait.

Secure Data Outsourcing

Published byPrudence Reed Modified over 8 years ago

Similar presentations

Presentation on theme: "Secure Data Outsourcing"— Presentation transcript:

1 Secure Data Outsourcing

2 Outline Motivation Background knowledge Research issues Summary
Problem description Review cryptographic primitives Research issues Summary

3 Motivation Cost of maintaining large data
4-5 times of the cost of data acquisition DBAs are paid well  More and more service providers Low cost – cloud computing Maintain one database for one user  multiple users Examples: Alentus.com Datapipe.com Discountasp.net Concerns about data security and privacy Untrusted service provider

4 Un-trusted server Lazy: incentives to perform less
Curious: incentives to acquire information Malicious: Denial of service Incorrect results Possibly compromised

5 Challenges Data confidentiality Access privacy Query assurance
Data need to be encrypted (?) Query on protected data? Mapping Indexing Access privacy SQL query Access pattern – access index/data Query assurance Correct Complete Fresh

6 Why is it hard? Arbitrary expressivity Cost SQL statements
Often, restricted for certain type of query for simplicity (e.g. range query, knn query) Cost Communication Computation (server side vs client side)

7 Data confidentiality Bucketization method (crypto-index)
Order preserving encryption Perturbations

8 Bucketization method Hacigumus (SIGMOD02)

9 Main steps Partition sensitive attributes
Order preserving: supports comparison Random: query rewriting becomes hard Build index on the partitions Rewrite queries to target partitions ‘john doe’  105 Select * from T’ where name=105 Execute queries and return results Prune/post-process results on client

10 Trade off between confidentiality and overhead
Larger partition  increased privacy  increased overheads

11 Order preserving encryption
Agrawal2004, Boldyreva2009 The set of data is securely transformed so that the order is preserved but the distribution and domain are changed Benefits: indexing/searching on OPE encrypted data Weakness: once the original distribution is known, OPE is broken

12 Not attribute-wise order preserving
Order preserving encryption (OPE, Agrawal et al 2004) is not resilient to distribution-based attacks Original Xi distribution is known Transformed Xi’ distribution OPE Bucket based Estimation

13 Perturbation based methods
Multiplicative perturbations RASP perturbation for query services (range query, kNN query) (Xu 2014)

14 confidential query services in the cloud
framework Data D D’ D’ D’=F(D) Data owner q’ Query q q’=Q(q) H(q’,D’) Authorized Users Result R’ Result R R=G(R’) Trusted client Honest but curious cloud RASP framework for confidential query services in the cloud

15 RASP perturbation k-dimensional numeric data, n records, represented as a k x n matrix, x: a record

16 Properties Not an OPE Preserves convexity of the dataset
Convex dataset in Rk  another convex dataset in Rk+2. Good for range query Each range query in Rk  hyperplane based query  range query in Rk+2 .

17 RASP properties Convexity preserving
Queried range (hypercube) is convex RASP transforms the range to another convex (polyhedron) half space: wTx<=a wTx=a The intersection of convex sets is also convex.

18 illustration of convexity preserving
Perturbed space Original space OPE space Xi < a  E(Xi)<E(a)

19 Secure query transformation
A naïve solution Based on the convexity preserving property Problems: (1) A-1 can be probed (2) is If a is known, the whole dimension i is breached.

20 Secure query transformation
Enhanced solution Xk+2 is always positive (Xi-a)  0  (Xi-a)Xk+2  0 Correspondingly, in the encrypted space yTy  0, Problems addressed: (1) A-1 cannot be derived from  (2) (Xi-a)Xk+2  0 contains the random component Xk+2 that protects the condition (Xi-a)  0

21 Efficient two-stage query processing
illustrated Stage2: Filter out the junk records Stage1: Querying this bounding box Original space Transformed space A multidimensional tree index is been built on the encrypted data (in the transformed space) in the server.

22 The client calculates the large bounding box;
Stage 1: The client calculates the large bounding box; The server uses the index to find the results. Stage 2: filter the initial results with the conditions yTiy  0 for 1…2m Note: the two-stage strategy works, if the output of stage 1 is significantly smaller than the original database and can be fit into the memory. Otherwise, use linear scan with stage 2 filtering.

