Privacy-preserving Data Processing on the Cloud

Partners: Data61 (Prof Josef Pieprzyk), Monash university (Dr Ron Steinfeld, Dr Joseph Liu), Prof Desmedt (University of Texas at Dallas, US) and A/Prof Wang (Nanyang University of Technology)

Funding: ARC

Duration: 3 years

The availability of cheap storage and computation has enabled an entire industry of information services outsourcing for commercial customers ranging from medical providers to government services. Unfortunately, in this process the security and privacy of the individuals concerned are often being neglected in favour of economic disincentives and expediency, excused by the unavailability of proper tools to enforce privacy at reasonable cost. Other cases of data processing, where privacy is found lacking, are situations where two or more competing entities need to engage in collaboration to reach a shared outcome based on proprietary datasets. In this context, a principal security concern for common cloud applications the focus of this project is data privacy. Data privacy is concerned with protecting the confidentiality of user data from a cloud server, while retaining the capability by the cloud server of performing useful operations on the data on behalf of the client.

The project is an Australian contribution to the international research effort towards design and analysis of efficient and secure cloud computation. It is aligned with the Cybersecurity national science and research priority and addresses the first three research challenges, namely, (1) highly-secure and resilient communications and data acquisition, storage, retention, (2) secure, trustworthy and fault-tolerant technologies, and (3) new technologies and approaches to support the nations cybersecurity. The developed new expertise is going to be an invaluable source for consultancy and engagement with Australian business and industry.

The significance of our research problem comes from its potential impact on mitigating a major privacy problem in contemporary web security: the high frequency of hacking incidents, leaking massive amounts of private business and personal data, with significant consequent financial and reputation costs, due to the lack of a suitable ‘data processing/sharing enabling’ encryption technology in current databases.

This project consists of two research streams: cloud data computation and cloud data sharing and aims (1) to create practical, specialised tools for securing common cloud data computation, including tools for fast and powerful search on encrypted data, and scalable statistical analysis on encrypted data; and (2) to create practical, specialised tools for securing common cloud data sharing, including tools for multiuser access control of encrypted data and processing results, and multi-user data sources of encrypted data.

Our overall goal is to make the above tools sufficiently flexible and efficient to meet the main cloud data computation needs of typical privacy-sensitive applications. We intend to evaluate our privacy-preserving tools by integrating them to the existing open-source data analysis platforms (such as Apache’s Solr, Samoa and Drill) for the above applications, and assessing their performance in conjunction with the most recent threats.