Partitioned Data Security on Outsourced Sensitive and Non-Sensitive Data

Mehrotra, Sharad; Sharma, Shantanu; Ullman, Jeffrey D.; Mishra, Anurag

doi:10.1109/icde.2019.00064

Cited by 9 publications

(8 citation statements)

References 60 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…For example, Mouratidis and Yiu [29] proposed a hardware-aided PIR-based solution to PPSP that relies on a tamper-resistant secure co-processor installed at the server-side. However, such schemes require decrypting the data in a secure area at the cloud and perform the computation on decrypted data; thus, they do not protect data access patterns from the server [30].…”

Section: Private Information Retrieval (Pir) Methodsmentioning

confidence: 99%

ESPADE: An Efficient and Semantically Secure Shortest Path Discovery for Outsourced Location-Based Services

et al. 2020

View full text Add to dashboard Cite

With the rapid growth of smart devices and technological advancements in tracking geospatial data, the demand for Location-Based Services (LBS) is facing a constant rise in several domains, including military, healthcare and transportation. It is a natural step to migrate LBS to a cloud environment to achieve on-demand scalability and increased resiliency. Nonetheless, outsourcing sensitive location data to a third-party cloud provider raises a host of privacy concerns as the data owners have reduced visibility and control over the outsourced data. In this paper, we consider outsourced LBS where users want to retrieve map directions without disclosing their location information. Specifically, our paper aims to address the following problem: Given a user’s location s, a target destination t, and a graph G stored in a cloud, can users retrieve the shortest path route from s to t in a privacy-preserving manner? Although there exist a few solutions to this problem, they are either inefficient or insecure. For example, existing solutions either leak intermediate results to untrusted cloud providers or incur significant costs on the end-user. To address this gap, we propose an efficient and secure solution based on homomorphic encryption properties combined with a novel data aggregation technique. We formally show that our solution achieves semantic security guarantees under the semi-honest model. Additionally, we provide complexity analysis and experimental results to demonstrate that the proposed protocol is significantly more efficient than the current state-of-the-art techniques.

show abstract

Section: Private Information Retrieval (Pir) Methodsmentioning

confidence: 99%

ESPADE: An Efficient and Semantically Secure Shortest Path Discovery for Outsourced Location-Based Services

et al. 2020

View full text Add to dashboard Cite

show abstract

Section: Conference Versionmentioning

confidence: 99%

“…A preliminary version of this article was accepted and presented in IEEE ICDE [53]. The conference version includes the following additional concept, which is not provided in this version, due to space restriction: an analytical model to show when QB works better compared to a pure cryptographic technique (Section V A of Reference [53]). semantic data modeling [38], (ii) user-defined relationships between sensitive and non-sensitive data [67], (iii) constraintsbased mechanisms, (iv) sensitive patterns hiding using sanitization matrix [44], and (v) common knowledge-based association rules [45].…”

Section: Conference Versionmentioning

confidence: 99%

“…The EId attribute values corresponding to sensitive tuples include E101, E259, E152, E159 and corresponding to non-sensitive tuples are E199, E259, E254, E152 for which a = is 1:1. We discuss QB under the above assumption, but these assumptions are relaxed in the conference version of this article (please see Sections IV.A and IV.B in Reference [53]). Before describing QB, we first define the concept of approximately square factors of a number.…”

Section: The Base Casementioning

confidence: 99%

See 1 more Smart Citation

Panda

Mehrotra

Sharma

Ullman

et al. 2020

ACM Trans. Manage. Inf. Syst.

Self Cite

View full text Add to dashboard Cite

Despite extensive research on cryptography, secure and efficient query processing over outsourced data remains an open challenge. This article continues along with the emerging trend in secure data processing that recognizes that the entire dataset may not be sensitive and, hence, non-sensitivity of data can be exploited to overcome limitations of existing encryption-based approaches. We first provide a new security definition, entitled partitioned data security, for guaranteeing that the joint processing of non-sensitive data (in cleartext) and sensitive data (in encrypted form) does not lead to any leakage. Then, this article proposes a new secure approach, entitled query binning (QB), that allows secure execution of queries over non-sensitive and sensitive parts of the data. QB maps a query to a set of queries over the sensitive and non-sensitive data in a way that no leakage will occur due to the joint processing over sensitive and non-sensitive data. In particular, we propose secure algorithms for selection, range, and join queries to be executed over encrypted sensitive and cleartext non-sensitive datasets. Interestingly, in addition to improving performance, we show that QB actually strengthens the security of the underlying cryptographic technique by preventing size, frequency-count, and workload-skew attacks. CCS Concepts: • Security and privacy → Database and storage security;

show abstract

“…Now, the DB owner arranges 16 values in a 4 × 4 matrix, as follows: , 13,1,12,9) on the sensitive data using the cryptographic mechanism integrated into QB. While the adversary learns that the query corresponds to one of the four values in NSB 1 , since query values in SB 3 are encrypted, the adversary does not learn 1 These assumptions are made primarily for ease of the exposition and relaxed in [16].…”

Section: Query Binningmentioning

confidence: 99%

Scaling Cryptographic Techniques by Exploiting Data Sensitivity at a Public Cloud

Mehrotra

Sharma

Ullman

2019

Proceedings of the Ninth ACM Conference on Data and Application Security and Privacy

Self Cite

View full text Add to dashboard Cite

Despite extensive research on cryptography, secure and efficient query processing over outsourced data remains an open challenge. This poster continues along the emerging trend in secure data processing that recognizes that the entire dataset may not be sensitive, and hence, non-sensitivity of data can be exploited to overcome some of the limitations of existing encryption-based approaches. In particular, this poster outlines a new secure keyword search approach, called query keyword binning (QB) that allows non-sensitive parts of the data to be outsourced in clear-text while guaranteeing that no information is leaked by joint processing of non-sensitive data (in clear-text) and sensitive data (in encrypted form). QB improves the performance of and strengthens the security of the underlying cryptographic technique by preventing size, frequencycount, and workload-skew attacks. CCS CONCEPTS • Security and privacy → Database and storage security.

show abstract

Partitioned Data Security on Outsourced Sensitive and Non-Sensitive Data

Cited by 9 publications

References 60 publications

ESPADE: An Efficient and Semantically Secure Shortest Path Discovery for Outsourced Location-Based Services

ESPADE: An Efficient and Semantically Secure Shortest Path Discovery for Outsourced Location-Based Services

Panda

Scaling Cryptographic Techniques by Exploiting Data Sensitivity at a Public Cloud

Contact Info

Product

Resources

About