Encrypted Dataset Research Articles

Secure Content-Based Image Retrieval in the Cloud With Key Confidentiality

Owing to the rapid development of cloud services and personal privacy demand, secure cloud storage services and search over encrypted datasets have become an important issue. Recently, the leaking of images such as identification and driver's licenses catches much attention. The trend towards secure computation has been widely discussed, especially asymmetric scalar-product-preserving encryption (ASPE) and homomorphic encryption (HE). Although ASPE have ability to encrypt and determine the similarity between ciphertexts efficiently, it is not a practical methodology due to its assumption that the users are fully trusted in real world and it also may have key leakage problem. Contrary to ASPE, HE can execute addition and multiplication in the encrypted domain and solve key leakage problem. Hence, in this paper, we combine the opinions of HE and ASPE to propose new privacy-preserving content-based image retrieval with key confidentiality scheme against the attacks from data owner, cloud server and users. Our privacy preserving image retrieval scheme is developed under strong threat model that is close to real world. Furthermore, to the best of our knowledge, our work is the first one that developing scheme under the assumption that all the entities involved in privacy-preserving image retrieval system are semi-trusted. Our scheme ensures the confidentiality of key and privacy of query information at the same time. In addition, we provide a lightweight verification to check whether the search query is fake or not. Finally, the experiment results show that the computation overheads and search precision are acceptable at the same time.

Towards Practical Privacy-Preserving Decision Tree Training and Evaluation in the Cloud

Due to the capacity of storing massive data and providing huge computing resources, cloud computing has been a desirable platform for doing machine learning. However, the issue of data privacy is far from being well solved and thus has been a general concern in the cloud-aided machine learning. In this work, we investigate the study of how to efficiently do decision tree training and evaluation in the cloud and meanwhile achieve privacy preservation. Unlike existing cloud server-assisted model training approaches, in our proposed solution, the whole training process is mostly done by the cloud service provider who owns the machine learning model. Since the cloud cannot directly divide the encrypted dataset according to the best attributes selected, we propose a new method for decision tree training without dataset splitting. Precisely, we design three methods for decision tree training with the different tradeoff between privacy and efficiency. In all of these methods, the outsourced data are not revealed to the cloud service provider. We also propose a privacy-preserving decision tree evaluation scheme where the cloud service provider learns nothing about the user’s input and the classification result while the trained model is kept secret to the user who could only learn the classification result. Compared with previous decision tree evaluation work, our scheme achieves desirable privacy preservation against both the user and the cloud service provider, and also minimizes the user’s computation and communication costs. Moreover, besides protecting the data confidentiality, our proposed scheme also supports off-line users and thus has good scalability. The real-world dataset-based experimental results demonstrate that our system is of desirable utility and efficiency.

Redistributed Records Collections Personality Matching using Encrypted Cryptosystem

Sensitive information is gradually distributed in the cloud in this project's cloud computing and processing services to reduce costs, which raises concerns regarding data privacy. Encryption was a positive way to keep outsourced sensitive data secure, but it makes efficient use of data a very difficult process. In this paper, we focus on the issue of private matching in ide ntity-based cryptosystem over outsourced encrypted data sets that can simplify the management of certificates. To solve this proble m, we are proposing a private matching scheme based on identity

A Cryptographic Ensemble for secure third party data analysis: Collaborative data clustering without data owner participation

This paper introduces the twin concepts Cryptographic Ensembles and Global Encrypted Distance Matrices (GEDMs), designed to provide a solution to outsourced secure collaborative data clustering. The cryptographic ensemble comprises: Homomorphic Encryption (HE) to preserve raw data privacy, while supporting data analytics; and Multi-User Order Preserving Encryption (MUOPE) to preserve the privacy of the GEDM. Clustering can therefore be conducted over encrypted datasets without requiring decryption or the involvement of data owners once encryption has taken place, all with no loss of accuracy. The GEDM concept is applicable to large scale collaborative data mining applications that feature horizontal data partitioning. In the paper DBSCAN clustering is adopted for illustrative and evaluation purposes. The results demonstrate that the proposed solution is both efficient and accurate while maintaining data privacy.

PrivFT: Private and Fast Text Classification With Homomorphic Encryption

The need for privacy-preserving analytics is higher than ever due to the severity of privacy risks and to comply with new privacy regulations leading to an amplified interest in privacy-preserving techniques that try to balance between privacy and utility. In this work, we present an efficient method for Text Classification while preserving the privacy of the content using Fully Homomorphic Encryption (FHE). Our system (named \textbf{Priv}ate \textbf{F}ast \textbf{T}ext (PrivFT)) performs two tasks: 1) making inference of encrypted user inputs using a plaintext model and 2) training an effective model using an encrypted dataset. For inference, we train a supervised model and outline a system for homomorphic inference on encrypted user inputs with zero loss to prediction accuracy. In the second part, we show how to train a model using fully encrypted data to generate an encrypted model. We provide a GPU implementation of the Cheon-Kim-Kim-Song (CKKS) FHE scheme and compare it with existing CPU implementations to achieve 1 to 2 orders of magnitude speedup at various parameter settings. We implement PrivFT in GPUs to achieve a run time per inference of less than 0.66 seconds. Training on a relatively large encrypted dataset is more computationally intensive requiring 5.04 days.

Efficient and secure multi-dimensional geometric range query over encrypted data in cloud

Secure geometric range query, which aims to retrieve data points within a given geometric range from an encrypted dataset in the cloud, attracts more and more attention due to its wide applications. Up to now, several secure geometric range query schemes have been put forward. However, the existing schemes still suffer from various disadvantages, such as they are of low efficiency, cannot support multi-dimensional data and general range query, or even have security flaws. In this paper, we study secure geometric range query on encrypted dataset in cloud. First, we show the security problem of the state-of-the-art scheme by proposing an efficient attack method. Then, we propose a new secure solution for general multi-dimensional range query, which is secure under known-background model, and leverage R-tree index to achieve sub-linear search efficiency. Finally, through theoretical analysis and extensive experiments, we demonstrate the effectiveness and efficiency of our proposed approaches.

Practical Privacy-Preserving MapReduce Based K-Means Clustering Over Large-Scale Dataset

Clustering techniques have been widely adopted in many real world data analysis applications, such as customer behavior analysis, targeted marketing, digital forensics, etc. With the explosion of data in today's big data era, a major trend to handle a clustering over large-scale datasets is outsourcing it to public cloud platforms. This is because cloud computing offers not only reliable services with performance guarantees, but also savings on in-house IT infrastructures. However, as datasets used for clustering may contain sensitive information, e.g., patient health information, commercial data, and behavioral data, etc, directly outsourcing them to public cloud servers inevitably raise privacy concerns. In this paper, we propose a practical privacy-preserving K-means clustering scheme that can be efficiently outsourced to cloud servers. Our scheme allows cloud servers to perform clustering directly over encrypted datasets, while achieving comparable computational complexity and accuracy compared with clusterings over unencrypted ones. We also investigate secure integration of MapReduce into our scheme, which makes our scheme extremely suitable for cloud computing environment. Thorough security analysis and numerical analysis carry out the performance of our scheme in terms of security and efficiency. Experimental evaluation over a 5 million objects dataset further validates the practical performance of our scheme.

Long-term outcomes after extracorporeal membrane oxygenation in patients with dialysis-requiring acute kidney injury: A cohort study.