23 Access pattern privacy
On database queries Problem is the same as PIR Attackers may use the access pattern to breach data confidentiality Each of previous approaches should handle this problem!

24 PIR is impractical Solutions based on private Information retrieval (PIR) PIR is still impractical

25 For Bucktization approach
Based on the architecture of Hacigumus (SIGMOD02) Hore VLDB04 (paper 138) For range query Privacy concern: reveal the distribution of value in each bucket “Diffusion”: split buckets and combine parts of different buckets Trade off: now the server needs to return more noisy results  larger size

26 For OPE Queries are protected (assume the original distribution is unknown) Access pattern is not protected may give some information to break the mapping (e.g., estimate the original distribution), no study yet.

27 For RASP Queries are protected
But privacy of access pattern is not preserved

28 Integrity checking Common methods Checksum Hash functions hash trees
Hash chains

29 Integrity guarantee Merkle hash tree
H(H(x1)+H(x2)) , + is string concatenation Can be stored with tree like structure : index, xml

30 Hash chains

31 Applications Query correctness with merkle trees

32 Using merkle tree Example: 5<=q<=10 LUB(q) = 4 GLB(q) = 11

33 Operations: Issues Related work
Selections, projections, equijoins, set ops Issues Works only on data with verification objects Query expressiveness Expensive Related work Pang et. al (ICDE04, SIGMOD05), using ElGamal function Sion VLDB05: challenge token F.Li SIGMOD06: freshness

34 Trusted hardware

35 Possible benefits

36 Discussion Data confidentiality/access pattern
Restrict cryptographic definition (keyword search) or Relaxed definition (perturbation, bucketization, OPE, etc.) It is very difficult to formulate and prove the security of non-traditional approaches Do we need to reformulate the security model? and how?

Download ppt "Secure Data Outsourcing"

Similar presentations

Cloud Computing Security Monir Azraoui, Kaoutar Elkhiyaoui, Refik Molva, Melek Ӧ nen, Pasquale Puzio December 18, 2013 – Sophia-Antipolis, France.

Cloud Computing Security Monir Azraoui, Kaoutar Elkhiyaoui, Refik Molva, Melek Ӧ nen, Pasquale Puzio December 18, 2013 – Sophia-Antipolis, France.
A Privacy Preserving Index for Range Queries

A Privacy Preserving Index for Range Queries
Efficient Information Retrieval for Ranked Queries in Cost-Effective Cloud Environments Presenter: Qin Liu a,b Joint work with Chiu C. Tan b, Jie Wu b,

Efficient Information Retrieval for Ranked Queries in Cost-Effective Cloud Environments Presenter: Qin Liu a,b Joint work with Chiu C. Tan b, Jie Wu b,
Building web applications on top of encrypted data using Mylar Presented by Tenglu Liang Tai Liu.

Building web applications on top of encrypted data using Mylar Presented by Tenglu Liang Tai Liu.
Chapter 11 Indexing and Hashing (2) Yonsei University 2 nd Semester, 2013 Sanghyun Park.

Chapter 11 Indexing and Hashing (2) Yonsei University 2 nd Semester, 2013 Sanghyun Park.
SplitX: High-Performance Private Analytics Ruichuan Chen (Bell Labs / Alcatel-Lucent) Istemi Ekin Akkus (MPI-SWS) Paul Francis (MPI-SWS)

SplitX: High-Performance Private Analytics Ruichuan Chen (Bell Labs / Alcatel-Lucent) Istemi Ekin Akkus (MPI-SWS) Paul Francis (MPI-SWS)
©Silberschatz, Korth and Sudarshan12.1Database System Concepts Chapter 12: Indexing and Hashing Basic Concepts Ordered Indices B+-Tree Index Files B-Tree.

©Silberschatz, Korth and Sudarshan12.1Database System Concepts Chapter 12: Indexing and Hashing Basic Concepts Ordered Indices B+-Tree Index Files B-Tree.
PRIVACY AND SECURITY ISSUES IN DATA MINING P.h.D. Candidate: Anna Monreale Supervisors Prof. Dino Pedreschi Dott.ssa Fosca Giannotti University of Pisa.

