scispace - formally typeset
Search or ask a question
Journal Article•DOI•

Towards Differential Query Services in Cost-Efficient Clouds

01 Jun 2014-IEEE Transactions on Parallel and Distributed Systems (IEEE)-Vol. 25, Iss: 6, pp 1648-1658
TL;DR: This paper presents three efficient information retrieval for ranked query (EIRQ) schemes to reduce querying overhead incurred on the cloud.
Abstract: Cloud computing as an emerging technology trend is expected to reshape the advances in information technology. In a cost-efficient cloud environment, a user can tolerate a certain degree of delay while retrieving information from the cloud to reduce costs. In this paper, we address two fundamental issues in such an environment: privacy and efficiency. We first review a private keyword-based file retrieval scheme that was originally proposed by Ostrovsky. Their scheme allows a user to retrieve files of interest from an untrusted server without leaking any information. The main drawback is that it will cause a heavy querying overhead incurred on the cloud and thus goes against the original intention of cost efficiency. In this paper, we present three efficient information retrieval for ranked query (EIRQ) schemes to reduce querying overhead incurred on the cloud. In EIRQ, queries are classified into multiple ranks, where a higher ranked query can retrieve a higher percentage of matched files. A user can retrieve files on demand by choosing queries of different ranks. This feature is useful when there are a large number of matched files, but the user only needs a small subset of them. Under different parameter settings, extensive evaluations have been conducted on both analytical models and on a real cloud environment, in order to examine the effectiveness of our schemes.

Content maybe subject to copyright    Report

Citations
More filters
Journal Article•DOI•
TL;DR: The proposed system realizes lightweight data encryption, lightweight keyword trapdoor generation and lightweight data recovery, which leaves very few computations to user's terminal, and requires much less communication cost.

117 citations


Cites background from "Towards Differential Query Services..."

  • ...[21] classified the search queries into multiple ranks to reduce the query overhead incurred in the cloud....

    [...]

Journal Article•DOI•
TL;DR: This paper proposes and implements a machine learning strategy for smart edges using differential privacy, guaranteeing privacy protection by adding Laplace mechanisms, and designs two different algorithms Output Perturbation and Objective PERTurbation, which satisfy differential privacy.
Abstract: With the popularity of smart devices and the widespread use of machine learning methods, smart edges have become the mainstream of dealing with wireless big data. When smart edges use machine learning models to analyze wireless big data, nevertheless, some models may unintentionally store a small portion of the training data with sensitive records. Thus, intruders can expose sensitive information by careful analysis of this model. To solve this privacy issue, in this paper, we propose and implement a machine learning strategy for smart edges using differential privacy. We focus our attention on privacy protection in training datasets in wireless big data scenario. Moreover, we guarantee privacy protection by adding Laplace mechanisms, and design two different algorithms Output Perturbation (OPP) and Objective Perturbation (OJP), which satisfy differential privacy. In addition, we consider the privacy preserving issues presented in the existing literatures for differential privacy in the correlated datasets, and further provided differential privacy preserving methods for correlated datasets, guaranteeing privacy by theoretical deduction. Finally, we implement the experiments on the TensorFlow, and evaluate our strategy on four datasets, i.e., MNIST, SVHN, CIFAR-10 and STL-10. The experiment results show that our methods can efficiently protect the privacy of training datasets and guarantee the accuracy on benchmark datasets.

93 citations

Journal Article•DOI•
TL;DR: A Comprehensive Transmission model is proposed, by combining the Client/Server (C/S) mode and the Peer-to-Peer (P2P) mode for reliable data transmission, and a Two-Phase Resource Sharing (TPRS) protocol is designed, which mainly consists of a pre-filtering phase and a verification phase to efficiently and privately achieve authorized resource sharing in the CT model.