BackgroundAcute kidney injury (AKI) is a common complication of extracorporeal membrane oxygenation (ECMO) treatment. The aim of this study was to elucidate the long-term outcomes of adult patients with AKI who receive ECMO.Materials and methodsThe study analyzed encrypted datasets from Taiwan’s National Health Insurance Research Database. The data of 3251 patients who received first-time ECMO treatment between January 1, 2003, and December 31, 2013, were analyzed. Characteristics and outcomes were compared between patients who required dialysis for AKI (D-AKI) and those who did not in order to evaluate the impact of D-AKI on long-term mortality and major adverse kidney events.ResultsOf the 3251 patients, 54.1% had D-AKI. Compared with the patients without D-AKI, those with D-AKI had higher rates of all-cause mortality (52.3% vs. 33.3%; adjusted hazard ratio [aHR] 1.82, 95% confidence interval [CI] 1.53–2.17), chronic kidney disease (13.7% vs. 8.1%; adjusted subdistribution HR [aSHR] 1.66, 95% CI 1.16–2.38), and end-stage renal disease (5.2% vs. 0.5%; aSHR 14.28, 95% CI 4.67–43.62). The long-term mortality of patients who survived more than 90 days after discharge was 22.0% (153/695), 32.3% (91/282), and 50.0% (10/20) in the patients without D-AKI, with recovery D-AKI, and with nonrecovery D-AKI who required long-term dialysis, respectively, demonstrating a significant trend (Pfor trend <0.001).ConclusionAKI is associated with an increased risk of long-term mortality and major adverse kidney events in adult patients who receive ECMO.

New Approach to Set Representation and Practical Private Set-Intersection Protocols

Private set intersection (PSI) is a fundamental cryptographic protocol, which has many important applications, such as personal properties matching, data sharing, or data mining. PSI has been widely studied in the literature, and many PSI protocols have been presented; however, today, many real-world applications do not use a secure PSI protocol, mainly because current PSI protocols have two issues: the insufficient efficiency and not considering the secure storage of users’ datasets. Without using the PSI protocols, users of the real-world applications will sacrifice their privacy. In this paper, we propose a new approach for sets representation, which denotes sets by bit vectors and naturally hides the cardinality of a set. The new approach is particularly suitable to cloud computing environments. Then, we present two practical PSI and PSI cardinality protocols based on an additive homomorphic public-key cryptosystem (PKC). The new protocols enjoy two main advantages: 1) they are more efficient than other related protocols, especially when the set size is less than 212 and 2) the approach used in our protocols provides a good solution to securely store users’ datasets, and the encrypted datasets could be used as protocols’ messages directly without any additional computations. Finally, we implement our PSI and PSI cardinality protocols with Paillier PKC and ElGamal PKC in Java .

Semantic-Aware Searching Over Encrypted Data for Cloud Computing

With the increasing adoption of cloud computing, a growing number of users outsource their datasets to cloud. To preserve privacy, the datasets are usually encrypted before outsourcing. However, the common practice of encryption makes the effective utilization of the data difficult. For example, it is difficult to search the given keywords in encrypted datasets. Many schemes are proposed to make encrypted data searchable based on keywords. However, keyword-based search schemes ignore the semantic representation information of users’ retrieval, and cannot completely meet with users search intention. Therefore, how to design a content-based search scheme and make semantic search more effective and context-aware is a difficult challenge. In this paper, we propose ECSED, a novel semantic search scheme based on the concept hierarchy and the semantic relationship between concepts in the encrypted datasets. ECSED uses two cloud servers. One is used to store the outsourced datasets and return the ranked results to data users. The other one is used to compute the similarity scores between the documents and the query and send the scores to the first server. To further improve the search efficiency, we utilize a tree-based index structure to organize all the document index vectors. We employ the multi-keyword ranked search over encrypted cloud data as our basic frame to propose two secure schemes. The experiment results based on the real world datasets show that the scheme is more efficient than previous schemes. We also prove that our schemes are secure under the known ciphertext model and the known background model.

