Secure and Privacy-Preserving Cloud-Assisted Computing
Doctoral thesis, 2022

Smart devices such as smartphones, wearables, and smart appliances collect significant amounts of data and transmit them over the network forming the Internet of Things (IoT). Many applications in our daily lives (e.g., health, smart grid, traffic monitoring) involve IoT devices that often have low computational capabilities. Subsequently, powerful cloud servers are employed to process the data collected from these devices. Nevertheless, security and privacy concerns arise in cloud-assisted computing settings.

Collected data can be sensitive, and it is essential to protect their confidentiality. Additionally, outsourcing computations to untrusted cloud servers creates the need to ensure that servers perform the computations as requested and that any misbehavior can be detected, safeguarding security. Cryptographic primitives and protocols are the foundation to design secure and privacy-preserving solutions that address these challenges. This thesis focuses on providing privacy and security guarantees when outsourcing heavy computations on sensitive data to untrusted cloud servers. More concretely, this work:

(a)  provides solutions for outsourcing the secure computation of the sum and the product functions in the multi-server, multi-client setting, protecting the sensitive data of the data owners, even against potentially untrusted cloud servers;
(b)  provides integrity guarantees for the proposed protocols, by enabling anyone to verify the correctness of the computed function values. More precisely, the employed servers or the clients (depending on the proposed solution) provide specific values which are the proofs that the computed results are correct;
(c)  designs decentralized settings, where multiple cloud servers are employed to perform the requested computations as opposed to relying on a single server that might fail or lose connection;
(d)  suggests ways to protect individual privacy and provide integrity. More pre- cisely, we propose a verifiable differentially private solution that provides verifiability and avoids any leakage of information regardless of the participa- tion of some individual’s sensitive data in the computation or not.

differential privacy

decentralization

verifiability

privacy-preservation

secure aggregation

secret sharing

cloud computing

privacy

EE, Hörsal
Opponent: Claudio Orlandi, Aarhus University, Denmark

Author

Georgia Tsaloli

Network and Systems

DEVA : Decentralized, Verifiable Secure Aggregation for Privacy-Preserving Learning

Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics),;Vol. 13118 LNCS(2021)p. 296-319

Paper in proceeding

Non-Interactive, Secure Verifiable Aggregation for Decentralized, Privacy-Preserving Learning

Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics),;Vol. 13083 LNCS(2021)p. 510-5128

Paper in proceeding

Differential Privacy meets Verifiable Computation: Achieving Strong Privacy and Integrity Guarantees

ICETE 2019 - Proceedings of the 16th International Joint Conference on e-Business and Telecommunications,;Vol. Volume 2: SECRYPT(2019)p. 425-430

Paper in proceeding

Verifiable homomorphic secret sharing

Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics),;Vol. 11192 LNCS(2018)p. 40-55

Paper in proceeding

Smart devices such as smartphones, wearables, and smart appliances col- lect significant amounts of data and transmit them over the network forming the Internet of Things (IoT). Many applications in our daily lives (e.g., health, smart grid, traffic monitoring) involve IoT devices that often have low computational capabilities. Subsequently, powerful cloud servers are employed to process the data collected from these devices. Nev- ertheless, security and privacy concerns arise in cloud-assisted computing settings.

Collected data can be sensitive, and it is essential to protect their confi- dentiality. Additionally, outsourcing computations to untrusted cloud servers creates the need to ensure that servers perform the computations as re- quested and that any misbehavior can be detected, safeguarding security. Cryptographic primitives and protocols are the foundation to design secure and privacy-preserving solutions that address these challenges.

This thesis focuses on providing privacy and security guarantees when outsourcing heavy computations on sensitive data to untrusted cloud servers. More concretely, this work:

(a)  provides solutions for keeping secret any sensitive information that is outsourced to the cloud for computations, protecting data owners’ privacy. Cloud servers perform computations without having access to the actual data but looking to encoded data instead;
(b)  proposesprotocolsthatcanachievesecurityguaranteesregardingthe correctness of the assigned computations. In other words, untrusted cloud servers must provide some proof that their computed results are correct;
(c)  introduces schemes that employ multiple cloud servers to handle the requested computations instead of relying on a single server that might fail/lose connection;
(d)  suggests ways to protect data privacy and integrity. It is essential to avoid also any leakage of information that may result from aggregated statistics based on sensitive data.

Subject Categories

Other Computer and Information Science

Mathematics

Computer and Information Science

Information Science

Computer Science

Areas of Advance

Information and Communication Technology

ISBN

978-91-7905-664-3

Doktorsavhandlingar vid Chalmers tekniska högskola. Ny serie: 5130

Publisher

Chalmers

EE, Hörsal

Online

Opponent: Claudio Orlandi, Aarhus University, Denmark

More information

Latest update

6/13/2022