Protecting privacy using the decentralized label model
ACM Transactions on Software Engineering and Methodology (TOSEM)
Speeding Up Secret Computations with Insecure Auxiliary Devices
CRYPTO '88 Proceedings of the 8th Annual International Cryptology Conference on Advances in Cryptology
Secure and private sequence comparisons
Proceedings of the 2003 ACM workshop on Privacy in the electronic society
Secure outsourcing of sequence comparisons
International Journal of Information Security - Special issue on SC 2003
Secure web applications via automatic partitioning
Proceedings of twenty-first ACM SIGOPS symposium on Operating systems principles
MapReduce: simplified data processing on large clusters
Communications of the ACM - 50th anniversary issue: 1958 - 2008
Towards Practical Privacy for Genomic Computation
SP '08 Proceedings of the 2008 IEEE Symposium on Security and Privacy
Fully homomorphic encryption using ideal lattices
Proceedings of the forty-first annual ACM symposium on Theory of computing
Bioinformatics
An architecture for virtual solution composition and deployment in infrastructure clouds
VTDC '09 Proceedings of the 3rd international workshop on Virtualization technologies in distributed computing
Blueprint for the Intercloud - Protocols and Formats for Cloud Computing Interoperability
ICIW '09 Proceedings of the 2009 Fourth International Conference on Internet and Web Applications and Services
Privacy-preserving genomic computation through program specialization
Proceedings of the 16th ACM conference on Computer and communications security
Securely outsourcing linear algebra computations
ASIACCS '10 Proceedings of the 5th ACM Symposium on Information, Computer and Communications Security
Privacy-preserving public auditing for data storage security in cloud computing
INFOCOM'10 Proceedings of the 29th conference on Information communications
Airavat: security and privacy for MapReduce
NSDI'10 Proceedings of the 7th USENIX conference on Networked systems design and implementation
Secure outsourcing of DNA searching via finite automata
DBSec'10 Proceedings of the 24th annual IFIP WG 11.3 working conference on Data and applications security and privacy
P4P: practical large-scale privacy-preserving distributed computation robust against malicious users
USENIX Security'10 Proceedings of the 19th USENIX conference on Security
ICALP'06 Proceedings of the 33rd international conference on Automata, Languages and Programming - Volume Part II
How to securely outsource cryptographic computations
TCC'05 Proceedings of the Second international conference on Theory of Cryptography
Fully homomorphic encryption over the integers
EUROCRYPT'10 Proceedings of the 29th Annual international conference on Theory and Applications of Cryptographic Techniques
Partitioning applications for hybrid and federated clouds
CASCON '12 Proceedings of the 2012 Conference of the Center for Advanced Studies on Collaborative Research
Towards a general framework for secure MapReduce computation on hybrid clouds
Proceedings of the 4th annual Symposium on Cloud Computing
SPARSI: partitioning sensitive data amongst multiple adversaries
Proceedings of the VLDB Endowment
Proceedings of the First International Workshop on Middleware for Cloud-enabled Sensing
Hi-index | 0.00 |
The emergence of cost-effective cloud services offers organizations great opportunity to reduce their cost and increase productivity. This development, however, is hampered by privacy concerns: a significant amount of organizational computing workload at least partially involves sensitive data and therefore cannot be directly outsourced to the public cloud. The scale of these computing tasks also renders existing secure outsourcing techniques less applicable. A natural solution is to split a task, keeping the computation on the private data within an organization's private cloud while moving the rest to the public commercial cloud. However, this hybrid cloud computing is not supported by today's data-intensive computing frameworks, MapReduce in particular, which forces the users to manually split their computing tasks. In this paper, we present a suite of new techniques that make such privacy-aware data-intensive computing possible. Our system, called Sedic, leverages the special features of MapReduce to automatically partition a computing job according to the security levels of the data it works on, and arrange the computation across a hybrid cloud. Specifically, we modified MapReduce's distributed file system to strategically replicate data, moving sanitized data blocks to the public cloud. Over this data placement, map tasks are carefully scheduled to outsource as much workload to the public cloud as possible, given sensitive data always stay on the private cloud. To minimize inter-cloud communication, our approach also automatically analyzes and transforms the reduction structure of a submitted job to aggregate the map outcomes within the public cloud before sending the result back to the private cloud for the final reduction. This also allows the users to interact with our system in the same way they work with MapReduce, and directly run their legacy code in our framework. We implemented Sedic on Hadoop and evaluated it using both real and synthesized computing jobs on a large-scale cloud test-bed. The study shows that our techniques effectively protect sensitive user data, offload a large amount of computation to the public cloud and also fully preserve the scalability of MapReduce.