Secure and Privacy-Preserving Cloud-Assisted Computing
Doctoral thesis, 2022
Smart devices such as smartphones, wearables, and smart appliances collect significant amounts of data and transmit them over the network forming the Internet of Things (IoT). Many applications in our daily lives (e.g., health, smart grid, traffic monitoring) involve IoT devices that often have low computational capabilities. Subsequently, powerful cloud servers are employed to process the data collected from these devices. Nevertheless, security and privacy concerns arise in cloud-assisted computing settings.
Collected data can be sensitive, and it is essential to protect their confidentiality. Additionally, outsourcing computations to untrusted cloud servers creates the need to ensure that servers perform the computations as requested and that any misbehavior can be detected, safeguarding security. Cryptographic primitives and protocols are the foundation to design secure and privacy-preserving solutions that address these challenges. This thesis focuses on providing privacy and security guarantees when outsourcing heavy computations on sensitive data to untrusted cloud servers. More concretely, this work:
(a) provides solutions for outsourcing the secure computation of the sum and the product functions in the multi-server, multi-client setting, protecting the sensitive data of the data owners, even against potentially untrusted cloud servers;
(b) provides integrity guarantees for the proposed protocols, by enabling anyone to verify the correctness of the computed function values. More precisely, the employed servers or the clients (depending on the proposed solution) provide specific values which are the proofs that the computed results are correct;
(c) designs decentralized settings, where multiple cloud servers are employed to perform the requested computations as opposed to relying on a single server that might fail or lose connection;
(d) suggests ways to protect individual privacy and provide integrity. More pre- cisely, we propose a verifiable differentially private solution that provides verifiability and avoids any leakage of information regardless of the participa- tion of some individual’s sensitive data in the computation or not.
Collected data can be sensitive, and it is essential to protect their confidentiality. Additionally, outsourcing computations to untrusted cloud servers creates the need to ensure that servers perform the computations as requested and that any misbehavior can be detected, safeguarding security. Cryptographic primitives and protocols are the foundation to design secure and privacy-preserving solutions that address these challenges. This thesis focuses on providing privacy and security guarantees when outsourcing heavy computations on sensitive data to untrusted cloud servers. More concretely, this work:
(a) provides solutions for outsourcing the secure computation of the sum and the product functions in the multi-server, multi-client setting, protecting the sensitive data of the data owners, even against potentially untrusted cloud servers;
(b) provides integrity guarantees for the proposed protocols, by enabling anyone to verify the correctness of the computed function values. More precisely, the employed servers or the clients (depending on the proposed solution) provide specific values which are the proofs that the computed results are correct;
(c) designs decentralized settings, where multiple cloud servers are employed to perform the requested computations as opposed to relying on a single server that might fail or lose connection;
(d) suggests ways to protect individual privacy and provide integrity. More pre- cisely, we propose a verifiable differentially private solution that provides verifiability and avoids any leakage of information regardless of the participa- tion of some individual’s sensitive data in the computation or not.
differential privacy
decentralization
verifiability
privacy-preservation
secure aggregation
secret sharing
cloud computing
privacy
Author
Georgia Tsaloli
Network and Systems
DEVA : Decentralized, Verifiable Secure Aggregation for Privacy-Preserving Learning
Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics),;Vol. 13118 LNCS(2021)p. 296-319
Paper in proceeding
Non-Interactive, Secure Verifiable Aggregation for Decentralized, Privacy-Preserving Learning
Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics),;Vol. 13083 LNCS(2021)p. 510-5128
Paper in proceeding
Practical and Provably Secure Distributed Aggregation: Verifiable Additive Homomorphic Secret Sharing
Cryptography,;Vol. 4(2020)
Journal article
Differential Privacy meets Verifiable Computation: Achieving Strong Privacy and Integrity Guarantees
ICETE 2019 - Proceedings of the 16th International Joint Conference on e-Business and Telecommunications,;Vol. Volume 2: SECRYPT(2019)p. 425-430
Paper in proceeding
Verifiable homomorphic secret sharing
Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics),;Vol. 11192 LNCS(2018)p. 40-55
Paper in proceeding
Smart devices such as smartphones, wearables, and smart appliances col- lect significant amounts of data and transmit them over the network forming the Internet of Things (IoT). Many applications in our daily lives (e.g., health, smart grid, traffic monitoring) involve IoT devices that often have low computational capabilities. Subsequently, powerful cloud servers are employed to process the data collected from these devices. Nev- ertheless, security and privacy concerns arise in cloud-assisted computing settings.
Collected data can be sensitive, and it is essential to protect their confi- dentiality. Additionally, outsourcing computations to untrusted cloud servers creates the need to ensure that servers perform the computations as re- quested and that any misbehavior can be detected, safeguarding security. Cryptographic primitives and protocols are the foundation to design secure and privacy-preserving solutions that address these challenges.
This thesis focuses on providing privacy and security guarantees when outsourcing heavy computations on sensitive data to untrusted cloud servers. More concretely, this work:
(a) provides solutions for keeping secret any sensitive information that is outsourced to the cloud for computations, protecting data owners’ privacy. Cloud servers perform computations without having access to the actual data but looking to encoded data instead;
(b) proposesprotocolsthatcanachievesecurityguaranteesregardingthe correctness of the assigned computations. In other words, untrusted cloud servers must provide some proof that their computed results are correct;
(c) introduces schemes that employ multiple cloud servers to handle the requested computations instead of relying on a single server that might fail/lose connection;
(d) suggests ways to protect data privacy and integrity. It is essential to avoid also any leakage of information that may result from aggregated statistics based on sensitive data.
Collected data can be sensitive, and it is essential to protect their confi- dentiality. Additionally, outsourcing computations to untrusted cloud servers creates the need to ensure that servers perform the computations as re- quested and that any misbehavior can be detected, safeguarding security. Cryptographic primitives and protocols are the foundation to design secure and privacy-preserving solutions that address these challenges.
This thesis focuses on providing privacy and security guarantees when outsourcing heavy computations on sensitive data to untrusted cloud servers. More concretely, this work:
(a) provides solutions for keeping secret any sensitive information that is outsourced to the cloud for computations, protecting data owners’ privacy. Cloud servers perform computations without having access to the actual data but looking to encoded data instead;
(b) proposesprotocolsthatcanachievesecurityguaranteesregardingthe correctness of the assigned computations. In other words, untrusted cloud servers must provide some proof that their computed results are correct;
(c) introduces schemes that employ multiple cloud servers to handle the requested computations instead of relying on a single server that might fail/lose connection;
(d) suggests ways to protect data privacy and integrity. It is essential to avoid also any leakage of information that may result from aggregated statistics based on sensitive data.
Subject Categories
Other Computer and Information Science
Mathematics
Computer and Information Science
Information Science
Computer Science
Areas of Advance
Information and Communication Technology
ISBN
978-91-7905-664-3
Doktorsavhandlingar vid Chalmers tekniska högskola. Ny serie: 5130
Publisher
Chalmers