68 citations

Journal Article•DOI•
01 Apr 2019
TL;DR: A differential privacy-based query model for sustainable fog computing supported data center is proposed that can effectively resist various popular privacy attacks, and achieve relatively high data utility under the premise of better privacy preserving.
Abstract: With the increasing computation and storage capabilities of mobile devices, the concept of fog computing was proposed to tackle the high communication delay inherent in cloud computing, and also improve the security to some extent. This paper concerns with the privacy issue inherent in the sustainable fog computing platform. However, there is no universal solution to the privacy problem in fog computing due to the device heterogeneity. In this paper, we proposed a differential privacy-based query model for sustainable fog computing supported data center. We designed a method that can quantify the quality of privacy preserving through rigorous mathematical proof. The proposed method uses the query model to capture the structure information of the sustainable fog computing supported data center, and the datasets for the query result are mapped to real vectors. Then, we implemented the differential privacy preserving by injecting Laplacian noise. The experiment results demonstrated that the proposed method can effectively resist various popular privacy attacks, and achieve relatively high data utility under the premise of better privacy preserving.

60 citations


Cites methods from "Towards Differential Query Services..."

  • ...[37] presented three efficient information retrieval ranking query schemes to reduce query overhead generated on the cloud, comprehensive evaluation was carried out to analyze the model and test the effectiveness of the proposed method in a real cloud environment....

    [...]

Journal Article•DOI•
TL;DR: This paper proposes a heuristic approach to classify n queries into k groups, in order to minimize the difference between each group and the number of distinct keywords in all groups, which is NP-hard.
Abstract: As the demand for the development of cloud computing grows, more and more organizations have outsourced their data and query services to the cloud for cost-saving and flexibility. Suppose an organization that has a great number of users querying the cloud-deployed multiple proxy servers to achieve cost efficiency and load balancing. Given n queries, each of which is expressed as several keywords, and k proxy servers, the problem to be solved is how to classify n queries into k groups, in order to minimize the difference between each group and the number of distinct keywords in all groups. Since this problem is NP-hard, it is solved in mathematic and heuristic ways. Mathematic grouping uses a local optimization method, and heuristic grouping is based on k-means. Specifically, two extensions are provided: the first one focuses on robustness, i.e., each user obtains search results even if some proxy servers fail; the second one focuses on benefit, i.e., each user can retrieve as many files as possible that may be of interest without increasing the sum. Extensive evaluations have been conducted on both a synthetic dataset and real query traces to verify the effectiveness of our strategies.

57 citations


Cites background or methods from "Towards Differential Query Services..."

  • ...The main drawback of [4-5] is the lack of scalability....

    [...]

  • ...To preserve user privacy in the cloud, our previous work[4-5] proposed deploying a proxy server between the users and the cloud....

    [...]

References
More filters
Report•DOI•
28 Sep 2011
TL;DR: This cloud model promotes availability and is composed of five essential characteristics, three service models, and four deployment models.
Abstract: Cloud computing is a model for enabling convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications, and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction. This cloud model promotes availability and is composed of five essential characteristics, three service models, and four deployment models.

15,145 citations


"Towards Differential Query Services..." refers background in this paper

  • ...Cloud computing as an emerging technology is expected to reshape information technology processes in the near future [1]....

    [...]

Book Chapter•DOI•
02 May 1999
TL;DR: A new trapdoor mechanism is proposed and three encryption schemes are derived : a trapdoor permutation and two homomorphic probabilistic encryption schemes computationally comparable to RSA, which are provably secure under appropriate assumptions in the standard model.
Abstract: This paper investigates a novel computational problem, namely the Composite Residuosity Class Problem, and its applications to public-key cryptography. We propose a new trapdoor mechanism and derive from this technique three encryption schemes : a trapdoor permutation and two homomorphic probabilistic encryption schemes computationally comparable to RSA. Our cryptosystems, based on usual modular arithmetics, are provably secure under appropriate assumptions in the standard model.

7,008 citations


"Towards Differential Query Services..." refers background in this paper

  • ...User privacy can be classified into search privacy and access privacy [2]....

    [...]

Proceedings Article•DOI•
14 Mar 2010
TL;DR: This paper addresses the problem of simultaneously achieving fine-grainedness, scalability, and data confidentiality of access control by exploiting and uniquely combining techniques of attribute-based encryption (ABE), proxy re-encryption, and lazy re- Encryption.
Abstract: Cloud computing is an emerging computing paradigm in which resources of the computing infrastructure are provided as services over the Internet. As promising as it is, this paradigm also brings forth many new challenges for data security and access control when users outsource sensitive data for sharing on cloud servers, which are not within the same trusted domain as data owners. To keep sensitive user data confidential against untrusted servers, existing solutions usually apply cryptographic methods by disclosing data decryption keys only to authorized users. However, in doing so, these solutions inevitably introduce a heavy computation overhead on the data owner for key distribution and data management when fine-grained data access control is desired, and thus do not scale well. The problem of simultaneously achieving fine-grainedness, scalability, and data confidentiality of access control actually still remains unresolved. This paper addresses this challenging open issue by, on one hand, defining and enforcing access policies based on data attributes, and, on the other hand, allowing the data owner to delegate most of the computation tasks involved in fine-grained data access control to untrusted cloud servers without disclosing the underlying data contents. We achieve this goal by exploiting and uniquely combining techniques of attribute-based encryption (ABE), proxy re-encryption, and lazy re-encryption. Our proposed scheme also has salient properties of user access privilege confidentiality and user secret key accountability. Extensive analysis shows that our proposed scheme is highly efficient and provably secure under existing security models.

1,903 citations

Proceedings Article•DOI•
30 Oct 2006
TL;DR: In this paper, the authors proposed a searchable symmetric encryption (SSE) scheme for the multi-user setting, where queries to the server can be chosen adaptively during the execution of the search.
Abstract: Searchable symmetric encryption (SSE) allows a party to outsource the storage of its data to another party (a server) in a private manner, while maintaining the ability to selectively search over it. This problem has been the focus of active research in recent years. In this paper we show two solutions to SSE that simultaneously enjoy the following properties: Both solutions are more efficient than all previous constant-round schemes. In particular, the work performed by the server per returned document is constant as opposed to linear in the size of the data. Both solutions enjoy stronger security guarantees than previous constant-round schemes. In fact, we point out subtle but serious problems with previous notions of security for SSE, and show how to design constructions which avoid these pitfalls. Further, our second solution also achieves what we call adaptive SSE security, where queries to the server can be chosen adaptively (by the adversary) during the execution of the search; this notion is both important in practice and has not been previously considered.Surprisingly, despite being more secure and more efficient, our SSE schemes are remarkably simple. We consider the simplicity of both solutions as an important step towards the deployment of SSE technologies.As an additional contribution, we also consider multi-user SSE. All prior work on SSE studied the setting where only the owner of the data is capable of submitting search queries. We consider the natural extension where an arbitrary group of parties other than the owner can submit search queries. We formally define SSE in the multi-user setting, and present an efficient construction that achieves better performance than simply using access control mechanisms.

1,673 citations

Journal Article•DOI•
TL;DR: The usage of methods and technologies currently used for energy-efficient operation of computer hardware and network infrastructure and some of the remaining key research challenges that arise when such energy-saving techniques are extended for use in cloud computing environments are identified.
Abstract: Energy efficiency is increasingly important for future information and communication technologies (ICT), because the increased usage of ICT, together with increasing energy costs and the need to reduce green house gas emissions call for energy-efficient technologies that decrease the overall energy consumption of computation, storage and communications. Cloud computing has recently received considerable attention, as a promising approach for delivering ICT services by improving the utilization of data centre resources. In principle, cloud computing can be an inherently energy-efficient technology for ICT provided that its potential for significant energy savings that have so far focused on hardware aspects, can be fully explored with respect to system operation and networking aspects. Thus this paper, in the context of cloud computing, reviews the usage of methods and technologies currently used for energy-efficient operation of computer hardware and network infrastructure. After surveying some of the current best practice and relevant literature in this area, this paper identifies some of the remaining key research challenges that arise when such energy-saving techniques are extended for use in cloud computing environments.

682 citations


"Towards Differential Query Services..." refers background in this paper

  • ...hard to directly extend to a cloud environment [19], [20]....

    [...]