PRIVACY AND SECURITY ISSUES IN DATA MINING P.h.D. Candidate: Anna Monreale Supervisors Prof. Dino Pedreschi Dott.ssa Fosca Giannotti University of Pisa.
Query Assurance on Data Streams  Ke Yi (AT&T Labs, now at HKUST)  Feifei Li (Boston U, now at Florida State)  Marios Hadjieleftheriou (AT&T Labs) 

Query Assurance on Data Streams  Ke Yi (AT&T Labs, now at HKUST)  Feifei Li (Boston U, now at Florida State)  Marios Hadjieleftheriou (AT&T Labs) 
CS7380: Privacy Aware Computing Oblivious RAM 1. Motivation  Starting from software protection Prevent from software piracy A valid method is using hardware.

CS7380: Privacy Aware Computing Oblivious RAM 1. Motivation  Starting from software protection Prevent from software piracy A valid method is using hardware.
SafeQ: Secure and Efficient Query Processing in Sensor Networks Fei Chen and Alex X. Liu Department of Computer Science and Engineering Michigan State.

SafeQ: Secure and Efficient Query Processing in Sensor Networks Fei Chen and Alex X. Liu Department of Computer Science and Engineering Michigan State.
Privacy and Integrity Preserving in Distributed Systems Presented for Ph.D. Qualifying Examination Fei Chen Michigan State University August 25 th, 2009.

Privacy and Integrity Preserving in Distributed Systems Presented for Ph.D. Qualifying Examination Fei Chen Michigan State University August 25 th, 2009.
DSAC (Digital Signature Aggregation and Chaining) Digital Signature Aggregation & Chaining An approach to ensure integrity of outsourced databases.

DSAC (Digital Signature Aggregation and Chaining) Digital Signature Aggregation & Chaining An approach to ensure integrity of outsourced databases.
Spring 2004 ECE569 Lecture 04-2.1 ECE 569 Database System Engineering Spring 2004 Yanyong Zhang www.ece.rutgers.edu/~yyzhangwww.ece.rutgers.edu/~yyzhang.

Spring 2004 ECE569 Lecture ECE 569 Database System Engineering Spring 2004 Yanyong Zhang
DSAC (Digital Signature Aggregation and Chaining) Digital Signature Aggregation & Chaining An approach to ensure integrity of outsourced databases.

DSAC (Digital Signature Aggregation and Chaining) Digital Signature Aggregation & Chaining An approach to ensure integrity of outsourced databases.
Research interest: Secure database outsourcing Presented by Alla Lanovenko Thesis Adviser: Professor Huiping Guo 599 A 11 December 2006.

Research interest: Secure database outsourcing Presented by Alla Lanovenko Thesis Adviser: Professor Huiping Guo 599 A 11 December 2006.
ICDE 2004 1 A Peer-to-peer Framework for Caching Range Queries Ozgur D. Sahin Abhishek Gupta Divyakant Agrawal Amr El Abbadi Department of Computer Science.

ICDE A Peer-to-peer Framework for Caching Range Queries Ozgur D. Sahin Abhishek Gupta Divyakant Agrawal Amr El Abbadi Department of Computer Science.
Practical Techniques for Searches on Encrypted Data Yongdae Kim Written by Song, Wagner, Perrig.

Practical Techniques for Searches on Encrypted Data Yongdae Kim Written by Song, Wagner, Perrig.
Protecting data privacy and integrity in clouds By Jyh-haw Yeh Computer Science Boise state University.

Protecting data privacy and integrity in clouds By Jyh-haw Yeh Computer Science Boise state University.
R 18 G 65 B 145 R 0 G 201 B 255 R 104 G 113 B 122 R 216 G 217 B 218 R 168 G 187 B 192 Core and background colors: 1© Nokia Solutions and Networks 2014.

R 18 G 65 B 145 R 0 G 201 B 255 R 104 G 113 B 122 R 216 G 217 B 218 R 168 G 187 B 192 Core and background colors: 1© Nokia Solutions and Networks 2014.

Similar presentations

Ads by Google