Monday, January 5, 2015

[Research] Privacy Preserving Data Services in the Cloud

When you utilize a data service in the cloud to store your business data, among other concerns, there are security and privacy implications. Two key concerns are data confidentiality and access privacy. In this post, I am briefly discussing these two concerns and highlight the related research work.

Data confidentiality - prevent the cloud from seeing the plaintext data.
Access Privacy - prevent the cloud from inferring information about data from the queries made.

Data confidentiality research:

  • The challenge is to allow query processing while keeping the data and query oblivious
  • Researchers have mainly taken two approaches

Access Privacy research:

  • The challenge is to support minimal leakage of query access pattern while keeping the computational cost to reasonably low so that the approach is practical.
  • There are two main paths that researchers have taken to solve this problem:
    • Private Information Retrieval (PIR) based approaches [1]
    • Oblivious RAM (ORAM) based approaches  [1

No comments: