Query execution assurance for outsourced databases
VLDB '05 Proceedings of the 31st international conference on Very large data bases
Attribute-based encryption for fine-grained access control of encrypted data
Proceedings of the 13th ACM conference on Computer and communications security
Order-Preserving Symmetric Encryption
EUROCRYPT '09 Proceedings of the 28th Annual International Conference on Advances in Cryptology: the Theory and Applications of Cryptographic Techniques
Public-key cryptosystems based on composite degree residuosity classes
EUROCRYPT'99 Proceedings of the 17th international conference on Theory and application of cryptographic techniques
Achieving secure, scalable, and fine-grained data access control in cloud computing
INFOCOM'10 Proceedings of the 29th conference on Information communications
P4P: practical large-scale privacy-preserving distributed computation robust against malicious users
USENIX Security'10 Proceedings of the 19th USENIX conference on Security
Outsourcing the decryption of ABE ciphertexts
SEC'11 Proceedings of the 20th USENIX conference on Security
Sedic: privacy-aware data intensive computing on hybrid clouds
Proceedings of the 18th ACM conference on Computer and communications security
| Hi-index | 0.00 |
The advent of cloud computing is driving a paradigm shift in the computing landscape. An increasing number of businesses and individuals are moving their data and computation to the cloud. While the benefits of cloud computing are numerous, security remains one of the biggest concerns as data and computation are outsourced to untrusted third parties. In this invited paper, we summarize our efforts to securely outsource collaborative sensing and analytic applications to untrusted clouds. Particularly, we consider stream data sharing and collaborative data mining. First, we present Streamforce, a system for secure enforcement of fine-grained access control for stream data. It ensures both data privacy against the curious clouds and access control against dishonest users, while offloading most of the expensive computations to the cloud. Using a number of encryption schemes for the underlying security, Streamforce provides high-level abstraction in the form of secure query operators which can be used directly or combined to support fine-grained access control policies. Second, we present CloudMine, a cloud-based service enabling multiple data owners to perform data mining tasks on the cloud, without the latter learning the private inputs and the final outputs. We leverage Paillier encryption scheme to build a sum service that is secure against curious and lazy clouds, from which we show how to implement complex, secure data mining algorithms. Our experiments with Streamforce and CloudMine on EC2 suggest practical performance of these systems.