ABSTRACT
In order to process a few thousands of streams in real-time, public clouds seem to be an excellent choice since it supports massively amount of computing resources. A public cloud may be managed by a third party and outside the firewall of the organization, which may make it questionable whether data are managed confidentially. This paper proposes a scheme that evaluates queries over encrypted data streams. Our scheme is based on CryptDB and its modification. We describe performance issues incurred by our scheme, and propose an approach to reduce the encryption costs and amounts of transmitted data size, and an approach to reduce memory usage by analyzing a plan tree in an SPE. The result of experiments showed that applying AP-1 reduces 90% memory size, while applying AP-2 reduces 11% memory size.
- Amazon Elastic Compute Cloud (Amazon EC2). http://aws.amazon.com/jp/ec2/.Google Scholar
- Microsoft StreamInSight. http://www.microsoft.com/sqlserver/2008/en/us/r2-complex-event.aspx.Google Scholar
- Microsoft Windows Azure. http://www.microsoft.com/japan/windowsazure/.Google Scholar
- Oracle CEP. http://www.oracle.com/us/technologies/soa/service-oriented-architecture-066455.html.Google Scholar
- Paillier's Homomorphic Cryptosystem (Java Implementation). http://www.csee.umbc.edu/~kunliu1/research/Paillier.html.Google Scholar
- TCPDUMP/LIBPCAP public repository. http://www.tcpdump.org/.Google Scholar
- uCosminexus Stream Data Platform. http://www.hitachi.co.jp/Prod/comp/soft1/cosminexus/sdp/.Google Scholar
- A. Arasu, S. Babu, and J. Widom. The cql continuous query language: semantic foundations and query execution. VLDB J., 15(2):121--142, 2006. Google ScholarDigital Library
- A. Boldyreva, N. Chenette, Y. Lee, and A. O'Neill. Order-preserving symmetric encryption. In EUROCRYPT, pages 224--241, 2009. Google ScholarDigital Library
- R. Chow, P. Golle, M. Jakobsson, E. Shi, J. Staddon, R. Masuoka, and J. Molina. Controlling data in the cloud: outsourcing computation without outsourcing control. In CCSW, pages 85--90, 2009. Google ScholarDigital Library
- B. Gedik, H. Andrade, K.-L. Wu, P. S. Yu, and M. Doo. Spade: the system's declarative stream processing engine. In SIGMOD Conference, pages 1123--1134, 2008. Google ScholarDigital Library
- S. Halevi and P. Rogaway. A tweakable enciphering mode. In CRYPTO, pages 482--499, 2003.Google ScholarCross Ref
- S. Hildenbrand, D. Kossmann, T. Sanamrad, C. Binnig, F. Faerber, and J. Woehler. Query processing on encrypted data in the cloud. 2011.Google Scholar
- R. V. Nehme, H.-S. Lim, E. Bertino, and E. A. Rundensteiner. StreamShield: a stream-centric approach towards security and privacy in data stream environments. In SIGMOD Conference, pages 1027--1030, 2009. Google ScholarDigital Library
- P. Paillier. Public-key cryptosystems based on composite degree residuosity classes. In EUROCRYPT, pages 223--238, 1999. Google ScholarDigital Library
- R. A. Popa, C. M. S. Redfield, N. Zeldovich, and H. Balakrishnan. Cryptdb: protecting confidentiality with encrypted query processing. In SOSP, pages 85--100, 2011. Google ScholarDigital Library
- E. Wu, Y. Diao, and S. Rizvi. High-performance complex event processing over streams. In SIGMOD Conference, pages 407--418, 2006. Google ScholarDigital Library
Index Terms
- A security aware stream data processing scheme on the cloud and its efficient execution methods
Recommendations
An efficient public key secure scheme for cloud and IoT security
AbstractAccording to the National Institute of Standard and Technology (NIST), the security level of RSA is safe when it is N-bit modulus ≥ 2048 bits. Because of this, the processing time to generate asymmetric keys also increases. Taking this ...
Efficient certificateless proxy signature scheme with provable security
In this paper we propose a very efficient and provably secure proxy signature scheme with implicit certificate (called ''certificateless proxy signature scheme''), where a receiver does not have to verify a certificate before verifying a signed message, ...
Efficient proxy signcryption scheme with provable CCA and CMA security
For facilitating the confidential transaction with delegation such as on-line proxy auction and business contract signing by an authorized proxy, we propose an efficient proxy signcryption scheme from pairings. Our scheme allows an original signer to ...
Comments