research-article

Privacy-preserving data analytics as an outsourced service

Authors:

Florian Kerschbaum,

Julien VayssièreAuthors Info & Claims

SWS '08: Proceedings of the 2008 ACM workshop on Secure web services

Pages 87 - 96

https://doi.org/10.1145/1456492.1456506

Published: 31 October 2008 Publication History

Abstract

Two sets of privacy requirements need to be fulfilled when a company's accounting data is audited by an external party: the company needs to safeguard its data, while the auditors do not want to reveal their investigation methods. This problem is usually addressed by physically isolating data and auditors during the course of an audit. This approach however no longer works when auditing is performed remotely.

We present a searchable encryption scheme for outsourcing data analytics. In our scheme the data owner needs to encrypt his data only once and ship it in encrypted form to the data analyst. The data analyst can then perform a series of queries for which he must ask the data owner for help in translating the constants in the queries.

Our searchable encryption schemes allows keyword searches and range queries. Furthermore it allows queries to reuse the results of previous queries as tokens and thereby make dependent queries without interaction. Nevertheless our scheme is provably secure.

References

[1]

Codification of Auditing Standards and Procedures. Statement on Auditing Standards Number 1. The American Institute of Certified Public Accountants (AICPA). 1972.

[2]

Consideration of Fraud in a Financial Statement Audit. Statement on Auditing Standards Number 99. The American Institute of Certified Public Accountants (AICPA). 2002.

[3]

R. Agrawal, J. Kiernan, R. Srikant, and Y. Xu. Order preserving encryption for numeric data. Proceedings of the ACM SIGMOD International Conference on Management of Data, 2004.

Digital Library

[4]

D. Boneh, G. DiCrescenzo, R. Ostrovsky, and G. Persiano. Public-key Encryption with Keyword Search. Proceedings of Eurocrypt, 2004.

[5]

D. Boneh, E. Kushilevitz, R. Ostrovsky, and W. Skeith. Public Key Encryption That Allows PIR Queries. Proceedings of CRYPTO, 2007.

Digital Library

[6]

D. Boneh, and B. Waters. Conjunctive, Subset, and Range Queries on Encrypted Data. Proceedings of Theory of Cryptography Conference, 2007.

Digital Library

[7]

C. Cachin, S. Micali, and M. Stadler. Computationally Private Information Retrieval with Polylogarithmic Communication. Proceedings of Eurocrypt, 1999.

Digital Library

[8]

Y. Chang, and M. Mitzenmacher. Privacy Preserving Keyword Searches on Remote Encrypted Data. Proceedings of 3rd Applied Cryptography and Network Security Conference, 2005.

Digital Library

[9]

B. Chor, O. Goldreich, E. Kushilevitz, and M. Sudan. Private Information Retrieval. Proceedings of the 36th IEEE Symposium on Foundations of Computer Science, 1995.

Digital Library

[10]

R. Curtmola, J. Garay, S. Kamara, and R. Ostrovsky. Searchable Symmetric Encryption: Improved Definitions and Efficient Constructions. Proceedings of ACM Conference on Computer and Communications Security, 2006.

Digital Library

[11]

S. Evdokimov, and Oliver Günther. Encryption Techniques for Secure Database Outsourcing. Proceedings of the 12th European Symposium On Research In Computer Security, 2007.

Digital Library

[12]

E. Goh. Secure Indexes. Cryptology ePrint Archive: Report 2003/216. Available at http://eprint.iacr.org/2003/216/, 2003.

[13]

O. Goldreich. Secure Multi-party Computation. Available at www.wisdom.weizmann.ac.il/~oded/pp.html, 2002.

[14]

O. Goldreich, and R. Ostrovsky. Software Protection and Simulation on Oblivious RAMs. Journal of ACM 43(3), 1996.

Digital Library

[15]

P. Golle, B. Waters, and J. Staddon. Secure Conjunctive Keyword Search over Encrypted Data. Proceedings of the 2nd International Conference on Applied Cryptography and Network Security, 2004.