From online banking to biobanking: designing and implementing a data delivery platform for researchers of the China Kadoorie Biobank

IntroductionAs a large prospective cohort study of 512,891 participants, we routinely integrate data via linkage to population health outcomes to deliver up-to-date research datasets. Building on experience from the private sector, we have implemented a platform that supports the delivery and audit of secure datasets to internal and external researchers.&#x0D; Objectives and ApproachWe aimed to create a platform that delivers secure research datasets for preliminary analyses and fieldwork with dynamic censor dates. It must also provide multiple static versions of an analysis-ready database with fixed censor dates. Individual participant outcome data from population health sources (death and disease registries and health insurance agencies) can be integrated and linked regularly to other health-related data, e.g., genetic, bioinformatics, and medical device. With knowledge of data management strategies used in major financial institutions, we have produced systems that successfully implement the techniques of data warehousing, multiple concurrent environments and secure dataset access and delivery.&#x0D; ResultsAs at the end of 2017, we had over 300 registered and approved researchers eligible to request datasets. Using our platform, we have recorded over 150 requests and successfully delivered over 100 de-personalised and encrypted datasets to external researchers around the world. In addition, we have supplied secure datasets to over 20 Global Health MSc and DPhil students studying at The University. The platform currently hosts 4 completed analysis-ready databases with censor dates ranging from 31st December 2013 to 11 years of follow-up as of 31st December 2016. A 5th analysis-ready database (with the most recent outcome data from participants’ death, disease and hospitalisations) is already under development. We plan during 2018 to make available more data sources and outcome data to our external researchers.&#x0D; Conclusion/ImplicationsWe have developed a versatile platform that delivers secure datasets for researchers from a selection of analysis-ready databases, each with differing censor dates and available data sources. This platform is scalable and can accommodate regular integration of known follow-up data sources along with new and emerging data sources.

Identity-Based Private Matching over Outsourced Encrypted Datasets

With wide use of cloud computing and storage services, sensitive information is increasingly centralized into the cloud to reduce the management costs, which raises concerns about data privacy. Encryption is a promising way to maintain the confidentiality of outsourced sensitive data, but it makes effective data utilization to be a very challenging task. In this paper, we focus on the problem of private matching over outsourced encrypted datasets in identity-based cryptosystem that can simplify the certificate management. To solve this problem, we propose an Identity-Based Private Matching scheme ( $\mathsf{IBPM}$ ), which realizes fine-grained authorization that enables the privileged cloud server to perform private matching operations without leaking any private data. We present the rigorous security proof under the Decisional Linear Assumption and Decisional Bilinear Diffie-Hellman Assumption. Furthermore, through the analysis of the asymptotic complexity and the experimental evaluation, we verify that the cost of our $\mathsf{IBPM}$ scheme is linear to the size of the dataset and it is more efficient than the existing work of Zheng and Xu [30] . Finally, we apply our $\mathsf{IBPM}$ scheme to build two efficient schemes, including identity-based fuzzy private matching as well as identity-based multi-keyword fuzzy search.

Secure and efficient outsourcing differential privacy data release scheme in Cyber–physical system

A cyber–physical system is a mechanism controlled or monitored by computer-based algorithms, tightly integrated with the internet and its users. Cyber–physical systems such as smart grid, autonomous automobile systems, medical monitoring, process control systems, robotics systems, and automatic pilot avionics will use physical sensors to produce and collect data. Most of the data contains personal information, which is so called privacy, should be carefully protected. How to protect privacy is now a hot-topic not only in academia but also in industry. Differential privacy has been accepted as the privacy concept due to its concise definition and its simple implementation. However, the interactive model cannot achieve differential privacy without data provider’s timely answers, which means data provider should always be attachable. It is unrealistic to keep data provider online due to the risk of data provider be broken will grow rapidly as time goes by. With today’s differential privacy technology, a non-interactive model remains an open problem. To find an alternative, we consider implant whole dataset into a cloud server to provide all the functions instead of data provider. Nonetheless, once the server is compromised, the privacy of the data cannot be guaranteed. It appears that there should be a strong definition, the cloud server is completely trustworthy, before differential privacy can actually be implemented. An intuitive thought to improve this situation is to only upload encrypted datasets. Then, the server could be semi-honest or even fully malicious. Homomorphic encryption can make the encrypted dataset operable, but it requires considerable storage space and bandwidth, which are impractical. We realized that order-preserving encryption is a tradeoff between data utility and practicability. Thus, we propose a novel outsourcing differential privacy data release scheme in cyber–physical system. The proposed scheme allows data providers to outsource their datasets to a cloud service provider with low communication cost. Let the cloud service provider be the host that answers the queries from the data evaluator with noisy results. The data providers can go offline after uploading their encrypted datasets, which is one of the critical requirements for a practical system. In this paper, we present a detailed theoretical analysis, including proofs of differential privacy and security. We also report an experimental evaluation on real datasets.

Ensemble Method for Privacy-Preserving Logistic Regression Based on Homomorphic Encryption

Homomorphic encryption (HE) is one of promising cryptographic candidates resolving privacy issues in machine learning on sensitive data such as biomedical data and financial data. However, HE-based solutions commonly suffer from relatively high computational costs due to a large number of iterations in the optimization algorithms such as gradient descent (GD) for the learning phase. In this paper, we propose a new method called ensemble GD for logistic regression, a commonly used machine learning technique for binary classification. Our ensemble method reduces the number of iterations of GD, which results in substantial improvement on the performance of logistic regression based on HE in terms of speed and memory. The convergence of ensemble GD based on HE is guaranteed by our theoretical analysis on the erroneous variant of ensemble GD. We implemented ensemble GD for the logistic regression based on an approximate HE scheme HEAAN on MNIST data set and Credit data set from UCI machine learning repository. Compared to the standard GD for logistic regression, our ensemble method requires only about 60% number of iterations, which results in 60-70% reduction on the running time of total learning procedure in encrypted state, and 30-40% reduction on the storage of encrypted data set.

Coding for locality in reconstructing permutations

The problem of storing permutations in a distributed manner arises in several common scenarios, such as efficient updates of a large, encrypted, or compressed data set. This problem may be addressed in either a combinatorial or a coding approach. The former approach boils down to presenting large sets of permutations with locality, that is, any symbol of the permutation can be computed from a small set of other symbols. In the latter approach, a permutation may be coded in order to achieve locality. Both approaches must present low query complexity to allow the user to find an element efficiently. We discuss both approaches, and give a particular focus to the combinatorial one. In the combinatorial approach, we provide upper and lower bounds for the maximal size of a set of permutations with locality, and provide several simple constructions which attain the upper bound. In cases where the upper bound is not attained, we provide alternative constructions using a variety of tools, such as Reed-Solomon codes, permutation polynomials, and multi-permutations. In addition, several low-rate constructions of particular interest are discussed. In the coding approach we discuss an alternative representation of permutations, present a paradigm for supporting arbitrary powers of the stored permutation, and conclude with a proof of concept that permutations may be stored more efficiently than ordinary strings over the same alphabet.

Private queries on encrypted genomic data

BackgroundOne of the tasks in the iDASH Secure Genome Analysis Competition in 2016 was to demonstrate the feasibility of privacy-preserving queries on homomorphically encrypted genomic data. More precisely, given a list of up to 100,000 mutations, the task was to encrypt the data using homomorphic encryption in a way that allows it to be stored securely in the cloud, and enables the data owner to query the dataset for the presence of specific mutations, without revealing any information about the dataset or the queries to the cloud.MethodsWe devise a novel string matching protocol to enable privacy-preserving queries on homomorphically encrypted data. Our protocol combines state-of-the-art techniques from homomorphic encryption and private set intersection protocols to minimize the computational and communication cost.ResultsWe implemented our protocol using the homomorphic encryption library SEAL v2.1, and applied it to obtain an efficient solution to the iDASH competition task. For example, using 8 threads, our protocol achieves a running time of only 4 s, and a communication cost of 2 MB, when querying for the presence of 5 mutations from an encrypted dataset of 100,000 mutations.ConclusionsWe demonstrate that homomorphic encryption can be used to enable an efficient privacy-preserving mechanism for querying the presence of particular mutations in realistic size datasets. Beyond its applications to genomics, our protocol can just as well be applied to any kind of data, and is therefore of independent interest to the homomorphic encryption community.

Cryptoleq: A Heterogeneous Abstract Machine for Encrypted and Unencrypted Computation

The rapid expansion and increased popularity of cloud computing comes with no shortage of privacy concerns about outsourcing computation to semi-trusted parties. Leveraging the power of encryption, in this paper, we introduce Cryptoleq: an abstract machine based on the concept of one instruction set computer, capable of performing general-purpose computation on encrypted programs. The program operands are protected using the Paillier partially homomorphic cryptosystem, which supports addition on the encrypted domain. Full homomorphism over addition and multiplication, which is necessary for enabling general-purpose computation, is achieved by inventing a heuristically obfuscated software re-encryption module written using Cryptoleq instructions and blended into the executing program. Cryptoleq is heterogeneous, allowing mixing encrypted and unencrypted instruction operands in the same program memory space. Programming with Cryptoleq is facilitated using an enhanced assembly language that allows the development of any advanced algorithm on encrypted data sets. In our evaluation, we compare Cryptoleq's performance against a popular fully homomorphic encryption library, and demonstrate correctness using a typical private information retrieval problem.

Optimized Search-and-Compute Circuits and Their Application to Query Evaluation on Encrypted Data

Private query processing on encrypted databases allows users to obtain data from encrypted databases in such a way that the users’ sensitive data will be protected from exposure. Given an encrypted database, users typically submit queries similar to the following examples: 1) How many employees in an organization make over U.S. $100000? 2) What is the average age of factory workers suffering from leukemia? Answering the questions requires one to search and then compute over the relevant encrypted data sets in sequence. In this paper, we are interested in efficiently processing queries that require both operations to be performed on fully encrypted databases. One immediate solution is to use several special-purpose encryption schemes simultaneously; however, this approach is associated with a high computational cost for maintaining multiple encryption contexts. Another solution is to use a privacy homomorphic scheme. However, no secure solutions have been developed that satisfy the efficiency requirements. In this paper, we construct a unified framework to efficiently and privately process queries with search and compute operations. For this purpose, the first part of our work involves devising several underlying circuits as primitives for queries on encrypted data. Second, we apply two optimization techniques to improve the efficiency of these circuit primitives. One technique involves exploiting single-instruction-multiple-data (SIMD) techniques to accelerate the basic circuit operations. Unlike general SIMD approaches, our SIMD implementation can be applied even to a single basic operation. The other technique is to use a large integer ring (e.g., $\mathbb {Z}_{2^{t}}$ ) as a message space rather than a binary field. Even for an integer of $k$ bits with $k>t$ , addition can be performed using degree 1 circuits with lazy carry operations. Finally, we present various experiments performed by varying the considered parameters, such as the query type and the number of tuples.

Security Analysis of Collusion-Resistant Nearest Neighbor Query Scheme on Encrypted Cloud Data

Recently, Yuan et al. (IEEE Infocom ’13, pp.2652–2660) proposed an efficient secure nearest neighbor (SNN) search scheme on encrypted cloud database. Their scheme is claimed to be secure against the collusion attack of query clients and cloud server, because the colluding attackers cannot infer the encryption/decryption key. In this letter, we observe that the encrypted dataset in Yuan’s scheme can be broken by the collusion attack without deducing the key, and present a simple but powerful attack to their scheme. Experiment results validate the high efficiency of our attacking approach. Additionally, we also indicate an upper bound of collusion-resistant ability of any accurate SNN query scheme. key words: cloud computing, encrypted query, nearest neighbor, attack