a privacy-preserving index for range queries
DESCRIPTION
Bijit Hore, Sharad Mehrotra, Gene Tsudik Keiichi Shimamura. A Privacy-Preserving Index for Range Queries. Background. Rise in use of cloud services Outsourcing of IT infrastructure Increasing use of Database As a Service (DAS). Database as a Service. Data is stored at service provider - PowerPoint PPT PresentationTRANSCRIPT
![Page 1: A Privacy-Preserving Index for Range Queries](https://reader036.vdocuments.us/reader036/viewer/2022062323/56816008550346895dcf0973/html5/thumbnails/1.jpg)
Bijit Hore, Sharad Mehrotra, Gene Tsudik
Keiichi Shimamura
![Page 2: A Privacy-Preserving Index for Range Queries](https://reader036.vdocuments.us/reader036/viewer/2022062323/56816008550346895dcf0973/html5/thumbnails/2.jpg)
Rise in use of cloud servicesOutsourcing of IT infrastructure Increasing use of Database As a
Service (DAS)
![Page 3: A Privacy-Preserving Index for Range Queries](https://reader036.vdocuments.us/reader036/viewer/2022062323/56816008550346895dcf0973/html5/thumbnails/3.jpg)
Data is stored at service providerService provider cannot be trustedSecurity perimeter around data
owner Client is secure and trusted Server (service provider) is not trusted
![Page 4: A Privacy-Preserving Index for Range Queries](https://reader036.vdocuments.us/reader036/viewer/2022062323/56816008550346895dcf0973/html5/thumbnails/4.jpg)
How to maintain security and privacy using DAS?
How to estimate and analyze the effectiveness of the solution?
![Page 5: A Privacy-Preserving Index for Range Queries](https://reader036.vdocuments.us/reader036/viewer/2022062323/56816008550346895dcf0973/html5/thumbnails/5.jpg)
Split the query into two parts Insecure query that runs on the server Secure query that runs on the client
Bucketization for range queries
![Page 6: A Privacy-Preserving Index for Range Queries](https://reader036.vdocuments.us/reader036/viewer/2022062323/56816008550346895dcf0973/html5/thumbnails/6.jpg)
![Page 7: A Privacy-Preserving Index for Range Queries](https://reader036.vdocuments.us/reader036/viewer/2022062323/56816008550346895dcf0973/html5/thumbnails/7.jpg)
Larger buckets → more privacySmaller buckets → more
performance
Want: maximum privacy and performance
Reality: tradeoff between privacy and performance
![Page 8: A Privacy-Preserving Index for Range Queries](https://reader036.vdocuments.us/reader036/viewer/2022062323/56816008550346895dcf0973/html5/thumbnails/8.jpg)
![Page 9: A Privacy-Preserving Index for Range Queries](https://reader036.vdocuments.us/reader036/viewer/2022062323/56816008550346895dcf0973/html5/thumbnails/9.jpg)
With knowledge of Bucketization scheme Probability distribution in each bucket
the attacker can form statistical estimates of the values of attributes used in bucketization
![Page 10: A Privacy-Preserving Index for Range Queries](https://reader036.vdocuments.us/reader036/viewer/2022062323/56816008550346895dcf0973/html5/thumbnails/10.jpg)
Increase variance of values in a bucket More different values in each bucket
weakens statistical estimates Increasing variance of one bucket lowers
the variance of others Add entropy
More values in each bucket weakens statistical estimates
More rows are returned per bucket, decreasing performance
![Page 11: A Privacy-Preserving Index for Range Queries](https://reader036.vdocuments.us/reader036/viewer/2022062323/56816008550346895dcf0973/html5/thumbnails/11.jpg)
![Page 12: A Privacy-Preserving Index for Range Queries](https://reader036.vdocuments.us/reader036/viewer/2022062323/56816008550346895dcf0973/html5/thumbnails/12.jpg)
Maximize variance and entropy for most privacy
Specify a maximum performance degradation
Redistribute elements from “optimized buckets” to “composite buckets”
![Page 13: A Privacy-Preserving Index for Range Queries](https://reader036.vdocuments.us/reader036/viewer/2022062323/56816008550346895dcf0973/html5/thumbnails/13.jpg)
![Page 14: A Privacy-Preserving Index for Range Queries](https://reader036.vdocuments.us/reader036/viewer/2022062323/56816008550346895dcf0973/html5/thumbnails/14.jpg)
![Page 15: A Privacy-Preserving Index for Range Queries](https://reader036.vdocuments.us/reader036/viewer/2022062323/56816008550346895dcf0973/html5/thumbnails/15.jpg)
![Page 16: A Privacy-Preserving Index for Range Queries](https://reader036.vdocuments.us/reader036/viewer/2022062323/56816008550346895dcf0973/html5/thumbnails/16.jpg)
![Page 17: A Privacy-Preserving Index for Range Queries](https://reader036.vdocuments.us/reader036/viewer/2022062323/56816008550346895dcf0973/html5/thumbnails/17.jpg)
![Page 18: A Privacy-Preserving Index for Range Queries](https://reader036.vdocuments.us/reader036/viewer/2022062323/56816008550346895dcf0973/html5/thumbnails/18.jpg)
Tradeoff between privacy and performance
Provides a solution for range queries that Maximizes privacy Limits performance degradation