[16]

H. Hacigümüs, B. Iyer, C. Li, and S. Mehrotra. Executing SQL over Encrypted Data in the Database-Service-Provider Model. Proceedings of the 28th ACM SIGMOD Conference on the Management of Data, 2002.

Digital Library

[17]

B. Hore, S. Mehrotra, and G. Tsudik. A Privacy-Preserving Index for Range Queries. Proceedings of the 30th International Conference on Very Large Data Bases, 2004.

Digital Library

[18]

E. Kushilevitz, and R. Ostrovsky. Replication is not needed: Single Database Computationally Private Information Retrieval. Proceedings of the 38th IEEE Symposium on Foundations of Computer Science, 1997.

Digital Library

[19]

A. Lenstra, and E. Verheul. Selecting Cryptographic Key Sizes, Journal of Cryptology 14, 2001.

[20]

E. Shi, J. Bethencourt, H. Chan, D. Song, and A. Perrig. Multi-Dimensional Range Query over Encrypted Data. Proceedings of IEEE Symposium on Security and Privacy, 2007.

Digital Library

[21]

R. Sion, and B. Carbunar. On the Computational Practicality of Private Information Retrieval. Proceedings of Network and Distributed System Security Symposium, 2007.

[22]

Brian Snow. We Need Assurance! Proceedings of the 21st Annual Computer Security Applications Conference, 2005

Digital Library

[23]

R. Vanasco. Fraud Auditing. Managerial Auditing Journal 13, 1998.

[24]

J. Wells. Billing Schemes, Part 1: Shell companies that don't deliver. Journal of Accountancy 194, 2000.

[25]

Z. Yang, S. Zhong, and R. Wright. Privacy-Preserving Queries on Encrypted Data. Proceedings of the 11th European Symposium On Research In Computer Security, 2006.

Digital Library

Cited By

Sharma SAhuja S(2018)Privacy Preserving Data Mining: A Review of the State of the ArtHarmony Search and Nature Inspired Optimization Algorithms10.1007/978-981-13-0761-4_1(1-15)Online publication date: 24-Aug-2018
https://doi.org/10.1007/978-981-13-0761-4_1
Guo SXu H(2015)A secure delegation scheme of large polynomial computation in multi-party cloudInternational Journal of Grid and Utility Computing10.1504/IJGUC.2015.0663876:1(1-7)Online publication date: 1-Dec-2015
https://dl.acm.org/doi/10.1504/IJGUC.2015.066387
Aldeen YSalleh MRazzaque M(2015)A comprehensive review on privacy preserving data miningSpringerPlus10.1186/s40064-015-1481-x4:1Online publication date: 12-Nov-2015
https://doi.org/10.1186/s40064-015-1481-x
Show More Cited By

Index Terms

Privacy-preserving data analytics as an outsourced service
1. Security and privacy
  1. Cryptography
    1. Public key (asymmetric) techniques
      1. Public key encryption
  2. Systems security
    1. Operating systems security

Recommendations

Identity-based encryption with outsourced equality test in cloud computing

It is the first time to integrate identity-based encryption into public key encryption with equality test.It extends identity-based encryption with keyword search to yield a general function: equality test.It is proven to be one-way chosen-ciphertext ...
Research on Privacy Preserving of Searchable Encryption
HPCCT '18: Proceedings of the 2018 2nd High Performance Computing and Cluster Technologies Conference

In the cloud computing applications, the researchers proposed a new cryptographic primitive searchable encryption (SE) in order to ensure data security. Searchable encryption can make full use of cloud server computing capacity to search the ciphertext. ...
Privacy preserving weighted similarity search scheme for encrypted data

Cloud computing has become increasingly popular among individuals and enterprises because of the benefits it provides by outsourcing their data to cloud servers. However, the security of the outsourced data has become a major concern. For privacy ...

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences

SWS '08: Proceedings of the 2008 ACM workshop on Secure web services

October 2008

116 pages

ISBN:9781605582924

DOI:10.1145/1456492

Program Chairs:
Ernesto Damiani
Information Technology Dept., University of Milan, Italy
,
Seth Proctor
Sun Microsystems Laboratories, USA

Copyright © 2008 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 31 October 2008

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Conference

CCS08

Sponsor:

CCS08: 15th ACM Conference on Computer and Communications Security 2008

October 31, 2008

Virginia, Alexandria, USA

Upcoming Conference

CCS '25

Sponsor:
sigsac

ACM SIGSAC Conference on Computer and Communications Security

October 13 - 17, 2025

Taipei , Taiwan

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

10
Total Citations
View Citations
498
Total Downloads

Downloads (Last 12 months)8
Downloads (Last 6 weeks)0

Reflects downloads up to 05 Mar 2025

Other Metrics

View Author Metrics

Citations

Cited By

Sharma SAhuja S(2018)Privacy Preserving Data Mining: A Review of the State of the ArtHarmony Search and Nature Inspired Optimization Algorithms10.1007/978-981-13-0761-4_1(1-15)Online publication date: 24-Aug-2018
https://doi.org/10.1007/978-981-13-0761-4_1
Guo SXu H(2015)A secure delegation scheme of large polynomial computation in multi-party cloudInternational Journal of Grid and Utility Computing10.1504/IJGUC.2015.0663876:1(1-7)Online publication date: 1-Dec-2015
https://dl.acm.org/doi/10.1504/IJGUC.2015.066387
Aldeen YSalleh MRazzaque M(2015)A comprehensive review on privacy preserving data miningSpringerPlus10.1186/s40064-015-1481-x4:1Online publication date: 12-Nov-2015
https://doi.org/10.1186/s40064-015-1481-x
Köhler JJünemann KHartenstein H(2015)Confidential database-as-a-service approaches: taxonomy and surveyJournal of Cloud Computing10.1186/s13677-014-0025-14:1Online publication date: 31-Jan-2015
https://doi.org/10.1186/s13677-014-0025-1
Tai CHuang JChung M(2013)Privacy Preserving Frequent Pattern Mining on Multi-cloud EnvironmentProceedings of the 2013 International Symposium on Biometrics and Security Technologies10.1109/ISBAST.2013.41(235-240)Online publication date: 2-Jul-2013
https://dl.acm.org/doi/10.1109/ISBAST.2013.41
Jain RPrabhakar S(2013)Trustworthy data from untrusted databasesProceedings of the 2013 IEEE International Conference on Data Engineering (ICDE 2013)10.1109/ICDE.2013.6544853(529-540)Online publication date: 8-Apr-2013
https://dl.acm.org/doi/10.1109/ICDE.2013.6544853
Guo SXu H(2012)A Non-interactive Secure Outsourced Computation Scheme in Multi-party CloudProceedings of the 2012 Fourth International Conference on Intelligent Networking and Collaborative Systems10.1109/iNCoS.2012.50(15-19)Online publication date: 19-Sep-2012
https://dl.acm.org/doi/10.1109/iNCoS.2012.50
Kerschbaum FSorniotti A(2011)Searchable Encryption for Outsourced Data AnalyticsPublic Key Infrastructures, Services and Applications10.1007/978-3-642-22633-5_5(61-76)Online publication date: 2011
https://doi.org/10.1007/978-3-642-22633-5_5
Kerschbaum FSorniotti A(2010)Searchable encryption for outsourced data analyticsProceedings of the 7th European conference on Public key infrastructures, services and applications10.5555/2035155.2035162(61-76)Online publication date: 23-Sep-2010
https://dl.acm.org/doi/10.5555/2035155.2035162
Kerschbaum FDeitos RDamiani EProctor S(2008)Security against the business partnerProceedings of the 2008 ACM workshop on Secure web services10.1145/1456492.1456493(1-10)Online publication date: 31-Oct-2008
https://dl.acm.org/doi/10.1145/1456492.1456493

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Figures

Tables

Media

View Table of Conten